last executing test programs:

5m33.636186677s ago: executing program 0 (id=233):
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/stat\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10)
getsockopt$sock_buf(r2, 0x1, 0x1a, 0x0, &(0x7f0000000140))
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r3, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
write$P9_RLOPEN(r4, &(0x7f00000003c0)={0x18, 0xd, 0x2, {{0x20, 0x2, 0x5}, 0x8000}}, 0x18)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x4f}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

5m31.302443306s ago: executing program 0 (id=238):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket$inet(0x2, 0x3, 0xa)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x8c)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan4\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x1)
r7 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r7, 0xc040564a, &(0x7f0000000180)={0x0, 0x0, 0x1, 0x0, {0x2, 0x80001, 0x0, 0x2043}})
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$mixer_OSS_GETVERSION(r0, 0x80086303, &(0x7f0000000000))
r8 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
open(0x0, 0x14507e, 0x0)
getrlimit(0x0, &(0x7f0000000540))
sendmsg$kcm(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
syz_open_dev$loop(&(0x7f0000000040), 0x7ff, 0x8201)

5m28.967620126s ago: executing program 0 (id=240):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="0a000000090000000800000002"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1b, 0xc, &(0x7f0000000800)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000005c0)='svc_xprt_enqueue\x00', r1}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
read$FUSE(r4, &(0x7f00000021c0)={0x2020}, 0x2020)

5m27.888674392s ago: executing program 0 (id=245):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x5e0, 0x480, 0x480, 0x480, 0xf8, 0x248, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0x118, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@hbh={{0x48}, {0x8, 0x3, 0x0, [0xfff, 0x94, 0x4, 0x17, 0x6, 0x7ff, 0x0, 0x1, 0x0, 0xc, 0x9, 0x200, 0xda, 0x7, 0x7, 0xffff], 0x9}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}}}}, {{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], '\x00', 'dummy0\x00'}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x7, 0x2, 0x1, 0x2}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x640)

5m27.769526493s ago: executing program 0 (id=246):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x57}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
accept4$unix(r3, 0x0, &(0x7f00000002c0), 0x80800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001280)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
userfaultfd(0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018010d00786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x51)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000280), 0x8)

5m26.763350544s ago: executing program 0 (id=248):
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x80040)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
listen(r3, 0x400000001ffffffd)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000000)=0x7ff, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, 0xe)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0)
recvfrom(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ptrace(0xffffffffffffffff, r0)
close(0x3)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040), 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x4, @remote, 0x5}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)

5m11.288031464s ago: executing program 32 (id=248):
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x80040)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
listen(r3, 0x400000001ffffffd)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000000)=0x7ff, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, 0xe)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0)
recvfrom(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ptrace(0xffffffffffffffff, r0)
close(0x3)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040), 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x4, @remote, 0x5}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)

12.726268365s ago: executing program 3 (id=1260):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = timerfd_create(0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x10, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000200)=0x6)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendto$inet(r5, &(0x7f00000002c0)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001900)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a17477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfd7d38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deaddca4c60529c7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f429a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc20e30da511b47683db01ac69398685211dfbbae3e2ed0a50e7313bff500c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a321068c553dced04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f7700001338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000000000000000000000000000000000e1d0e710fe07e55b00000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a36ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad73f61ab6aa190f17c7ef0bf0b2c31961d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5189829b6b0679b5d65a6d072034cecc457776c5faef33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee36cfda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a8dfe5e173660bebf9c255f538687df5ae9374a794481152892620597c3c831a119ba16ea3157e265a651f66652391f63bc48e8a19e940000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632177fbac141416ac14141607089f034d2f87e5890c6aab845013f2325f1a39018602038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa00b3461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0, 0x2000000}, 0x2c)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "00641a", 0x0, 0x3a, 0x0, @mcast1, @mcast1}}}}}}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x1, 0x1}, 0x21)
close_range(r1, 0xffffffffffffffff, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

10.295635536s ago: executing program 3 (id=1269):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000580))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f00000003c0)={0x1})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_sfeatures={0x2, 0x1, [{}]}})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000540)=[{{&(0x7f0000000340)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000b00)=[{&(0x7f00000003c0)}, {0x0}, {0x0}], 0x3, &(0x7f0000000c00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r3, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4, @ANYBLOB="0000000014000000000000000100000b01000000", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x70, 0x40080}}], 0x1, 0x40884)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r6, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
bind$ax25(r6, &(0x7f0000000000)={{0x3, @null}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default]}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001140)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd604c2294e4efca6d171184ef9573530a843500140600fe800000000000bbfe8000000000000000000000004e2200000000000598d3bc955a90c2787ae36da20399c663e927bd5f5ecf900558267f3eebbdc3d89dd6edd2bfff7dd20e7c5cfba69bcdc29cca053834f020b9c6e2a407c07a41a93727fadc7f0c8fed438b823d6824242643e4f66efcab91d6f4697b766ddb", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)

9.25053322s ago: executing program 2 (id=1272):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_open_procfs(0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x200, 0x0)
mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r6, 0x0)
recvmmsg(r0, &(0x7f0000004940)=[{{&(0x7f00000003c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000000300)=[{}], 0x1, &(0x7f0000000440)=""/151, 0x97}, 0xfffffffe}, {{&(0x7f0000000500)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f00000019c0)=[{&(0x7f0000000580)=""/236, 0xec}, {&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000000680)=""/163, 0xa3}, {&(0x7f0000000740)=""/71, 0x47}, {&(0x7f0000001940)=""/73, 0x49}], 0x5, &(0x7f0000001a40)=""/217, 0xd9}, 0x5d093887}, {{&(0x7f0000001b40)=@l2tp={0x2, 0x0, @multicast2}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000001bc0)=""/169, 0xa9}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x2, &(0x7f0000002c80)=""/168, 0xa8}, 0x4}, {{&(0x7f0000002d40)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000003080)=[{&(0x7f0000002dc0)=""/197, 0xc5}, {&(0x7f0000002ec0)=""/241, 0xf1}, {&(0x7f0000002fc0)=""/152, 0x98}, {&(0x7f0000000840)=""/43, 0x2b}], 0x4, &(0x7f00000030c0)=""/35, 0x23}, 0x1}, {{&(0x7f0000003100)=@x25={0x9, @remote}, 0x80, &(0x7f00000032c0)=[{&(0x7f0000003180)=""/242, 0xf2}, {&(0x7f0000003280)=""/11, 0xb}], 0x2}, 0x1}, {{&(0x7f0000003300)=@tipc, 0x80, &(0x7f0000004840)=[{&(0x7f0000003380)=""/211, 0xd3}, {&(0x7f0000003480)=""/4096, 0x1000}, {&(0x7f0000004480)=""/21, 0x15}, {&(0x7f00000044c0)=""/144, 0x90}, {&(0x7f0000004580)=""/154, 0x9a}, {&(0x7f0000004640)=""/102, 0x66}, {&(0x7f00000046c0)=""/125, 0x7d}, {&(0x7f0000004740)=""/196, 0xc4}], 0x8, &(0x7f00000048c0)=""/102, 0x66}, 0x9c7a}], 0x6, 0x1, &(0x7f0000004ac0)={0x0, 0x989680})
pread64(r5, &(0x7f000001a240)=""/102400, 0x19000, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1c8, 0x12)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa10000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='percpu_alloc_percpu\x00', r7}, 0x10)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x18, 0x7, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

8.29235208s ago: executing program 2 (id=1273):
socket$inet_smc(0x2b, 0x1, 0x0)
epoll_create1(0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x698100, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x50)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)

7.128664807s ago: executing program 1 (id=1276):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3], 0x398}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000200)=@newqdisc={0x80, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{0x0, 0x0, 0x0, 0x6}, [@TCA_NETEM_RATE={0x14, 0x6, {0xffff, 0xe, 0x8, 0x1}}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x8}]}, @TCA_NETEM_LOSS={0x4}]}}}]}, 0x80}}, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="0500000000f7ffffff000600000008000300", @ANYRES32=r9, @ANYBLOB="0800050003"], 0x24}}, 0x0)

7.072081544s ago: executing program 3 (id=1277):
socket$inet_smc(0x2b, 0x1, 0x0)
epoll_create1(0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x698100, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x50)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$sysctl(r3, &(0x7f0000000000)='1\x00', 0x2)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)

6.853358205s ago: executing program 4 (id=1278):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x48000)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000080)=0x9)

6.30455828s ago: executing program 1 (id=1279):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000004c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0xe, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000140), &(0x7f0000000040)=@tcp6=r6}, 0x20)
recvmmsg(r6, &(0x7f0000001700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
shutdown(r6, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r7, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000"], 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x18, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000060000008500000082000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.475270348s ago: executing program 4 (id=1280):
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
syz_clone3(&(0x7f0000001300)={0x208202300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, {r1}}, 0x58)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x500, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

5.15234679s ago: executing program 2 (id=1282):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x8c)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan4\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r5=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x1)
r6 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r6, 0xc040564a, &(0x7f0000000180)={0x0, 0x0, 0x1, 0x0, {0x2, 0x80001, 0x0, 0x2043}})
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$mixer_OSS_GETVERSION(r0, 0x80086303, &(0x7f0000000000))
mq_open(0x0, 0x40, 0x0, &(0x7f0000000b00)={0x0, 0x7fffffff, 0x9})
r7 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
open(0x0, 0x14507e, 0x0)
getrlimit(0x0, &(0x7f0000000540))
sendmsg$kcm(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
syz_open_dev$loop(&(0x7f0000000040), 0x7ff, 0x8201)

5.10380199s ago: executing program 1 (id=1283):
chdir(0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x77, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000a40), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11df2dbd7000fedbdf250100000008000100020000008e2fd3119d9aac3ecb794b2cf0d162a6fb31d964057589dc08611123514dd6e5cd8270514fd8deba7410c156c01abd9eda0f4305cd1fe619d65b8844e557381374d3aac5828b5f03c9f4c85e7237be012e8417692eefe54239271fd097a99963aae0d50e9b535811a206527e1c8bb7c14af821fcae0b5f65b8ebe27efc06cb23c6b814"], 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000001c0f0000000000000000d70a00000000000000000054af4afe18cf5133ba4d1f3697652687610422b1fda7fee30be4b14b8cc4de9b5b3a75315e5fe63729dcac42fafbb55b06bf4286a609d6362ca02aeafe525e8a4aef83d63af6a0aa02cb874ef54925b26f2256efb1701673562f92b41091ae4415e33a0d685508d511b8a5060c960d3628cc2f391e1c0c28d3cf1e19f3074449e36ca2d0da830a57afdea6faec4df6d6401fac725c868411605c9b7ac9711eb23ebd45a23361a09528ef6874d64fd345a74eae051d4179e99ce3000000000000000000"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1202, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
r5 = epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r7, &(0x7f0000000100))
shutdown(r6, 0x0)
pselect6(0x40, &(0x7f0000000180)={0x1f, 0x0, 0xffffffffffffffff, 0x400000000000, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_SNDMTU(r8, 0x112, 0x13, 0x0, &(0x7f0000000080))
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
epoll_create1(0x0)

3.840265189s ago: executing program 5 (id=1284):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYBLOB='\a'], 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r3)
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r4, 0x5407, 0x0)
ioctl$TIOCSTI(r4, 0x5412, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
capset(0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(0x0, 0x9)
ioctl$SOUND_MIXER_READ_DEVMASK(r5, 0xc0044dff, &(0x7f0000001480))

3.707949355s ago: executing program 3 (id=1285):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1e000000000000006e000000feffffff809a0000", @ANYRES32, @ANYBLOB="370d000000000000000000000000000000000000fd816819a9933df681c8b14dc5b8f87389f52eae54a89d12f144e5aeb1630992619878a09a9b951a1aff98c73726c0bd8927633deef806f84ef6b73351d775f68c43786f4e50ad8339e35264a95bd0f4e59c", @ANYRES32=0x0, @ANYRES32, @ANYRESDEC, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000580)={0x0, @loopback, @empty}, &(0x7f0000000400)=0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000040)={0xc0, 0x0, 0x10000})

3.673163498s ago: executing program 4 (id=1286):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x240840, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='wchan\x00')
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000021c0)=0x1, 0x4)
setsockopt(r1, 0x1, 0x10000000000009, &(0x7f0000000100)="0100ddff", 0x507b420f2d51f971)
setsockopt$inet6_tcp_int(r1, 0x6, 0x4, &(0x7f0000000040)=0x3e, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x2)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000a40)={0x2020}, 0x2)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r6, r5, 0x0, 0x3a)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

3.547404475s ago: executing program 5 (id=1287):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x70}}, 0x0)

3.524976435s ago: executing program 5 (id=1288):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=@newtfilter={0x1fc, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x1c8, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_ACT={0x1ac, 0x2, [@m_gact={0xb0, 0xb, 0x0, 0x0, {{0x9}, {0x64, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x49c, 0x10000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0xd3a, 0xfffffffffffffffd}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6b, 0x4, 0x1, 0xd8000000, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0xf, 0x100, 0x3, 0x5, 0x400}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x167c, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x3, 0x1}}]}, {0x23, 0x6, "cbb2d206e90ab8c0696bf8968c175b6078dc47211fbadb71037927742c4cd7"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_vlan={0xf8, 0x14, 0x0, 0x0, {{0x9}, {0x68, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x53c}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xfec}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x1, 0x0, 0x0, 0x322, 0x5}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x316}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x5}]}, {0x65, 0x6, "7702f4fedf9c52fa3ab0ccde064c28b146c871cb7d41635a3ad293e8081ac0b2b659e82cd17b75287d9848988e96e0a506a060b1030c66cca3a448cb2daff26f0f3f92a94d1f3cdcdf5ed0d7bb0e9496a0313f8c7a224aa8ec38732861425afe47"}, {0xc, 0x7, {0x1, 0xe33f1bd3eb8299b0}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0x10}}]}}]}, 0x1fc}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.469283179s ago: executing program 5 (id=1289):
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="10007490f2c93b", @ANYRES16=0x0, @ANYBLOB="090200000000000000000f000000"], 0x14}}, 0x0)
syslog(0x2, &(0x7f00000002c0)=""/227, 0xe3)
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x93}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x11, &(0x7f00000000c0)=@conn_svc_rsp={0x0, 0x0, 0xa, "f86d2377", {0x3, 0x1, 0x0, 0x0, 0xff7f, 0x1, 0x1}})
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1241, 0x5015, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000780)={0x2c, &(0x7f0000000ac0)=ANY=[@ANYBLOB="20316b0000006b2247677cca704a8e6b213ebeec8e3ffa90054e1006b114ae671138904abc7b7bc06062103abf66dd24dc64f6524fb79d7088ba757cca771653f4d8368242c39ad5e93cbfdf1640bc16320f410d8464253d830baad93021805c54a00a4ed947d6c40b057b7cbb64df8a3f4b6e28bc31fb03a4206e86eef2082affcf43510da82c171dac15475a342a8ae7975f482765a9d9f2398b6226ccad3416f855d4699ef4a96bc2879ec299c7d5363b72d018412bb252c720640fc5768ff0e5c2d0c132a068834e0628616345e673dc8f5ca1acebf05d48940e794864f80f4390e9bef9a2889d722e9eeea815798c30700500a282fd31f0c2c8569b300a487e973e17207e552e33b1c80d1f3eaf9ec01996f162e8444084eb6a98e892dd970aac73828e419db73e6c2f845dc2192f4b00916197c30ea03c69bb21fbaaca221c5f5d217c3c7c1f3fae3b8919e89212f200e860bb4222d8c0425b65f4bf75eebb697919d0a4abd29cb4836945eefdfff0ebcffa551296930928f533a98b97b46e32635fd0f4e9b8bc3c44aa1dc78b819389a93562f79324ccfec6c1ad6b"], 0x0, 0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
socket(0x15, 0x5, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000500)={0x2c, &(0x7f0000000140)={0x0, 0x0, 0x19, {0x19, 0x23, "d034c22093354a6a290873c5e687ff5a7d7b164d8e9838"}}, &(0x7f0000000300)={0x0, 0x3, 0x29, @string={0x29, 0x3, "6a733516a29bd97f7009a8846566d6528d2789d0871f539b3f7c955d6b06f9e21f357a365020b5"}}, &(0x7f0000000340)={0x0, 0xf, 0x30, {0x5, 0xf, 0x30, 0x5, [@ss_container_id={0x14, 0x10, 0x4, 0x15, "4f1002ec343194b2c60676d236933ce6"}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x4, 0x0, 0x9e35}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x2, 0xd, 0x5}]}}, &(0x7f0000000380)={0x20, 0x29, 0xf, {0xf, 0x29, 0x40, 0x10, 0x4, 0x4, "3a4cb0df", "91907ae0"}}, &(0x7f00000003c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x0, 0x0, 0x0, 0x7, 0x3, 0x4, 0x6}}}, &(0x7f0000000a00)={0x84, &(0x7f0000000540)={0x0, 0xd, 0xa3, "238377888df75e37e4f1e395ba0fa8e3a405803050914abd63a12b70c6b227b55ecc90d1603a1018312adbfbcd632971e5ff357517eb2de8dba375d4d433e2c477761c937a28d7f557d9b2a57ebb4a82d67d82fd0d36c190ffac81019292cda34e0614b5d2e0efc0356d9a38babfbc22a13c8be8353e7bda4041da64ea69f8c641cd097425d298d320a406124d56736a1078b4511d22379bdc10c71e44f16ddcd5c583"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0x6}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0xb0}, &(0x7f0000000680)={0x20, 0x0, 0x4, {0x2, 0x2}}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x80, 0x4}}, &(0x7f0000000700)={0x40, 0x7, 0x2, 0xaa1}, &(0x7f0000000740)={0x40, 0x9, 0x1, 0xb}, &(0x7f00000007c0)={0x40, 0xb, 0x2, "c66c"}, &(0x7f0000000400)={0x40, 0xf, 0x2, 0x8}, &(0x7f0000000840)={0x40, 0x13, 0x6, @random="4c4277240479"}, &(0x7f0000000880)={0x40, 0x17, 0x6, @multicast}, &(0x7f00000008c0)={0x40, 0x19, 0x2, "63a2"}, &(0x7f0000000900)={0x40, 0x1a, 0x2, 0x2}, &(0x7f0000000940)={0x40, 0x1c, 0x1, 0x1}, &(0x7f0000000980)={0x40, 0x1e, 0x1, 0xb5}, &(0x7f00000009c0)={0x40, 0x21, 0x1, 0x5}})
write$binfmt_script(r4, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$tipc(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000001000)="ad4308a803a93ae832cfe6d5ef23337e0f698efa258fa9d3bc1c9df29b8749c5ffd0074397d4b10c19ca158b9169fc747e0ce81800f6ab54701b60db0d358f0341b17544b7edabe88d90fc5a63b52a5eee75baf1278b9c106f3c728d86482d41a1b38f52ef3ad9e716e77953d785625a2279cf4fd6266ccaba213de2e35c65a01968cf04d00a1ca520baf750b816fafde164d33bfafb0fee4aae07b55527d4d61deda8a79a1be0238b8309d25f34019a61f0363bd8bdf6bae02edd9d34b01b8157e510898a6e7d7217224d331981b5c2bb14d88bdc317c7a88eb04c5ef7be4021f8dbbf25c65b82d0f787de0c0b87c2d51c21e948c9c8f8077e0341b04c4ff0c0f3e7a48fae5ca15222bc350f59307d42d0670f91610d4dec94cfbbbe3b383decd29515965a3059d4b2cbed6a77948d374d320ef04b9fd74c87eef26125b3e3418aca9bd8e98db179d57611d0f85528116cae7b18393dd78c7528c45e7a8d64db9adb31bb95564d75ff0dc06fb71fc52ee5c02779cb166d93180cbd74ab3fb7e19b3509381c4e2b6e9cb7953347d0993c3d7445d201aa1e11c8eace70bc364fb0572af4c00f9c53d1a8fa4702a792ff9a83eef082e90a18dadd9dcbbc808b8887be9f1b74d8bd5de8adfbcd46b7ab3df6ea858bff5a1b4b5d5f85a6df2e90f370f67e9b7b9e9e02f7b5cb615a86297b112bd735d61d66e25624c465d5a87bfc7f7ec3daac70d4abc99c7a12cc79a14e9a7618a86a295c0fd5cbd9f716ad49a35b152828c3a16bdd4b649d0bf6a1c80a500cdde4627b13751d91cb67fd9003ba3a91891f240be702f978e4e55354de192406defe3d84917f02e27855d6611d8ffc41f73ea5abd7b0f48ad277b691a27e5b747a7d8aa632920f3fce2788d4437fc23f59f9a4b4dbe7fa3460c5c4047277a8b02cb508a2c1853d14aa78689c4814b44391bfc4acc022e7119e9109d35225271c063d6d89d09347a8c1d2ab958bad1ac3890de420877b875272db3402a63da014a38c8ddb9568f00c7c29f31d11bcd473dac29c91247d570cc491384ece7f19ce3a3e4b2c8d72bde83120c3c7d38b49fbb640d7842f9f9a86b1ea6915b2121b72e281667bec82aeb7665d5dde31c6bceb7eb14f41f08d71faaf1b8f31f96564a8add5fbdb69045bfba0fbf3a4e1ea032bbbf3babe0de46ca56fd7738562e8c65c7ad1e8ecf3fe810cca9521a345af1d1bab6eac8a35e391bf1787bf16ee6050635188afa2f9b455c44690b2fecf9f40f08a10c7caf00744db2d389f2d618abcf44e5a45348c186fe926d1eb87f7b402735c05ae96544b5ab3367b60bdb4598152cea9f8f2844ca81fd5fd0b87383db0024db1d2b3c7469245793199cb5aba92dafaf2c90a9e1a93841ff78663ca97d8d51deba8cc06f3f5b7a1af71d3b65dfa48c9acd436bf364641db455d6e8e8ed644b30a4dd7806f1ba82f33c856c76e1f28ec3939e1ad0a7d38426e7af4ae49c0aa9e575a13d9d520aa84bd15090c28a142777e0b6a9d5ddd07918e3a20257a6be334196489ee60ba275d0b821d1ff315da51921111905409311b457fef71d2679a271752cd98cd9b0b1f871ec2e1e02525b41587f88a0bbf7bb63e34f8ca3975789c252a0b803518f2c03d327af92f9c2ed4ec9beb301da910331ad8a2d79c2c461362662c47859154ce8a26c9a12bcae161899a4005572dd3191cec8e4db0ab78816455c0a388c78a979c8ebe0593b23a7fd8681555d686507cf215dd4b1ce9ecd49fb7a4e2884f0449e40bf8eb6347f59a268e7a51441890200a4bb9e86aa18c088e5994699657d4d2d518bf83b59adc8220841e7ad807ed7adad95403d2319836d069b15d245ce013867121224e5e74371c32ff8cd9d19cc477ca36b5e0ac7c15041f2fe7f46a91a8c9cd089f4f38a6118f45f1fc9c48eb4820d355a869fecc2b391630b13aeacb2b745b22018d554a2b8d833f404784f1687d554089aedba3d7036788860bf66e8735603e6e2ed2235e8800931fdc30c9eec3d224650c5b58229faaa9cfacc31", 0x5a9}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x21, &(0x7f0000000540), 0x4)
sendmsg$tipc(r6, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r7}, 0x10)
sendmsg$tipc(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16=r2], 0x2c}}, 0x0)

3.457835032s ago: executing program 2 (id=1290):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000e40)={{0x12, 0x1, 0x0, 0xd8, 0x68, 0x2a, 0x20, 0x19d2, 0x1075, 0xf4d6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x4, 0x50, 0x0, [{{0x9, 0x4, 0x32, 0x10, 0x0, 0xff, 0xff, 0xff, 0x1}}]}}]}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000004c0)={0x14, 0x0, &(0x7f0000000e00)={0x0, 0x3, 0x1a, {0x1a, 0x3, {0x3400320034003200, 0x3400320034003200, 0x340032003400321d}}}}, 0x0)

3.394228769s ago: executing program 3 (id=1291):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002700)={&(0x7f00000026c0)={0x14, 0x0, 0x325}, 0x14}}, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r1)
r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000640), r1)
socket$inet_udp(0x2, 0x2, 0x0)
syz_io_uring_setup(0x324d, &(0x7f0000000080)={0x0, 0xc217, 0x13580, 0x2, 0x18a}, &(0x7f0000000100), &(0x7f0000000280))
openat$adsp1(0xffffffffffffff9c, 0x0, 0x60100, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
shmctl$IPC_SET(0x0, 0x1, 0x0)
r4 = syz_open_dev$admmidi(&(0x7f0000000180), 0x0, 0xc2100)
fcntl$setownex(r4, 0xf, &(0x7f0000000240)={0x0, r3})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt$sock_int(r8, 0x1, 0xa, 0x0, &(0x7f0000002ec0))
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r9, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000740)={0x0, 0xffa6, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, r2, 0x31b, 0xb}, 0x14}}, 0x0)

2.446527055s ago: executing program 4 (id=1292):
sched_setscheduler(0x0, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x8a9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x192}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_open_dev$swradio(&(0x7f0000000180), 0x0, 0x2) (async)
r3 = syz_open_dev$swradio(&(0x7f0000000180), 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$VIDIOC_S_TUNER(r3, 0x4054561e, &(0x7f0000000440)={0x0, "be3ff4f2b71ad75cbc5ad31906b40f70ea0177f7f3f12a503b7e8e589e845b00", 0x0, 0x80, 0x0, 0xd, 0x8, 0x0, 0x0, 0x4}) (async)
ioctl$VIDIOC_S_TUNER(r3, 0x4054561e, &(0x7f0000000440)={0x0, "be3ff4f2b71ad75cbc5ad31906b40f70ea0177f7f3f12a503b7e8e589e845b00", 0x0, 0x80, 0x0, 0xd, 0x8, 0x0, 0x0, 0x4})
io_setup(0x8, &(0x7f0000000240))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x42, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000200)) (async)
clock_nanosleep(0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000200))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x10, 0x4) (async)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x10, 0x4)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c)
syz_open_dev$swradio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) (async)
r8 = syz_open_dev$swradio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
r9 = mq_open(&(0x7f0000000300)='-/\x00', 0x40, 0x140, &(0x7f0000000380)={0x0, 0xdbd3, 0xfffffffffffffffe, 0x5})
mq_notify(r9, &(0x7f00000003c0)={0x0, 0x1c, 0x4})
ioctl$VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "a0e0f75acb43c4bdf45200"})
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
write$binfmt_script(r7, &(0x7f0000000000), 0x61)

2.382033082s ago: executing program 3 (id=1293):
socket$inet_smc(0x2b, 0x1, 0x0)
epoll_create1(0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x698100, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x50)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
write$sysctl(r5, &(0x7f0000000000)='1\x00', 0x2)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)

2.139205422s ago: executing program 1 (id=1294):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x15)
eventfd(0x7)
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
read$msr(r1, &(0x7f000004b680)=""/102392, 0x18ff8)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/key-users\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000dc0)={0x2020}, 0x2020)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
read$msr(r3, 0x0, 0xffffffffffffff15)
setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000000)=0x8, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@gettaction={0x14, 0x32, 0x605, 0x70bd25, 0x25dfdbfd}, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000c40)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2f00000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000003000000b7030000000000006a0a00fe0000000085000000c0000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e2b42bf0ed0c8cef3ba2a730a00c87c493e1fa60e63fda97a29682881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c0100ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca78a0000000000000010c65608fda6ed5d08e7a796042aa127d8741057e8c82d4cd1ff87d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de57f9c4af1e094fa4e3f05528c2a165996efb5a430c08dd810bc97204b767dd969721a26aa74e1bf4b9e0ac67ca77315af1c88265f494f88d1cc6cec905602f479c622422c7a6738cce189a2f4f3fd25a5e3a183e6491333593188f1133a03db633428ff2cc0ed186f7c169386b22a65de09e7bc87ddc48d9f932f39639a012b43efd7c64221d5a36db82f415dc05a04da03df9eca141636c35f863a77f3ee3ba73b7d79d69494750de5fa25bfd0c4874041f3f2ef8db57e9c79039e47a010b998277837559c3a00000000b72cb719bfa4a7a95014dede3e21509f5042b4c9a27c9e3e7d71b388fca4ac8153c0accc452e849e52fab7496d96282fce364944"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1.006928812s ago: executing program 4 (id=1295):
ioctl$SNDCTL_DSP_SUBDIVIDE(0xffffffffffffffff, 0xc0045009, &(0x7f0000000300)=0x8)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000440))
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000000c0), 0x10)
ioctl$SNDCTL_DSP_SUBDIVIDE(0xffffffffffffffff, 0xc0045009, &(0x7f0000000200)=0x1)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, &(0x7f0000000500)={0x0, 0x18a, 0x0, 0x0, 0xc})
socket$packet(0x11, 0x2, 0x300)

922.099801ms ago: executing program 4 (id=1296):
socket$inet_smc(0x2b, 0x1, 0x0)
epoll_create1(0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x698100, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x50)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$sysctl(r3, &(0x7f0000000000)='1\x00', 0x2)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)

740.640088ms ago: executing program 1 (id=1297):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYBLOB='\a'], 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r3)
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r4, 0x5407, 0x0)
ioctl$TIOCSTI(r4, 0x5412, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
capset(0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x9)
ioctl$SOUND_MIXER_READ_DEVMASK(r5, 0xc0044dff, &(0x7f0000001480))

658.979227ms ago: executing program 1 (id=1298):
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0xcc9e0000)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000000feffff620af0fff8ffffff71a4f0ff00000000ae04020000000000be400300000000006504030001ed00007b130000000000004d44000000000000620a00fe000000007133000000000000b5030000000000009500000000000000023bc065b7a379d17cf9333379fc05000000912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50bec919bc461e91a7168c5181554d1b583c587e436fe275daf51efd601b6bf01c8e8b1b526375ec5dd6fcd82e4fee5bef7af9a0200000000000000e3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f645679c294392cf538b07ce2646cb7798b3e6440c2fbdb00a3e35208b0bb1d2cd871c5548930be3835f2554b4a28610643a98d9ec21ead2ed51b104d4d91af25b84550a7925c3109b151b8b9f75d80000000eda88c658d42ecbf28bf7076c15b463bebc72f526d8e4a9e231d512381e7a78afcb913466aae7f6df70252e79166d858fc152b659da074e1320060d0b11008e59a5923906f88b53987ad1714e72ba7a5b74f0c33d39000d06a59ff61622cfd9aa58fe8d485ae2c0cc65c2a36aaec2477584b6a89adaf17b0a6041bde4cc3ed54d27f777e92b87496e6649cf728d236619074d6ebdf098bc908c423d228a40f9411fe7226a40409d6e37c4f46756d31cb46761bade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18de0ae564162a27afea62d84f3a10746443d64364f56e24e6d21053d901204a1deeed41556175cbd4041b7d301bcb72652d950ad31928b0b093778b68e2e9853c02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f98928d5e9b94ff9ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cff538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595bcf50ab32d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063b59261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6f8c3a13596c2ea3e2e04cfdce669e51731b2875353193f82ade69d0540059fe6c7fe7c00fb7502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abd47b64a1b304502dda787343ce3c95300000000010000003baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022af46667cf25c5d3038816106dec28eaeb88343261a48a18f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfeff59d54d1f92ecc4e95dd2d18383117c03987d198899b212c55318294270a1ad10d30fef7c24b78b29d83238273f4fc87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca571380d7b4ead8eaf68b0c5dda0467d35a3807000000b702396df7e0cbe02b6e4114f244a9bf93f04beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ea1e717d29135753208165b9cdbae037f315c7d951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d7012c1b45f6ada1ee7baa5b6a686b50f09b7f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac4d73a008364e0602a594817031fc2ff2c32a1989e00f52f8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a3c3e6e4fd2e016820f78b796a825b3dad9ce7b37507e0b83c3ecd01549bca6a016b3e18a00c748894dc3bfe5efda8b0a477d6a6562fdee45eb16e276dee992094ba9830f6c164179e7d532d86060bea930118d3cae1b8f916b9671b7000000000040f4bee5ad2dea2d14e195265504c05bba38b095e1679f96ddef65ba5de9c8cfb6465ae4165c0689a314a6eb6b36aa705b957edef3035e14b879d4e7dc00624708042e00bf9a7f7ae5f308744770759558e4fcb99c0dc957521ef255362bf2f3966f3754e81fb9bdef22c19f5a49147b85343f9f36bcda9f64b7a5c5b2f5452f5b1de02e6f15c5640bf89d4a74d51dc233dee628c1dfbb5566b98478c174b34eb234481547e484c6af101396b6977dd668b401391c1dc54f2edccf1cabe6be9868d383eb937efdfd9ade018106f544f04fc07ad525497f65fbad3cf145396acf3b0d38e6b46e28d86880fd6f62c373000000000000000000005d194c27cd4d8f6727de79be80fb4493a0ee2e85f59c71dc84311c0f1fb6c87081c7be9355288610c32c2d8c18bf2027212182903687f48262aea54c5f8a315c9aa4a5af1aa2c4007d1baae38c270012b7eb9411ae451204dba30f8321b07a18db97c3e0cf6a15170e515b1cc463a67a5b2b23ec5662ccfa898b8d5075647bdfb390cde56efb8fd42df12c5c8f66bdc58449ec2b38bf12f5f0a49dcbcf4e6f11c47d23fa34793a0000a1cbb1e06e9a8d2449451d7a05ec0a0d3c9716f505ddeba488c60ebf44cac05c2739694359c925148137376dd3f1330ed0e9211f73ee279cc0b5c298422395ce438f48a39ff569375e609f9e904aacc3d8011326d5e4d654c74501cf16bbf72d3984f9b4ef000000003a8a3d49fc837001e4622e58e3a4ef6b55a8dd0680d951cdb6e54ed92a9a6a0e5e494b7b7b0ef4b4bafc5d964551b2a22bfd12b0761ef07a103e51e84917ee44f860b9785e264343f6a80e9318edecf73df6940856cd56c56eb3831445833c701044aaa49439a44a624267580b3c0980d7f87437bf498f6e1915450400000000000000564a02552c0a5fedbcf4da0db6ed03b9dbc224ee76d20aaf1ac74bcb7eb6f202209e64cc4d130dcf6ab3df8ae4911deb4bb5c7df97fc348d151e834be73915f854272f69d88123f666448b6a8e73322b04fffea9cc05e4129debf311c73b4d1a244b1e5b9943028745a0b6477686740ab877315e35624d791e6f71adb1acd3e22cf472ff7e048b16c11c84da9a3b16b92665912132a4dba680052919c20e191311d8092a09f3c609823fed1bd651ce1c34de105790ba2ca3afa26647f66efbf97b109e7226c74e32beb14ff3fd6918e255fc9b42f86b0188cf885afcc9bb77a7fc3ca7ec1015af494add960f8a11422ca005f24006867cd156e0350022943e301b2c07f4d37d07b05ac2fa1f1d5a0d6eb7e992b076bd77509c26034d2a740d578476410b413591884136259693effaf27e7bcfb58efa92625fb9bd68ecca42047f6e7d24b0446ea16a310073c163d1c6aa3ba1fe76b4e88d5f98cc05c6d033e2c28b4990892230d6b4e5c083a601a25145eb22f4f77313117f8147810d95c64fb78b0a000000000000000000000000e92ba8b066e4bd82bb6003d5da8791d838bcd6eefb13000000000000000000000000000000b652ff6fbad82da75114742bc6a27cba894ef490531be709a3a3c81b267dfafa55e6f855200b4e7518682c30f40808cd5bb8f00beb63b4989cc01d8e75a182337b9f9e08430ccec9bda0134d07a9f54b60033182f5d2bb61fd130d65e68bf148d26470060c707a8cf750ca954ee63c78cd975c7f565783383f02edcb7ce4a9ed0c511d18fe32352276d72eefe0d566f97ccae16b3492f60b96574aac4f1862fb6e4932c181dbf8c68ca16b765de9edba0bf5bfb9c4950d19c0bc31db02f374ce62141160436639d4b6cb0033a47ffdc54d55f1136743b1b26946f200000000000000007590ab8f29c7accd9d11786c4ca1271cd2293b572f14a3dfcaa3467f2783fc09e3eee3fa4b82b7b6ce904e05fa797a2f7ff63e4f874bd870821f6460904e05d7a3f8295a9a5fd21e3587b9d9e878c86ba9b66c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000080), 0xfffffffffffffdbb, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffff00000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240), 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c000000710400"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000180016801400018010000600000000000000000000000000140014006e723000"/52], 0x4c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000001040)={'syztnl2\x00', &(0x7f0000000f80)={'ip6gre0\x00', <r9=>r5, 0x29, 0x9, 0x5c, 0x7fff, 0x2, @local, @loopback, 0x1, 0x700, 0x0, 0x9}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001080)={<r10=>0x0, @initdev, @private}, &(0x7f00000010c0)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000e40)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xa}}, [@filter_kind_options=@f_bpf={{0x8}, {0x3c, 0x2, [@TCA_BPF_ACT={0x38, 0x1, [@m_mirred={0x0, 0x18, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x0, 0x2, {{0x2008, 0x36b4f4c5, 0x6, 0x10001, 0x1}, 0x2, r8}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x3, 0x7, 0x2, 0xff, 0x8}, 0x4, r9}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x2, 0x7, 0x7, 0x10001, 0xffff}, 0x4, r5}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0xfffffffd, 0x101, 0x8, 0xea, 0x52a}, 0x1, r10}}]}, {0x0, 0x6, "9bc0423062a02e59259286bf237bafce7253401902c770a945e4b5151058b11e8c3c7739d9da35c546248aa78508f4d1e49682c86f4b1ab9c307cff388fefe41cfdb1a"}, {0x0, 0x7, {0x1, 0x1}}, {0x0, 0x8, {0x1}}}}]}]}}]}, 0x68}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x74, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x48, 0x2, [@TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x38, 0x1, [@m_tunnel_key={0x34, 0x0, 0x0, 0x0, {{0xf}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x74}}, 0x0)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002200)='/sys/fs/cgroup', 0x0, 0x0)
fchmodat(r11, &(0x7f0000001000)='.\x00', 0x0)
r12 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
r13 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
dup3(r13, r12, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000001100)={<r14=>r6})
close_range(r13, r14, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000280)={'syztnl1\x00', r5, 0x29, 0x1d, 0x7, 0x9, 0x23, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8, 0x10, 0x4, 0x10001}})
r15 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001280), 0xaa000, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r15)
ioctl$FBIO_WAITFORVSYNC(r15, 0x40044620, 0x0)

138.539175ms ago: executing program 2 (id=1299):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=@newtfilter={0x1fc, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x1c8, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_ACT={0x1ac, 0x2, [@m_gact={0xb0, 0xb, 0x0, 0x0, {{0x9}, {0x64, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x49c, 0x10000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0xd3a, 0xfffffffffffffffd}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6b, 0x4, 0x1, 0xd8000000, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0xf, 0x100, 0x3, 0x5, 0x400}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x167c, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x3, 0x1}}]}, {0x23, 0x6, "cbb2d206e90ab8c0696bf8968c175b6078dc47211fbadb71037927742c4cd7"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_vlan={0xf8, 0x14, 0x0, 0x0, {{0x9}, {0x68, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x53c}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xfec}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x1, 0x0, 0x0, 0x322, 0x5}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x316}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x5}]}, {0x65, 0x6, "7702f4fedf9c52fa3ab0ccde064c28b146c871cb7d41635a3ad293e8081ac0b2b659e82cd17b75287d9848988e96e0a506a060b1030c66cca3a448cb2daff26f0f3f92a94d1f3cdcdf5ed0d7bb0e9496a0313f8c7a224aa8ec38732861425afe47"}, {0xc, 0x7, {0x1, 0xe33f1bd3eb8299b0}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0x10}}]}}]}, 0x1fc}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

130.25738ms ago: executing program 5 (id=1300):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x70}}, 0x0)

74.210692ms ago: executing program 5 (id=1301):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x8c)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan4\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan4\x00', <r5=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x1)
r6 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r6, 0xc040564a, &(0x7f0000000180)={0x0, 0x0, 0x1, 0x0, {0x2, 0x80001, 0x0, 0x2043}})
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$mixer_OSS_GETVERSION(r0, 0x80086303, &(0x7f0000000000))
mq_open(0x0, 0x40, 0x0, &(0x7f0000000b00)={0x0, 0x7fffffff, 0x9})
r7 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
open(0x0, 0x14507e, 0x0)
getrlimit(0x0, &(0x7f0000000540))
sendmsg$kcm(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
syz_open_dev$loop(&(0x7f0000000040), 0x7ff, 0x8201)

0s ago: executing program 2 (id=1302):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r1=>0x0})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, <r4=>0xffffffffffffffff, 0x1})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r5, 0x3ba0, &(0x7f0000000400)={0x48, 0x7, r4, 0x0, 0x10001, 0x0, 0x1, 0x0, 0xd3b03}) (fail_nth: 8)

kernel console output (not intermixed with test programs):

nterface descriptor's value: 3
[  268.801705][ T5826] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  268.811939][ T5826] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.910905][ T5906] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.922771][ T5906] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.938363][ T5906] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  268.958500][ T5906] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  268.978997][ T5906] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.941978][ T5906] usb 5-1: config 0 descriptor??
[  269.950690][ T5826] usb 4-1: usb_control_msg returned -32
[  269.956307][ T5826] usbtmc 4-1:16.0: can't read capabilities
[  270.013788][ T8720] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  270.025153][ T8720] PKCS7: Only support pkcs7_signedData type
[  270.230925][   T25] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  270.435039][ T5906] acrux 0003:1A34:0802.000B: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.4-1/input0
[  270.446805][ T5906] acrux 0003:1A34:0802.000B: no inputs found
[  270.452888][ T5906] acrux 0003:1A34:0802.000B: Failed to enable force feedback support, error: -19
[  270.569853][ T8715] fuse: Bad value for 'group_id'
[  270.579286][ T8715] fuse: Bad value for 'group_id'
[  270.621850][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  270.633006][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.654555][    T9] usb 5-1: USB disconnect, device number 10
[  270.659589][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  270.680520][   T25] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  270.689632][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.713162][   T25] usb 2-1: config 0 descriptor??
[  271.004447][ T8737] netlink: 4 bytes leftover after parsing attributes in process `syz.2.652'.
[  271.058540][   T29] audit: type=1400 audit(1730766094.325:532): avc:  denied  { accept } for  pid=8738 comm="syz.2.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  271.127682][   T25] acrux 0003:1A34:0802.000C: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[  271.139524][   T25] acrux 0003:1A34:0802.000C: no inputs found
[  271.148116][   T25] acrux 0003:1A34:0802.000C: Failed to enable force feedback support, error: -19
[  271.733846][    T9] usb 2-1: USB disconnect, device number 13
[  271.749346][   T25] usb 4-1: USB disconnect, device number 7
[  271.787431][ T8745] netlink: 'syz.5.655': attribute type 1 has an invalid length.
[  271.930021][ T8747] 8021q: adding VLAN 0 to HW filter on device batadv1
[  271.995682][ T8747] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[  272.189728][ T8724] fuse: Bad value for 'group_id'
[  272.226531][ T8724] fuse: Bad value for 'group_id'
[  272.884023][   T29] audit: type=1400 audit(1730766096.125:533): avc:  denied  { ioctl } for  pid=8752 comm="syz.2.656" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  272.909236][    C0] vkms_vblank_simulate: vblank timer overrun
[  272.930014][   T29] audit: type=1400 audit(1730766096.125:534): avc:  denied  { append } for  pid=8752 comm="syz.2.656" name="sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  272.933675][ T8760] netlink: 'syz.3.657': attribute type 4 has an invalid length.
[  272.953512][    C0] vkms_vblank_simulate: vblank timer overrun
[  274.819792][ T8792] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  274.828683][ T8792] PKCS7: Only support pkcs7_signedData type
[  274.900799][ T5826] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  275.088876][ T5826] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.100866][ T5826] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.217185][ T8793] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  275.218002][ T5826] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  275.238885][ T8773] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  275.278820][ T5826] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  275.289597][ T5826] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.324695][ T5826] usb 4-1: config 0 descriptor??
[  276.002433][ T5826] acrux 0003:1A34:0802.000D: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.3-1/input0
[  276.043569][ T5826] acrux 0003:1A34:0802.000D: no inputs found
[  276.248172][ T8804] fuse: Bad value for 'group_id'
[  276.250577][ T5826] acrux 0003:1A34:0802.000D: Failed to enable force feedback support, error: -19
[  276.291633][ T8804] fuse: Bad value for 'group_id'
[  277.421168][    T9] usb 4-1: reset high-speed USB device number 8 using dummy_hcd
[  277.460267][ T8818] netlink: 'syz.5.672': attribute type 4 has an invalid length.
[  277.509582][ T8821] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  278.130577][    T8] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  278.296565][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.375057][    T8] usb 5-1: config 0 has no interfaces?
[  278.404544][    T8] usb 5-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99
[  278.419701][ T5873] usb 4-1: USB disconnect, device number 8
[  278.442417][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.461654][    T8] usb 5-1: Product: syz
[  278.475819][    T8] usb 5-1: Manufacturer: syz
[  278.482607][    T8] usb 5-1: SerialNumber: syz
[  278.497514][    T8] usb 5-1: config 0 descriptor??
[  278.643769][   T29] audit: type=1400 audit(1730766101.915:535): avc:  denied  { read } for  pid=8841 comm="syz.5.680" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  278.651674][ T8846] block device autoloading is deprecated and will be removed.
[  278.673268][   T29] audit: type=1400 audit(1730766101.915:536): avc:  denied  { open } for  pid=8841 comm="syz.5.680" path="/75/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  279.067566][ T5873] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  279.253974][   T29] audit: type=1400 audit(1730766102.525:537): avc:  denied  { ioctl } for  pid=8841 comm="syz.5.680" path="/75/file0/file0" dev="fuse" ino=0 ioctlcmd=0x928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  279.292173][ T5873] usb 4-1: Using ep0 maxpacket: 16
[  279.319720][ T5873] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  279.379325][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  279.407954][ T5873] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  279.421063][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.429200][ T5873] usb 4-1: Product: syz
[  279.433767][ T5873] usb 4-1: Manufacturer: syz
[  279.438433][ T5873] usb 4-1: SerialNumber: syz
[  279.444936][ T5873] usb 4-1: config 0 descriptor??
[  279.452931][ T5873] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  279.506718][ T5873] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  279.711166][ T8853] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  279.719883][ T8853] PKCS7: Only support pkcs7_signedData type
[  279.790661][    T8] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  279.942197][    T8] usb 6-1: unable to get BOS descriptor or descriptor too short
[  279.962151][    T8] usb 6-1: not running at top speed; connect to a high speed hub
[  279.986650][    T8] usb 6-1: config 239 has an invalid interface number: 211 but max is 0
[  279.995484][    T8] usb 6-1: config 239 has no interface number 0
[  280.002253][    T8] usb 6-1: config 239 interface 211 has no altsetting 0
[  280.014614][    T8] usb 6-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=ac.ab
[  280.024553][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.033518][    T8] usb 6-1: Product: syz
[  280.037960][    T8] usb 6-1: Manufacturer: syz
[  280.043113][    T8] usb 6-1: SerialNumber: syz
[  280.078701][ T5873] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  280.096678][ T5873] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  280.108438][ T5873] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  280.115948][ T5873] em28xx 4-1:0.0: No AC97 audio processor
[  280.122594][ T8855] FAULT_INJECTION: forcing a failure.
[  280.122594][ T8855] name failslab, interval 1, probability 0, space 0, times 0
[  280.139049][ T5873] usb 4-1: USB disconnect, device number 9
[  280.146304][ T5873] em28xx 4-1:0.0: Disconnecting em28xx
[  280.150620][ T8855] CPU: 1 UID: 0 PID: 8855 Comm: syz.2.685 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  280.162335][ T8855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  280.172397][ T8855] Call Trace:
[  280.175663][ T8855]  <TASK>
[  280.178584][ T8855]  dump_stack_lvl+0x16c/0x1f0
[  280.183253][ T8855]  should_fail_ex+0x497/0x5b0
[  280.187918][ T8855]  ? fs_reclaim_acquire+0xae/0x150
[  280.193016][ T8855]  should_failslab+0xc2/0x120
[  280.197694][ T8855]  __kmalloc_cache_noprof+0x6b/0x300
[  280.202981][ T8855]  ? __inet_diag_dump_start+0x8f/0x7f0
[  280.208469][ T8855]  __inet_diag_dump_start+0x8f/0x7f0
[  280.213767][ T8855]  __netlink_dump_start+0x607/0x970
[  280.218970][ T8855]  inet_diag_handler_cmd+0x284/0x2e0
[  280.224242][ T8855]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  280.230049][ T8855]  ? __pfx_lock_release+0x10/0x10
[  280.235077][ T8855]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  280.240795][ T8855]  ? __pfx_inet_diag_dump+0x10/0x10
[  280.245999][ T8855]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  280.251630][ T8855]  sock_diag_rcv_msg+0x437/0x790
[  280.256563][ T8855]  netlink_rcv_skb+0x16b/0x440
[  280.261320][ T8855]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  280.266767][ T8855]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  280.272043][ T8855]  ? netlink_deliver_tap+0x1ae/0xd90
[  280.277407][ T8855]  netlink_unicast+0x53c/0x7f0
[  280.282167][ T8855]  ? __pfx_netlink_unicast+0x10/0x10
[  280.287445][ T8855]  netlink_sendmsg+0x8b8/0xd70
[  280.292203][ T8855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.297468][ T8855]  ? avc_has_perm_noaudit+0x143/0x3a0
[  280.302894][ T8855]  sock_write_iter+0x4fe/0x5b0
[  280.307648][ T8855]  ? __pfx_sock_write_iter+0x10/0x10
[  280.312944][ T8855]  ? __pfx_file_has_perm+0x10/0x10
[  280.318054][ T8855]  do_iter_readv_writev+0x532/0x7f0
[  280.323258][ T8855]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  280.328972][ T8855]  ? bpf_lsm_file_permission+0x9/0x10
[  280.334328][ T8855]  ? security_file_permission+0x71/0x210
[  280.339948][ T8855]  vfs_writev+0x363/0xdd0
[  280.344279][ T8855]  ? find_held_lock+0x2d/0x110
[  280.349031][ T8855]  ? __pfx_vfs_writev+0x10/0x10
[  280.353867][ T8855]  ? find_held_lock+0x2d/0x110
[  280.358621][ T8855]  ? __pfx_lock_release+0x10/0x10
[  280.363625][ T8855]  ? trace_lock_acquire+0x14a/0x1d0
[  280.368827][ T8855]  ? __fget_files+0x244/0x3f0
[  280.373497][ T8855]  ? do_writev+0x289/0x370
[  280.377903][ T8855]  do_writev+0x289/0x370
[  280.382143][ T8855]  ? __pfx_do_writev+0x10/0x10
[  280.386899][ T8855]  do_syscall_64+0xcd/0x250
[  280.391389][ T8855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.397272][ T8855] RIP: 0033:0x7fa0f337e719
[  280.401670][ T8855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.421278][ T8855] RSP: 002b:00007fa0f4140038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  280.429681][ T8855] RAX: ffffffffffffffda RBX: 00007fa0f3535f80 RCX: 00007fa0f337e719
[  280.437637][ T8855] RDX: 0000000000000001 RSI: 0000000020000300 RDI: 0000000000000003
[  280.445612][ T8855] RBP: 00007fa0f4140090 R08: 0000000000000000 R09: 0000000000000000
[  280.453568][ T8855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.461522][ T8855] R13: 0000000000000000 R14: 00007fa0f3535f80 R15: 00007ffe412781f8
[  280.469495][ T8855]  </TASK>
[  280.503949][ T5873] em28xx 4-1:0.0: Freeing device
[  280.557922][    T8] usb 6-1: USB disconnect, device number 7
[  280.607081][ T8859] FAULT_INJECTION: forcing a failure.
[  280.607081][ T8859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.621368][ T8859] CPU: 1 UID: 0 PID: 8859 Comm: syz.2.687 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  280.631976][ T8859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  280.642111][ T8859] Call Trace:
[  280.645386][ T8859]  <TASK>
[  280.648306][ T8859]  dump_stack_lvl+0x16c/0x1f0
[  280.652972][ T8859]  should_fail_ex+0x497/0x5b0
[  280.657638][ T8859]  _copy_from_user+0x2e/0xd0
[  280.662233][ T8859]  sctp_getsockopt+0x1ac5/0x74a0
[  280.667245][ T8859]  ? avc_has_perm_noaudit+0x119/0x3a0
[  280.672605][ T8859]  ? __pfx_lock_release+0x10/0x10
[  280.677706][ T8859]  ? trace_lock_acquire+0x14a/0x1d0
[  280.682889][ T8859]  ? __pfx_mark_lock+0x10/0x10
[  280.687651][ T8859]  ? __pfx_sctp_getsockopt+0x10/0x10
[  280.692923][ T8859]  ? __lock_acquire+0x163e/0x3ce0
[  280.697936][ T8859]  ? __pfx___lock_acquire+0x10/0x10
[  280.703120][ T8859]  ? find_held_lock+0x2d/0x110
[  280.707870][ T8859]  ? __might_fault+0x13b/0x190
[  280.712619][ T8859]  ? __pfx_lock_release+0x10/0x10
[  280.717622][ T8859]  ? trace_lock_acquire+0x14a/0x1d0
[  280.722806][ T8859]  ? lock_acquire+0x2f/0xb0
[  280.727291][ T8859]  ? __might_fault+0xe3/0x190
[  280.731974][ T8859]  ? __might_fault+0xe3/0x190
[  280.736660][ T8859]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  280.742554][ T8859]  ? do_sock_getsockopt+0x3fe/0x800
[  280.747747][ T8859]  do_sock_getsockopt+0x3fe/0x800
[  280.752764][ T8859]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  280.758301][ T8859]  ? __fget_files+0x244/0x3f0
[  280.762988][ T8859]  __sys_getsockopt+0x1a1/0x270
[  280.767826][ T8859]  ? __pfx___sys_getsockopt+0x10/0x10
[  280.773200][ T8859]  ? fput+0x30/0x390
[  280.777083][ T8859]  ? ksys_write+0x1ad/0x260
[  280.781575][ T8859]  ? __pfx_ksys_write+0x10/0x10
[  280.786424][ T8859]  __x64_sys_getsockopt+0xbd/0x160
[  280.791531][ T8859]  ? do_syscall_64+0x91/0x250
[  280.796207][ T8859]  ? lockdep_hardirqs_on+0x7c/0x110
[  280.801409][ T8859]  do_syscall_64+0xcd/0x250
[  280.805910][ T8859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.811917][ T8859] RIP: 0033:0x7fa0f337e719
[  280.816337][ T8859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.835979][ T8859] RSP: 002b:00007fa0f4140038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  280.844382][ T8859] RAX: ffffffffffffffda RBX: 00007fa0f3535f80 RCX: 00007fa0f337e719
[  280.852339][ T8859] RDX: 0000000000000075 RSI: 0000000000000084 RDI: 0000000000000003
[  280.860297][ T8859] RBP: 00007fa0f4140090 R08: 0000000020003080 R09: 0000000000000000
[  280.868256][ T8859] R10: 0000000020003040 R11: 0000000000000246 R12: 0000000000000001
[  280.876210][ T8859] R13: 0000000000000000 R14: 00007fa0f3535f80 R15: 00007ffe412781f8
[  280.884175][ T8859]  </TASK>
[  280.952506][    T8] usb 5-1: USB disconnect, device number 11
[  281.390579][ T5826] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  281.757871][ T5826] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.769286][ T5826] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  281.779146][ T5826] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  281.792116][ T5826] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  281.801247][ T5826] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.825822][ T5826] usb 3-1: config 0 descriptor??
[  281.849636][ T8872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.691'.
[  282.005901][ T8873] netlink: 4 bytes leftover after parsing attributes in process `syz.5.692'.
[  282.061160][   T29] audit: type=1400 audit(1730766105.265:538): avc:  denied  { accept } for  pid=8870 comm="syz.5.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  282.389195][ T5826] acrux 0003:1A34:0802.000E: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0
[  282.413088][ T5826] acrux 0003:1A34:0802.000E: no inputs found
[  282.426590][ T5826] acrux 0003:1A34:0802.000E: Failed to enable force feedback support, error: -19
[  282.473396][ T8879] netlink: 8 bytes leftover after parsing attributes in process `syz.5.695'.
[  282.547537][    T9] usb 3-1: USB disconnect, device number 24
[  282.762227][ T8866] fuse: Bad value for 'group_id'
[  282.767296][ T8866] fuse: Bad value for 'group_id'
[  283.005311][ T5831] Bluetooth: hci5: command 0x0406 tx timeout
[  283.080691][ T5826] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  283.238098][ T5826] usb 2-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99
[  283.248751][ T5826] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.260535][ T5826] usb 2-1: Product: syz
[  283.264792][ T5826] usb 2-1: Manufacturer: syz
[  283.278366][ T5826] usb 2-1: SerialNumber: syz
[  283.363351][ T5826] usb 2-1: config 0 descriptor??
[  283.446294][ T8895] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  283.490965][ T5826] rtsx_usb 2-1:0.0: probe with driver rtsx_usb failed with error -22
[  284.060580][   T29] audit: type=1326 audit(1730766107.325:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8903 comm="syz.2.701" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa0f337e719 code=0x0
[  285.316800][ T8919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.704'.
[  285.487995][ T8924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.705'.
[  285.573919][   T25] usb 2-1: USB disconnect, device number 14
[  285.887623][ T8938] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  285.896399][ T8938] PKCS7: Only support pkcs7_signedData type
[  287.548802][ T8957] netlink: 4 bytes leftover after parsing attributes in process `syz.4.715'.
[  287.620731][ T5826] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  287.776944][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.788532][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.798593][ T5826] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  287.884213][ T8963] (syz.4.717,8963,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  288.006086][   T25] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  288.013880][ T5826] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  288.013954][   T29] audit: type=1400 audit(1730766111.155:540): avc:  denied  { associate } for  pid=8960 comm="syz.4.717" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  288.023163][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.065505][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.087905][ T5826] usb 2-1: config 0 descriptor??
[  288.196211][ T8966] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  288.240597][   T25] usb 3-1: Using ep0 maxpacket: 16
[  288.247561][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  288.260901][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  288.274415][   T25] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  288.285087][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.293492][   T25] usb 3-1: Product: syz
[  288.303783][   T25] usb 3-1: Manufacturer: syz
[  288.308631][   T25] usb 3-1: SerialNumber: syz
[  288.328407][   T25] usb 3-1: config 0 descriptor??
[  288.350000][   T25] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  288.359513][   T25] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  288.516918][ T5826] acrux 0003:1A34:0802.000F: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[  288.528232][ T5826] acrux 0003:1A34:0802.000F: no inputs found
[  288.534565][ T5826] acrux 0003:1A34:0802.000F: Failed to enable force feedback support, error: -19
[  288.706834][ T8968] Illegal XDP return value 4290949320 on prog  (id 142) dev N/A, expect packet loss!
[  288.735610][ T5826] usb 2-1: USB disconnect, device number 15
[  288.948988][ T8948] fuse: Bad value for 'group_id'
[  288.956520][   T25] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  288.963090][   T25] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  288.967408][ T8948] fuse: Bad value for 'group_id'
[  288.980288][   T25] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[  288.990488][   T25] em28xx 3-1:0.0: No AC97 audio processor
[  289.018476][   T25] usb 3-1: USB disconnect, device number 25
[  289.026260][   T25] em28xx 3-1:0.0: Disconnecting em28xx
[  289.039740][   T25] em28xx 3-1:0.0: Freeing device
[  289.040576][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  289.202014][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  289.217654][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  289.234197][    T9] usb 6-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[  289.245852][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.256432][    T9] usb 6-1: Product: syz
[  289.263505][    T9] usb 6-1: Manufacturer: syz
[  289.268346][    T9] usb 6-1: SerialNumber: syz
[  289.274846][    T9] usb 6-1: config 0 descriptor??
[  289.292825][    T9] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  289.301082][    T9] usb 6-1: Detected SIO
[  289.305448][    T9] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7
[  289.316394][    T9] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  289.389764][ T8976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.721'.
[  289.805491][   T25] usb 6-1: USB disconnect, device number 8
[  290.112806][   T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  290.122857][   T25] ftdi_sio 6-1:0.0: device disconnected
[  290.839266][ T8994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.727'.
[  291.027555][ T9003] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  291.036402][ T9003] PKCS7: Only support pkcs7_signedData type
[  291.190668][   T25] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  291.210638][ T5826] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  291.385633][   T25] usb 5-1: Using ep0 maxpacket: 16
[  291.634692][   T25] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  291.646640][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  291.659516][ T9007] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  291.667554][   T25] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  291.676820][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.684858][   T25] usb 5-1: Product: syz
[  291.689018][   T25] usb 5-1: Manufacturer: syz
[  291.693665][   T25] usb 5-1: SerialNumber: syz
[  291.698652][ T5826] usb 2-1: Using ep0 maxpacket: 8
[  291.705214][   T25] usb 5-1: config 0 descriptor??
[  291.723395][   T25] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  291.732871][   T25] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  291.740282][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.751802][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.761648][ T5826] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  291.775475][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.792808][ T5826] usb 2-1: config 0 descriptor??
[  291.799816][ T9009] netlink: 'syz.5.733': attribute type 4 has an invalid length.
[  291.818501][ T9009] netlink: 'syz.5.733': attribute type 4 has an invalid length.
[  292.036124][ T5826] usbhid 2-1:0.0: can't add hid device: -71
[  292.042284][ T5826] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  292.052989][ T5826] usb 2-1: USB disconnect, device number 16
[  292.792437][   T25] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  292.798985][   T25] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  292.806406][   T25] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  292.814128][   T25] em28xx 5-1:0.0: No AC97 audio processor
[  292.834166][   T25] usb 5-1: USB disconnect, device number 12
[  292.846145][   T25] em28xx 5-1:0.0: Disconnecting em28xx
[  293.473723][   T25] em28xx 5-1:0.0: Freeing device
[  295.362361][ T9041] netlink: 16 bytes leftover after parsing attributes in process `syz.4.741'.
[  295.489139][ T9050] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  295.792175][ T9056] netlink: 56 bytes leftover after parsing attributes in process `syz.4.745'.
[  295.875411][ T9049] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  296.074954][ T9058] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  296.169709][ T9058] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  297.222100][ T9073] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  297.230898][ T9073] PKCS7: Only support pkcs7_signedData type
[  297.780668][ T9053] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  299.335382][ T9094] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  299.622387][   T29] audit: type=1400 audit(1730766122.895:541): avc:  denied  { setopt } for  pid=9097 comm="syz.4.759" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  299.710298][   T29] audit: type=1400 audit(1730766122.975:542): avc:  denied  { read } for  pid=9101 comm="syz.2.760" name="/" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  299.740573][   T29] audit: type=1400 audit(1730766122.975:543): avc:  denied  { open } for  pid=9101 comm="syz.2.760" path="/sys/kernel/config" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  299.776302][   T29] audit: type=1400 audit(1730766122.975:544): avc:  denied  { setattr } for  pid=9101 comm="syz.2.760" name="/" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  299.926522][   T29] audit: type=1400 audit(1730766123.175:545): avc:  denied  { getopt } for  pid=9097 comm="syz.4.759" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  302.323408][ T9141] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  302.511871][ T5906] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  302.832474][ T5906] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  302.843561][ T5906] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  302.853421][ T5906] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  303.404987][ T5906] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  303.414129][ T5906] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.424731][ T5906] usb 2-1: config 0 descriptor??
[  303.653914][ T9152] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  303.662760][ T9152] PKCS7: Only support pkcs7_signedData type
[  303.800589][ T9122] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  303.904377][ T5906] acrux 0003:1A34:0802.0010: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[  303.937545][ T5906] acrux 0003:1A34:0802.0010: no inputs found
[  303.975288][ T5906] acrux 0003:1A34:0802.0010: Failed to enable force feedback support, error: -19
[  304.142686][ T5906] usb 2-1: USB disconnect, device number 17
[  304.710634][ T9131] fuse: Bad value for 'group_id'
[  304.740390][ T9131] fuse: Bad value for 'group_id'
[  304.756325][ T9165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.777'.
[  307.115732][   T29] audit: type=1400 audit(1730766130.385:546): avc:  denied  { read } for  pid=9196 comm="syz.3.787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  307.134879][    C0] vkms_vblank_simulate: vblank timer overrun
[  307.261877][   T29] audit: type=1400 audit(1730766130.425:547): avc:  denied  { ioctl } for  pid=9196 comm="syz.3.787" path="socket:[21149]" dev="sockfs" ino=21149 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  307.608508][ T9202] overlayfs: conflicting options: metacopy=off,verity=on
[  307.634001][   T29] audit: type=1400 audit(1730766130.865:548): avc:  denied  { create } for  pid=9199 comm="syz.1.788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  308.100741][   T29] audit: type=1400 audit(1730766130.985:549): avc:  denied  { ioctl } for  pid=9199 comm="syz.1.788" path="socket:[21895]" dev="sockfs" ino=21895 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  308.484570][ T9221] FAULT_INJECTION: forcing a failure.
[  308.484570][ T9221] name failslab, interval 1, probability 0, space 0, times 0
[  308.502201][ T9221] CPU: 0 UID: 0 PID: 9221 Comm: syz.4.784 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  308.512814][ T9221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  308.522881][ T9221] Call Trace:
[  308.526161][ T9221]  <TASK>
[  308.529086][ T9221]  dump_stack_lvl+0x16c/0x1f0
[  308.533766][ T9221]  should_fail_ex+0x497/0x5b0
[  308.538443][ T9221]  ? fs_reclaim_acquire+0xae/0x150
[  308.543555][ T9221]  should_failslab+0xc2/0x120
[  308.548237][ T9221]  __kmalloc_noprof+0xcb/0x400
[  308.552997][ T9221]  ? avc_has_perm_noaudit+0x143/0x3a0
[  308.558379][ T9221]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  308.565491][ T9221]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  308.571737][ T9221]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  308.577199][ T9221]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  308.583270][ T9221]  ? bpf_lsm_capable+0x9/0x10
[  308.587944][ T9221]  ? security_capable+0x7e/0x260
[  308.592893][ T9221]  genl_rcv_msg+0x565/0x800
[  308.597408][ T9221]  ? __pfx_genl_rcv_msg+0x10/0x10
[  308.602517][ T9221]  ? __pfx_netlbl_mgmt_add+0x10/0x10
[  308.607810][ T9221]  ? __pfx___lock_acquire+0x10/0x10
[  308.613024][ T9221]  netlink_rcv_skb+0x16b/0x440
[  308.617793][ T9221]  ? __pfx_genl_rcv_msg+0x10/0x10
[  308.622822][ T9221]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  308.628644][ T9221]  ? down_read+0xc9/0x330
[  308.632972][ T9221]  ? __pfx_down_read+0x10/0x10
[  308.637730][ T9221]  ? netlink_deliver_tap+0x1ae/0xd90
[  308.643021][ T9221]  ? selinux_nlmsg_lookup+0x265/0x4b0
[  308.648376][ T9221]  genl_rcv+0x28/0x40
[  308.652349][ T9221]  netlink_unicast+0x53c/0x7f0
[  308.657097][ T9221]  ? __pfx_netlink_unicast+0x10/0x10
[  308.662375][ T9221]  netlink_sendmsg+0x8b8/0xd70
[  308.667211][ T9221]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.672500][ T9221]  ____sys_sendmsg+0xaaf/0xc90
[  308.677251][ T9221]  ? copy_msghdr_from_user+0x10b/0x160
[  308.682692][ T9221]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.687967][ T9221]  ? __pfx___lock_acquire+0x10/0x10
[  308.693150][ T9221]  ___sys_sendmsg+0x135/0x1e0
[  308.697810][ T9221]  ? __pfx____sys_sendmsg+0x10/0x10
[  308.703003][ T9221]  ? lock_acquire+0x2f/0xb0
[  308.707495][ T9221]  ? __fget_files+0x40/0x3f0
[  308.712090][ T9221]  ? fdget+0x176/0x210
[  308.716150][ T9221]  __sys_sendmsg+0x117/0x1f0
[  308.720724][ T9221]  ? __pfx___sys_sendmsg+0x10/0x10
[  308.725841][ T9221]  ? __fget_files+0x244/0x3f0
[  308.730536][ T9221]  do_syscall_64+0xcd/0x250
[  308.735026][ T9221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.740910][ T9221] RIP: 0033:0x7f30c457e719
[  308.745312][ T9221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.764922][ T9221] RSP: 002b:00007f30c29f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  308.773330][ T9221] RAX: ffffffffffffffda RBX: 00007f30c4736130 RCX: 00007f30c457e719
[  308.781287][ T9221] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000006
[  308.789241][ T9221] RBP: 00007f30c29f6090 R08: 0000000000000000 R09: 0000000000000000
[  308.797208][ T9221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.805163][ T9221] R13: 0000000000000000 R14: 00007f30c4736130 R15: 00007fff491e7a88
[  308.813127][ T9221]  </TASK>
[  308.816200][    C0] vkms_vblank_simulate: vblank timer overrun
[  308.946326][ T9223] netlink: 8 bytes leftover after parsing attributes in process `syz.2.795'.
[  309.018852][ T9225] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  309.028305][ T9225] PKCS7: Only support pkcs7_signedData type
[  309.041790][ T9223] bond2 (unregistering): Released all slaves
[  309.626650][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.1.801'.
[  309.999192][   T25] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  310.221963][   T25] usb 3-1: config 0 has an invalid interface number: 104 but max is 0
[  310.233021][   T25] usb 3-1: config 0 has no interface number 0
[  310.250691][   T25] usb 3-1: config 0 interface 104 has no altsetting 0
[  310.260087][   T25] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9
[  310.269725][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.275681][ T9253] FAULT_INJECTION: forcing a failure.
[  310.275681][ T9253] name failslab, interval 1, probability 0, space 0, times 0
[  310.278711][   T25] usb 3-1: Product: syz
[  310.295830][   T25] usb 3-1: Manufacturer: syz
[  310.300918][ T9253] CPU: 1 UID: 0 PID: 9253 Comm: syz.1.805 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  310.311527][ T9253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  310.321596][ T9253] Call Trace:
[  310.324880][ T9253]  <TASK>
[  310.328413][ T9253]  dump_stack_lvl+0x16c/0x1f0
[  310.333106][ T9253]  should_fail_ex+0x497/0x5b0
[  310.337799][ T9253]  should_failslab+0xc2/0x120
[  310.342491][ T9253]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  310.347878][ T9253]  ? skb_clone+0x190/0x3f0
[  310.352306][ T9253]  skb_clone+0x190/0x3f0
[  310.356535][ T9253]  netlink_deliver_tap+0xab3/0xd90
[  310.361644][ T9253]  netlink_unicast+0x5e1/0x7f0
[  310.366413][ T9253]  ? __pfx_netlink_unicast+0x10/0x10
[  310.371720][ T9253]  netlink_sendmsg+0x8b8/0xd70
[  310.376497][ T9253]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.381801][ T9253]  ____sys_sendmsg+0xaaf/0xc90
[  310.386578][ T9253]  ? copy_msghdr_from_user+0x10b/0x160
[  310.392039][ T9253]  ? __pfx_____sys_sendmsg+0x10/0x10
[  310.397332][ T9253]  ? __pfx___lock_acquire+0x10/0x10
[  310.402519][ T9253]  ___sys_sendmsg+0x135/0x1e0
[  310.407201][ T9253]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.412398][ T9253]  ? lock_acquire+0x2f/0xb0
[  310.416877][ T9253]  ? __fget_files+0x40/0x3f0
[  310.421468][ T9253]  ? fdget+0x176/0x210
[  310.425549][ T9253]  __sys_sendmmsg+0x1a1/0x450
[  310.430234][ T9253]  ? __pfx___sys_sendmmsg+0x10/0x10
[  310.435443][ T9253]  ? vfs_write+0x306/0x1150
[  310.439978][ T9253]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  310.445984][ T9253]  ? fput+0x30/0x390
[  310.449886][ T9253]  ? ksys_write+0x1ad/0x260
[  310.454402][ T9253]  ? __pfx_ksys_write+0x10/0x10
[  310.459270][ T9253]  __x64_sys_sendmmsg+0x9c/0x100
[  310.464221][ T9253]  ? lockdep_hardirqs_on+0x7c/0x110
[  310.469436][ T9253]  do_syscall_64+0xcd/0x250
[  310.473946][ T9253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.479851][ T9253] RIP: 0033:0x7fb0c0d7e719
[  310.484272][ T9253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.503893][ T9253] RSP: 002b:00007fb0c1bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  310.512320][ T9253] RAX: ffffffffffffffda RBX: 00007fb0c0f35f80 RCX: 00007fb0c0d7e719
[  310.520299][ T9253] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  310.528279][ T9253] RBP: 00007fb0c1bd5090 R08: 0000000000000000 R09: 0000000000000000
[  310.536340][ T9253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.544314][ T9253] R13: 0000000000000000 R14: 00007fb0c0f35f80 R15: 00007ffe056be678
[  310.552306][ T9253]  </TASK>
[  310.556077][   T25] usb 3-1: SerialNumber: syz
[  310.564126][   T25] usb 3-1: config 0 descriptor??
[  310.597176][   T25] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  310.822676][   T29] audit: type=1400 audit(1730766134.085:550): avc:  denied  { mount } for  pid=9237 comm="syz.2.800" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  311.001212][   T25] gspca_vc032x: reg_r err -71
[  311.017129][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.094341][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.150503][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.164126][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.172071][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.177377][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.186711][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.194317][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.200046][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.205567][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.211043][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.216437][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.275822][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.296324][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.302467][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.307840][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.313339][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.318655][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[  311.324075][   T25] gspca_vc032x: Unknown sensor...
[  311.329340][   T25] vc032x 3-1:0.104: probe with driver vc032x failed with error -22
[  311.344549][   T25] usb 3-1: USB disconnect, device number 26
[  312.643743][ T9282] hub 9-0:1.0: USB hub found
[  312.648621][ T9282] hub 9-0:1.0: 1 port detected
[  316.399615][ T9332] FAULT_INJECTION: forcing a failure.
[  316.399615][ T9332] name failslab, interval 1, probability 0, space 0, times 0
[  316.412637][ T9332] CPU: 1 UID: 0 PID: 9332 Comm: syz.1.826 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  316.423232][ T9332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  316.433277][ T9332] Call Trace:
[  316.436556][ T9332]  <TASK>
[  316.439477][ T9332]  dump_stack_lvl+0x16c/0x1f0
[  316.444137][ T9332]  should_fail_ex+0x497/0x5b0
[  316.448828][ T9332]  should_failslab+0xc2/0x120
[  316.453487][ T9332]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  316.458866][ T9332]  ? __nf_conntrack_alloc+0xd1/0x5e0
[  316.464153][ T9332]  __nf_conntrack_alloc+0xd1/0x5e0
[  316.469257][ T9332]  init_conntrack.constprop.0+0xd3e/0x1080
[  316.475049][ T9332]  ? __pfx_init_conntrack.constprop.0+0x10/0x10
[  316.481274][ T9332]  ? ip6t_do_table+0xd50/0x1d40
[  316.486105][ T9332]  nf_conntrack_in+0xafb/0x1850
[  316.490956][ T9332]  ? __pfx_nf_conntrack_in+0x10/0x10
[  316.496253][ T9332]  ? __do_replace+0x926/0x9e0
[  316.500913][ T9332]  ? rcu_is_watching+0x12/0xc0
[  316.505675][ T9332]  ? __pfx_ipv6_conntrack_in+0x10/0x10
[  316.511135][ T9332]  nf_hook_slow+0xbb/0x200
[  316.515546][ T9332]  nf_hook.constprop.0+0x42e/0x750
[  316.520658][ T9332]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  316.525845][ T9332]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  316.531470][ T9332]  ? sock_wfree+0x11c/0x880
[  316.535964][ T9332]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  316.541171][ T9332]  ? __pfx_ipv6_rcv+0x10/0x10
[  316.545864][ T9332]  ipv6_rcv+0xa4/0x680
[  316.549940][ T9332]  ? __pfx_ipv6_rcv+0x10/0x10
[  316.554601][ T9332]  __netif_receive_skb_one_core+0x12e/0x1e0
[  316.560522][ T9332]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  316.566919][ T9332]  ? trace_lock_acquire+0x14a/0x1d0
[  316.572099][ T9332]  ? netif_receive_skb+0x109/0x7b0
[  316.577210][ T9332]  __netif_receive_skb+0x1d/0x160
[  316.582235][ T9332]  netif_receive_skb+0x13f/0x7b0
[  316.587181][ T9332]  ? __pfx_netif_receive_skb+0x10/0x10
[  316.592632][ T9332]  ? __pfx___schedule+0x10/0x10
[  316.597528][ T9332]  tun_rx_batched+0x429/0x780
[  316.602192][ T9332]  ? irqentry_exit+0x3b/0x90
[  316.606791][ T9332]  ? __pfx_tun_rx_batched+0x10/0x10
[  316.611984][ T9332]  ? preempt_schedule_notrace_thunk+0x1a/0x30
[  316.618052][ T9332]  ? tun_get_user+0x13df/0x3d80
[  316.622896][ T9332]  tun_get_user+0x2a4d/0x3d80
[  316.627566][ T9332]  ? __pfx_tun_get_user+0x10/0x10
[  316.632577][ T9332]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  316.638378][ T9332]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  316.644175][ T9332]  ? rcu_preempt_deferred_qs_irqrestore+0x505/0xb80
[  316.650773][ T9332]  ? rcu_is_watching+0x12/0xc0
[  316.655518][ T9332]  ? __rcu_read_unlock+0x2b4/0x580
[  316.660625][ T9332]  tun_chr_write_iter+0xdc/0x210
[  316.665570][ T9332]  vfs_write+0x5ae/0x1150
[  316.669897][ T9332]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  316.675456][ T9332]  ? __pfx_vfs_write+0x10/0x10
[  316.680204][ T9332]  ? lockdep_hardirqs_on+0x7c/0x110
[  316.685403][ T9332]  ? ksys_write+0xd2/0x260
[  316.689804][ T9332]  ksys_write+0x12f/0x260
[  316.694115][ T9332]  ? __pfx_ksys_write+0x10/0x10
[  316.698969][ T9332]  do_syscall_64+0xcd/0x250
[  316.703455][ T9332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.709329][ T9332] RIP: 0033:0x7fb0c0d7d1ff
[  316.713728][ T9332] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  316.733333][ T9332] RSP: 002b:00007fb0c1bb4000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  316.741736][ T9332] RAX: ffffffffffffffda RBX: 00007fb0c0f36058 RCX: 00007fb0c0d7d1ff
[  316.749709][ T9332] RDX: 000000000000008e RSI: 0000000020000140 RDI: 00000000000000c8
[  316.757675][ T9332] RBP: 00007fb0c1bb4090 R08: 0000000000000000 R09: 0000000000000000
[  316.765655][ T9332] R10: 000000000000008e R11: 0000000000000293 R12: 0000000000000001
[  316.773624][ T9332] R13: 0000000000000001 R14: 00007fb0c0f36058 R15: 00007ffe056be678
[  316.781692][ T9332]  </TASK>
[  316.791802][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  317.270905][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  317.615349][ T9337] FAULT_INJECTION: forcing a failure.
[  317.615349][ T9337] name failslab, interval 1, probability 0, space 0, times 0
[  317.628255][   T29] audit: type=1400 audit(1730766140.885:551): avc:  denied  { setattr } for  pid=9347 comm="syz.5.831" name="NETLINK" dev="sockfs" ino=22173 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  317.640631][ T9337] CPU: 1 UID: 0 PID: 9337 Comm: syz.4.829 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  317.651903][    C0] vkms_vblank_simulate: vblank timer overrun
[  317.662412][ T9337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  317.678425][ T9337] Call Trace:
[  317.681716][ T9337]  <TASK>
[  317.684624][ T9337]  dump_stack_lvl+0x16c/0x1f0
[  317.689279][ T9337]  should_fail_ex+0x497/0x5b0
[  317.693951][ T9337]  ? fs_reclaim_acquire+0xae/0x150
[  317.699048][ T9337]  should_failslab+0xc2/0x120
[  317.703727][ T9337]  __kmalloc_noprof+0xcb/0x400
[  317.708481][ T9337]  tomoyo_encode2+0x100/0x3e0
[  317.713136][ T9337]  tomoyo_encode+0x29/0x50
[  317.717527][ T9337]  tomoyo_realpath_from_path+0x19d/0x720
[  317.723156][ T9337]  ? tomoyo_path_number_perm+0x232/0x590
[  317.728809][ T9337]  tomoyo_path_number_perm+0x245/0x590
[  317.734286][ T9337]  ? tomoyo_path_number_perm+0x232/0x590
[  317.739946][ T9337]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  317.745974][ T9337]  ? trace_lock_acquire+0x14a/0x1d0
[  317.751199][ T9337]  ? lock_acquire+0x2f/0xb0
[  317.755708][ T9337]  ? __fget_files+0x40/0x3f0
[  317.760279][ T9337]  ? __fget_files+0x244/0x3f0
[  317.764939][ T9337]  security_file_ioctl+0x9b/0x240
[  317.769945][ T9337]  __x64_sys_ioctl+0xbb/0x220
[  317.774600][ T9337]  do_syscall_64+0xcd/0x250
[  317.779079][ T9337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.784952][ T9337] RIP: 0033:0x7f30c457e719
[  317.789358][ T9337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.808978][ T9337] RSP: 002b:00007f30c52bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  317.817383][ T9337] RAX: ffffffffffffffda RBX: 00007f30c4735f80 RCX: 00007f30c457e719
[  317.825334][ T9337] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  317.833283][ T9337] RBP: 00007f30c52bd090 R08: 0000000000000000 R09: 0000000000000000
[  317.841228][ T9337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.849174][ T9337] R13: 0000000000000000 R14: 00007f30c4735f80 R15: 00007fff491e7a88
[  317.857147][ T9337]  </TASK>
[  317.862315][   T29] audit: type=1400 audit(1730766140.885:552): avc:  denied  { view } for  pid=9347 comm="syz.5.831" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  317.916937][ T9337] ERROR: Out of memory at tomoyo_realpath_from_path.
[  321.494037][ T9388] hub 9-0:1.0: USB hub found
[  321.500616][ T9388] hub 9-0:1.0: 1 port detected
[  323.693730][   T29] audit: type=1326 audit(1730766146.655:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.717095][    C0] vkms_vblank_simulate: vblank timer overrun
[  323.751974][   T29] audit: type=1326 audit(1730766146.655:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.776759][   T29] audit: type=1326 audit(1730766146.665:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.800958][   T29] audit: type=1326 audit(1730766146.665:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.824482][   T29] audit: type=1326 audit(1730766146.665:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.848127][   T29] audit: type=1326 audit(1730766146.665:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.871347][    C0] vkms_vblank_simulate: vblank timer overrun
[  323.877733][   T29] audit: type=1326 audit(1730766146.665:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.900924][    C0] vkms_vblank_simulate: vblank timer overrun
[  323.908161][   T29] audit: type=1326 audit(1730766146.665:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.927324][ T9423] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  323.931551][   T29] audit: type=1326 audit(1730766146.665:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  323.967237][    C0] vkms_vblank_simulate: vblank timer overrun
[  323.973526][   T29] audit: type=1326 audit(1730766146.665:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9405 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x7ffc0000
[  324.144538][ T9428] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  324.291271][ T5905] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  324.520876][ T9431] hub 9-0:1.0: USB hub found
[  324.541173][ T9431] hub 9-0:1.0: 1 port detected
[  325.357519][ T9438] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  325.764702][ T5905] usb 3-1: Using ep0 maxpacket: 8
[  325.771517][ T5905] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  325.779727][ T5905] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  325.789613][ T5905] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  325.799547][ T5905] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  325.809826][ T5905] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  325.822845][ T5905] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  325.831933][ T5905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.517333][ T5905] usb 3-1: usb_control_msg returned -71
[  326.523091][ T5905] usbtmc 3-1:16.0: can't read capabilities
[  326.548319][ T5905] usb 3-1: USB disconnect, device number 27
[  327.570560][ T9456] (syz.5.858,9456,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  327.965010][ T5905] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  328.270567][ T5905] usb 3-1: Using ep0 maxpacket: 16
[  328.283530][ T5905] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  328.324204][ T5905] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  328.618604][ T5905] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  328.629774][ T5905] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.644119][ T5905] usb 3-1: Product: syz
[  328.648388][ T5905] usb 3-1: Manufacturer: syz
[  328.655061][ T5905] usb 3-1: SerialNumber: syz
[  329.101732][ T5905] usb 3-1: config 0 descriptor??
[  329.170866][ T9473] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  329.260902][ T5905] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  329.325070][ T5905] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  329.331818][ T9475] netlink: 'syz.4.866': attribute type 4 has an invalid length.
[  329.459881][ T9478] netlink: 'syz.4.866': attribute type 4 has an invalid length.
[  329.573495][ T9476] hub 9-0:1.0: USB hub found
[  329.590737][ T9476] hub 9-0:1.0: 1 port detected
[  329.800848][ T9487] netlink: 12 bytes leftover after parsing attributes in process `syz.3.869'.
[  329.967384][ T5905] em28xx 3-1:0.0: chip ID is em2874
[  330.259288][ T9493] FAULT_INJECTION: forcing a failure.
[  330.259288][ T9493] name failslab, interval 1, probability 0, space 0, times 0
[  330.339822][    T8] usb 3-1: USB disconnect, device number 28
[  330.347222][    T8] em28xx 3-1:0.0: Disconnecting em28xx
[  330.362678][    T8] em28xx 3-1:0.0: Freeing device
[  330.398112][ T9493] CPU: 0 UID: 0 PID: 9493 Comm: syz.3.870 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  330.408746][ T9493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  330.418805][ T9493] Call Trace:
[  330.422062][ T9493]  <TASK>
[  330.424968][ T9493]  dump_stack_lvl+0x16c/0x1f0
[  330.429622][ T9493]  should_fail_ex+0x497/0x5b0
[  330.434276][ T9493]  should_failslab+0xc2/0x120
[  330.438940][ T9493]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  330.444286][ T9493]  ? skb_clone+0x190/0x3f0
[  330.448690][ T9493]  skb_clone+0x190/0x3f0
[  330.452924][ T9493]  netlink_deliver_tap+0xab3/0xd90
[  330.458104][ T9493]  netlink_unicast+0x5e1/0x7f0
[  330.462856][ T9493]  ? __pfx_netlink_unicast+0x10/0x10
[  330.468128][ T9493]  netlink_sendmsg+0x8b8/0xd70
[  330.472867][ T9493]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.478130][ T9493]  ____sys_sendmsg+0xaaf/0xc90
[  330.482872][ T9493]  ? copy_msghdr_from_user+0x10b/0x160
[  330.488305][ T9493]  ? __pfx_____sys_sendmsg+0x10/0x10
[  330.493670][ T9493]  ? __pfx___lock_acquire+0x10/0x10
[  330.498869][ T9493]  ___sys_sendmsg+0x135/0x1e0
[  330.503544][ T9493]  ? __pfx____sys_sendmsg+0x10/0x10
[  330.508729][ T9493]  ? lock_acquire+0x2f/0xb0
[  330.513213][ T9493]  ? __fget_files+0x40/0x3f0
[  330.517789][ T9493]  ? fdget+0x176/0x210
[  330.521855][ T9493]  __sys_sendmsg+0x117/0x1f0
[  330.526419][ T9493]  ? __pfx___sys_sendmsg+0x10/0x10
[  330.531503][ T9493]  ? __fget_files+0x244/0x3f0
[  330.536165][ T9493]  do_syscall_64+0xcd/0x250
[  330.540643][ T9493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.546512][ T9493] RIP: 0033:0x7f846897e719
[  330.550918][ T9493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.570537][ T9493] RSP: 002b:00007f846976e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.578936][ T9493] RAX: ffffffffffffffda RBX: 00007f8468b35f80 RCX: 00007f846897e719
[  330.586884][ T9493] RDX: 0000000020048854 RSI: 0000000020000180 RDI: 0000000000000003
[  330.594846][ T9493] RBP: 00007f846976e090 R08: 0000000000000000 R09: 0000000000000000
[  330.602793][ T9493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.610740][ T9493] R13: 0000000000000000 R14: 00007f8468b35f80 R15: 00007ffc82f5cf78
[  330.618756][ T9493]  </TASK>
[  330.621836][    C0] vkms_vblank_simulate: vblank timer overrun
[  331.229192][ T9488] netlink: 40 bytes leftover after parsing attributes in process `syz.4.868'.
[  333.192553][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  333.192568][   T29] audit: type=1326 audit(1730766156.455:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  333.221863][    C0] vkms_vblank_simulate: vblank timer overrun
[  333.295009][   T29] audit: type=1326 audit(1730766156.455:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  333.682898][   T29] audit: type=1326 audit(1730766156.455:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  333.944888][   T29] audit: type=1326 audit(1730766156.455:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  333.968139][    C0] vkms_vblank_simulate: vblank timer overrun
[  334.056842][   T29] audit: type=1326 audit(1730766156.455:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  334.173865][   T29] audit: type=1326 audit(1730766156.455:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  334.226781][   T29] audit: type=1326 audit(1730766156.455:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  334.250773][   T29] audit: type=1326 audit(1730766156.455:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  334.277966][   T29] audit: type=1326 audit(1730766156.455:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  334.318227][   T29] audit: type=1326 audit(1730766156.455:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9513 comm="syz.3.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  335.571488][    T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  335.730568][    T9] usb 5-1: Using ep0 maxpacket: 16
[  335.740553][    T9] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  335.922184][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  335.936383][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  336.030649][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.055723][    T9] usb 5-1: Product: syz
[  336.083578][    T9] usb 5-1: Manufacturer: syz
[  336.088206][    T9] usb 5-1: SerialNumber: syz
[  336.109587][    T9] usb 5-1: config 0 descriptor??
[  336.126399][    T9] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  336.145248][    T9] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  336.788927][    T9] em28xx 5-1:0.0: chip ID is em2874
[  336.987970][   T25] usb 5-1: USB disconnect, device number 13
[  336.994571][   T25] em28xx 5-1:0.0: Disconnecting em28xx
[  336.995492][ T9566] netlink: 8 bytes leftover after parsing attributes in process `syz.1.890'.
[  337.003441][   T25] em28xx 5-1:0.0: Freeing device
[  338.030647][    T9] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  338.193756][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  338.205561][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  338.216126][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  338.229720][    T9] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  338.239207][ T5872] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  338.299106][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.371818][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  338.371854][   T29] audit: type=1326 audit(1730766161.565:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.489095][   T29] audit: type=1326 audit(1730766161.565:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.704594][   T29] audit: type=1326 audit(1730766161.565:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.780292][    T9] usb 3-1: config 0 descriptor??
[  338.810534][   T29] audit: type=1326 audit(1730766161.565:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.833798][    C0] vkms_vblank_simulate: vblank timer overrun
[  338.840001][   T29] audit: type=1326 audit(1730766161.565:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.864982][   T29] audit: type=1326 audit(1730766161.565:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.888225][    C0] vkms_vblank_simulate: vblank timer overrun
[  338.895154][   T29] audit: type=1326 audit(1730766161.565:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.918450][    C0] vkms_vblank_simulate: vblank timer overrun
[  338.925571][   T29] audit: type=1326 audit(1730766161.565:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.953295][   T29] audit: type=1326 audit(1730766161.565:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  338.978799][ T5872] usb 2-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99
[  339.010615][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.035177][ T5872] usb 2-1: Product: syz
[  339.042052][   T29] audit: type=1326 audit(1730766161.565:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.4.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  339.070697][ T5872] usb 2-1: Manufacturer: syz
[  339.081305][ T5872] usb 2-1: SerialNumber: syz
[  339.111566][ T5872] usb 2-1: config 0 descriptor??
[  339.230961][ T5872] rtsx_usb 2-1:0.0: probe with driver rtsx_usb failed with error -22
[  339.247630][ T5139] Bluetooth: hci0: unexpected event for opcode 0x080d
[  339.272626][    T9] acrux 0003:1A34:0802.0011: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0
[  339.283853][    T9] acrux 0003:1A34:0802.0011: no inputs found
[  339.290042][    T9] acrux 0003:1A34:0802.0011: Failed to enable force feedback support, error: -19
[  339.324404][ T9602] netlink: 'syz.3.902': attribute type 4 has an invalid length.
[  339.429890][ T9604] netlink: 'syz.3.902': attribute type 4 has an invalid length.
[  339.833172][ T5872] usb 3-1: USB disconnect, device number 29
[  339.860558][ T9571] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  340.044387][ T9575] fuse: Bad value for 'group_id'
[  340.050618][ T9575] fuse: Bad value for 'group_id'
[  340.970756][ T5873] usb 2-1: USB disconnect, device number 18
[  341.041271][ T9625] netlink: 'syz.3.906': attribute type 10 has an invalid length.
[  341.293841][ T9625] netlink: 210880 bytes leftover after parsing attributes in process `syz.3.906'.
[  341.979065][ T9645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.913'.
[  342.042210][ T9645] bond5 (unregistering): Released all slaves
[  343.550507][   T25] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  344.534376][ T9673] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  344.543138][ T9673] PKCS7: Only support pkcs7_signedData type
[  344.574243][   T25] usb 2-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99
[  344.594810][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.111102][   T25] usb 2-1: Product: syz
[  345.174828][   T29] kauditd_printk_skb: 41 callbacks suppressed
[  345.174868][   T29] audit: type=1326 audit(1730766168.135:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  345.204246][    C0] vkms_vblank_simulate: vblank timer overrun
[  345.461132][   T25] usb 2-1: Manufacturer: syz
[  345.465773][   T25] usb 2-1: SerialNumber: syz
[  345.491504][   T25] usb 2-1: config 0 descriptor??
[  345.499054][   T25] usb 2-1: can't set config #0, error -71
[  345.506888][   T25] usb 2-1: USB disconnect, device number 19
[  345.535856][   T29] audit: type=1326 audit(1730766168.135:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  345.564232][   T29] audit: type=1326 audit(1730766168.135:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  345.587443][    C0] vkms_vblank_simulate: vblank timer overrun
[  345.804583][   T29] audit: type=1326 audit(1730766168.135:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  345.828273][   T29] audit: type=1326 audit(1730766168.135:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  346.479700][   T29] audit: type=1326 audit(1730766168.135:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  346.573174][   T29] audit: type=1326 audit(1730766168.135:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  346.619606][   T29] audit: type=1326 audit(1730766168.135:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  346.679425][ T9701] netlink: 'syz.4.927': attribute type 10 has an invalid length.
[  346.695711][   T29] audit: type=1326 audit(1730766168.135:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  346.718872][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.731714][ T9701] netlink: 210880 bytes leftover after parsing attributes in process `syz.4.927'.
[  346.786359][   T29] audit: type=1326 audit(1730766168.135:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9678 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f846897e719 code=0x7ffc0000
[  346.930126][ T9707] bond5 (unregistering): Released all slaves
[  347.570716][ T9721] (syz.5.932,9721,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  348.507230][ T9727] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  348.516017][ T9727] PKCS7: Only support pkcs7_signedData type
[  351.803538][ T9757] netlink: 'syz.2.941': attribute type 10 has an invalid length.
[  351.811543][ T9757] netlink: 210880 bytes leftover after parsing attributes in process `syz.2.941'.
[  351.997596][ T9761] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  354.107394][ T9778] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  354.116145][ T9778] PKCS7: Only support pkcs7_signedData type
[  355.193580][ T9788] (syz.3.949,9788,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  356.050846][ T5872] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  358.108589][ T5872] usb 2-1: device descriptor read/64, error -71
[  358.500778][ T5872] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  358.806303][ T9820] netlink: 'syz.5.956': attribute type 10 has an invalid length.
[  359.878740][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  359.878757][   T29] audit: type=1400 audit(1730766182.785:700): avc:  denied  { getopt } for  pid=9821 comm="syz.3.959" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  359.924505][ T9830] hub 9-0:1.0: USB hub found
[  359.956729][ T9830] hub 9-0:1.0: 1 port detected
[  360.035583][ T9838] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  360.044796][ T9838] PKCS7: Only support pkcs7_signedData type
[  362.675305][ T9837] netlink: 40 bytes leftover after parsing attributes in process `syz.1.962'.
[  363.420674][ T9872] (syz.3.968,9872,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  364.365846][ T9879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.974'.
[  370.286623][ T9936] hub 9-0:1.0: USB hub found
[  370.296188][ T9936] hub 9-0:1.0: 1 port detected
[  373.954915][ T9966] netlink: 'syz.4.994': attribute type 10 has an invalid length.
[  373.963573][ T9966] netlink: 210880 bytes leftover after parsing attributes in process `syz.4.994'.
[  376.812642][   T29] audit: type=1326 audit(1730766200.085:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9995 comm="syz.1.1003" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb0c0d7e719 code=0x0
[  376.859792][ T9997] netlink: 'syz.4.1002': attribute type 4 has an invalid length.
[  377.785330][   T29] audit: type=1326 audit(1730766200.505:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  377.812232][   T29] audit: type=1326 audit(1730766200.505:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  378.182876][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  378.191060][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  378.306430][   T29] audit: type=1326 audit(1730766200.505:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  378.330822][   T29] audit: type=1326 audit(1730766200.505:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  378.369152][   T29] audit: type=1326 audit(1730766200.505:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  378.650949][   T29] audit: type=1326 audit(1730766200.505:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  379.081300][   T29] audit: type=1326 audit(1730766200.505:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  379.105106][   T29] audit: type=1326 audit(1730766200.505:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  379.128893][   T29] audit: type=1326 audit(1730766200.505:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f30c457e719 code=0x7ffc0000
[  379.152163][    C0] vkms_vblank_simulate: vblank timer overrun
[  379.425985][T10023] (syz.4.1010,10023,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  379.448113][T10020] hub 9-0:1.0: USB hub found
[  379.771904][T10020] hub 9-0:1.0: 1 port detected
[  381.744195][T10040] hub 9-0:1.0: USB hub found
[  381.749110][T10040] hub 9-0:1.0: 1 port detected
[  382.532356][T10053] (syz.1.1018,10053,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  383.371013][ T5873] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  384.012923][ T5873] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  384.031633][ T5873] usb 5-1: config 0 has no interface number 0
[  384.045056][ T5873] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  384.056671][ T5873] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  384.074947][ T5873] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  384.089187][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.162284][ T5873] usb 5-1: config 0 descriptor??
[  384.840703][ T5906] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  384.978201][T10092] netlink: 'syz.1.1030': attribute type 4 has an invalid length.
[  385.002277][ T5906] usb 6-1: device descriptor read/64, error -71
[  385.023211][ T5873] usbhid 5-1:0.1: can't add hid device: -71
[  385.029758][ T5873] usbhid 5-1:0.1: probe with driver usbhid failed with error -71
[  385.039365][ T5873] usb 5-1: USB disconnect, device number 14
[  385.371017][ T5906] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  385.550494][ T5906] usb 6-1: device descriptor read/64, error -71
[  385.671620][ T5906] usb usb6-port1: attempt power cycle
[  386.101940][ T5906] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  386.481133][ T5906] usb 6-1: device descriptor read/8, error -71
[  388.311720][ T5906] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  389.473799][T10146] netlink: 'syz.5.1042': attribute type 4 has an invalid length.
[  389.630512][ T5906] usb 6-1: device not accepting address 12, error -71
[  389.643117][ T5906] usb usb6-port1: unable to enumerate USB device
[  393.938828][T10202] netlink: 'syz.2.1056': attribute type 4 has an invalid length.
[  394.656792][T10202] netlink: 'syz.2.1056': attribute type 4 has an invalid length.
[  395.073385][T10212] netlink: 'syz.5.1058': attribute type 4 has an invalid length.
[  395.104567][T10212] netlink: 'syz.5.1058': attribute type 4 has an invalid length.
[  396.861647][T10237] netlink: 'syz.1.1063': attribute type 10 has an invalid length.
[  396.869633][T10237] netlink: 210880 bytes leftover after parsing attributes in process `syz.1.1063'.
[  398.582301][T10247] syz.3.1067 (10247): drop_caches: 2
[  398.590022][T10247] syz.3.1067 (10247): drop_caches: 2
[  398.601757][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  398.601774][   T29] audit: type=1400 audit(1730766220.865:726): avc:  denied  { mount } for  pid=10244 comm="syz.3.1067" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  398.630412][    C0] vkms_vblank_simulate: vblank timer overrun
[  399.922309][T10258] netlink: 'syz.2.1072': attribute type 4 has an invalid length.
[  399.946745][T10258] netlink: 'syz.2.1072': attribute type 4 has an invalid length.
[  401.898471][   T29] audit: type=1400 audit(1730766225.155:727): avc:  denied  { mount } for  pid=10282 comm="syz.3.1079" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  401.947619][T10287] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1080'.
[  402.470475][T10297] netlink: 'syz.2.1082': attribute type 10 has an invalid length.
[  402.478560][T10297] netlink: 210880 bytes leftover after parsing attributes in process `syz.2.1082'.
[  402.888903][T10304] FAULT_INJECTION: forcing a failure.
[  402.888903][T10304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.930223][T10304] CPU: 1 UID: 0 PID: 10304 Comm: syz.3.1084 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  402.941040][T10304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.951108][T10304] Call Trace:
[  402.954394][T10304]  <TASK>
[  402.957334][T10304]  dump_stack_lvl+0x16c/0x1f0
[  402.962024][T10304]  should_fail_ex+0x497/0x5b0
[  402.966716][T10304]  _copy_from_user+0x2e/0xd0
[  402.971319][T10304]  input_event_from_user+0x134/0x3b0
[  402.976622][T10304]  ? __pfx_input_event_from_user+0x10/0x10
[  402.982448][T10304]  ? __pfx___might_resched+0x10/0x10
[  402.987757][T10304]  ? input_inject_event+0x193/0x370
[  402.992972][T10304]  evdev_write+0x377/0x750
[  402.997394][T10304]  ? __pfx_evdev_write+0x10/0x10
[  403.002329][T10304]  ? bpf_lsm_file_permission+0x9/0x10
[  403.007694][T10304]  ? security_file_permission+0x71/0x210
[  403.013315][T10304]  ? __pfx_evdev_write+0x10/0x10
[  403.018241][T10304]  vfs_write+0x24c/0x1150
[  403.022563][T10304]  ? __fget_files+0x23a/0x3f0
[  403.027232][T10304]  ? __pfx_lock_release+0x10/0x10
[  403.032242][T10304]  ? trace_lock_acquire+0x14a/0x1d0
[  403.037426][T10304]  ? __pfx_vfs_write+0x10/0x10
[  403.042181][T10304]  ? lock_acquire+0x2f/0xb0
[  403.046666][T10304]  ? __fget_files+0x40/0x3f0
[  403.051248][T10304]  ? __fget_files+0x244/0x3f0
[  403.055920][T10304]  ksys_write+0x1fa/0x260
[  403.060237][T10304]  ? __pfx_ksys_write+0x10/0x10
[  403.065082][T10304]  do_syscall_64+0xcd/0x250
[  403.069571][T10304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.075454][T10304] RIP: 0033:0x7f846897e719
[  403.079856][T10304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.099473][T10304] RSP: 002b:00007f846976e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  403.107870][T10304] RAX: ffffffffffffffda RBX: 00007f8468b35f80 RCX: 00007f846897e719
[  403.115842][T10304] RDX: 0000000000002250 RSI: 0000000020000040 RDI: 0000000000000005
[  403.123810][T10304] RBP: 00007f846976e090 R08: 0000000000000000 R09: 0000000000000000
[  403.131762][T10304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.139717][T10304] R13: 0000000000000000 R14: 00007f8468b35f80 R15: 00007ffc82f5cf78
[  403.147693][T10304]  </TASK>
[  403.293027][   T29] audit: type=1400 audit(1730766226.565:728): avc:  denied  { module_load } for  pid=10312 comm="syz.3.1087" path="/259/bus" dev="tmpfs" ino=1361 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  403.316093][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.765941][T10328] netlink: 'syz.5.1091': attribute type 4 has an invalid length.
[  403.860646][ T5831] Bluetooth: hci5: command 0x0406 tx timeout
[  405.551542][T10308] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  407.270770][  T965] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  408.211375][  T965] usb 5-1: device not accepting address 15, error -71
[  409.055817][T10386] overlayfs: failed to resolve './file0': -2
[  409.081686][T10387] overlayfs: failed to resolve './file0': -2
[  409.094210][   T29] audit: type=1400 audit(1730766232.365:729): avc:  denied  { write } for  pid=10384 comm="syz.3.1108" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  409.117237][    C0] vkms_vblank_simulate: vblank timer overrun
[  409.280597][  T965] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  409.943789][  T965] usb 5-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99
[  409.953906][  T965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.010569][  T965] usb 5-1: Product: syz
[  410.015277][  T965] usb 5-1: Manufacturer: syz
[  410.019894][  T965] usb 5-1: SerialNumber: syz
[  410.052173][  T965] usb 5-1: config 0 descriptor??
[  410.160988][  T965] rtsx_usb 5-1:0.0: probe with driver rtsx_usb failed with error -22
[  410.445441][T10401] (syz.1.1111,10401,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  410.731953][  T965] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  411.040584][  T965] usb 3-1: Using ep0 maxpacket: 8
[  411.051006][  T965] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  411.079777][  T965] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  411.268844][T10405] (syz.3.1110,10405,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  412.060670][  T965] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  412.070984][  T965] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  412.084237][  T965] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  412.093475][  T965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.068902][ T5873] usb 5-1: USB disconnect, device number 16
[  413.469405][T10408] (syz.1.1113,10408,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  413.810535][  T965] usb 3-1: usb_control_msg returned -71
[  413.816174][  T965] usbtmc 3-1:16.0: can't read capabilities
[  413.838212][  T965] usb 3-1: USB disconnect, device number 30
[  415.827115][T10425] overlayfs: failed to resolve './file0': -2
[  417.702975][T10466] netlink: 'syz.5.1128': attribute type 4 has an invalid length.
[  417.815595][T10469] netlink: 'syz.4.1127': attribute type 10 has an invalid length.
[  417.890352][T10469] bond0: (slave bond_slave_0): Releasing backup interface
[  418.514152][T10478] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1130'.
[  418.703853][ T5905] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  418.926212][T10488] overlayfs: failed to resolve './file0': -2
[  418.952869][ T5905] usb 5-1: Using ep0 maxpacket: 16
[  418.964205][ T5905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  418.976233][ T5905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.005019][T10492] netlink: 'syz.3.1136': attribute type 10 has an invalid length.
[  419.016511][ T5905] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  419.045279][ T5905] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  419.054936][ T5905] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.098409][ T5905] usb 5-1: config 0 descriptor??
[  419.164982][T10492] team0: Failed to send options change via netlink (err -105)
[  419.173464][T10492] team0: Port device netdevsim0 added
[  419.179201][T10490] netlink: 'syz.3.1136': attribute type 10 has an invalid length.
[  419.228500][T10490] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  419.245341][T10490] team0: Failed to send options change via netlink (err -105)
[  419.261741][T10490] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  419.355159][T10500] netlink: 'syz.1.1137': attribute type 10 has an invalid length.
[  419.363405][T10500] netlink: 210880 bytes leftover after parsing attributes in process `syz.1.1137'.
[  419.373525][T10490] team0: Port device netdevsim0 removed
[  419.414886][T10490] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  420.511234][ T5905] koneplus 0003:1E7D:2E22.0012: unknown main item tag 0x0
[  420.610711][ T5905] koneplus 0003:1E7D:2E22.0012: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.4-1/input0
[  421.611793][T10511] netlink: 'syz.5.1140': attribute type 4 has an invalid length.
[  421.664899][T10514] (syz.2.1139,10514,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  422.623617][T10513] netlink: 'syz.1.1141': attribute type 10 has an invalid length.
[  423.544034][ T5905] koneplus 0003:1E7D:2E22.0012: couldn't init struct koneplus_device
[  423.552815][ T5905] koneplus 0003:1E7D:2E22.0012: couldn't install mouse
[  423.562068][ T5905] koneplus 0003:1E7D:2E22.0012: probe with driver koneplus failed with error -71
[  423.573855][ T5905] usb 5-1: USB disconnect, device number 17
[  423.779986][T10540] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1148'.
[  425.154538][T10556] tmpfs: Bad value for 'mpol'
[  427.025994][T10580] tmpfs: Bad value for 'mpol'
[  427.267418][T10544] syz.2.1150: vmalloc error: size 3268608, failed to allocated page array size 6384, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  427.285312][T10544] CPU: 0 UID: 0 PID: 10544 Comm: syz.2.1150 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  427.296096][T10544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  427.306170][T10544] Call Trace:
[  427.309450][T10544]  <TASK>
[  427.312384][T10544]  dump_stack_lvl+0x16c/0x1f0
[  427.317072][T10544]  warn_alloc+0x24d/0x3a0
[  427.321417][T10544]  ? __pfx_warn_alloc+0x10/0x10
[  427.326297][T10544]  ? __get_vm_area_node+0x190/0x2d0
[  427.331510][T10544]  ? __get_vm_area_node+0x1bc/0x2d0
[  427.336723][T10544]  __vmalloc_node_range_noprof+0x114a/0x15a0
[  427.342720][T10544]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  427.348917][T10544]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  427.355262][T10544]  ? __get_vm_area_node+0x190/0x2d0
[  427.360511][T10544]  ? __get_vm_area_node+0x1bc/0x2d0
[  427.365729][T10544]  __vmalloc_node_range_noprof+0xd85/0x15a0
[  427.371641][T10544]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  427.377808][T10544]  ? __mutex_trylock_common+0xea/0x250
[  427.383268][T10544]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  427.389420][T10544]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  427.395736][T10544]  ? rcu_is_watching+0x12/0xc0
[  427.400492][T10544]  ? rcu_is_watching+0x12/0xc0
[  427.405242][T10544]  ? trace_kmalloc+0x2d/0xe0
[  427.409818][T10544]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  427.415523][T10544]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  427.421665][T10544]  __kvmalloc_node_noprof+0x14f/0x1a0
[  427.427030][T10544]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  427.433178][T10544]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  427.439149][T10544]  vivid_update_format_cap+0x127b/0x2530
[  427.444781][T10544]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  427.450759][T10544]  ? v4l2_match_dv_timings+0x1df/0x1010
[  427.456300][T10544]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[  427.462014][T10544]  vidioc_s_dv_timings+0xa5/0xc0
[  427.466936][T10544]  ? v4l_stub_s_dv_timings+0x1b/0x60
[  427.472228][T10544]  __video_do_ioctl+0xaf0/0xf00
[  427.477067][T10544]  ? __pfx___video_do_ioctl+0x10/0x10
[  427.482424][T10544]  ? __might_fault+0xe3/0x190
[  427.487103][T10544]  video_usercopy+0x4ce/0x1600
[  427.491872][T10544]  ? __pfx___video_do_ioctl+0x10/0x10
[  427.497230][T10544]  ? __pfx_video_usercopy+0x10/0x10
[  427.502443][T10544]  v4l2_ioctl+0x1ba/0x250
[  427.506756][T10544]  ? __pfx_v4l2_ioctl+0x10/0x10
[  427.511606][T10544]  __x64_sys_ioctl+0x18f/0x220
[  427.516359][T10544]  do_syscall_64+0xcd/0x250
[  427.520853][T10544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.526738][T10544] RIP: 0033:0x7fa0f337e719
[  427.531154][T10544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.550751][T10544] RSP: 002b:00007fa0f4140038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  427.559152][T10544] RAX: ffffffffffffffda RBX: 00007fa0f3535f80 RCX: 00007fa0f337e719
[  427.567113][T10544] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[  427.575070][T10544] RBP: 00007fa0f33f139e R08: 0000000000000000 R09: 0000000000000000
[  427.583024][T10544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  427.590978][T10544] R13: 0000000000000000 R14: 00007fa0f3535f80 R15: 00007ffe412781f8
[  427.598942][T10544]  </TASK>
[  427.602038][    C0] vkms_vblank_simulate: vblank timer overrun
[  427.636785][T10544] Mem-Info:
[  427.639936][T10544] active_anon:7598 inactive_anon:1 isolated_anon:0
[  427.639936][T10544]  active_file:14089 inactive_file:39026 isolated_file:0
[  427.639936][T10544]  unevictable:768 dirty:314 writeback:0
[  427.639936][T10544]  slab_reclaimable:7857 slab_unreclaimable:101060
[  427.639936][T10544]  mapped:25477 shmem:4907 pagetables:751
[  427.639936][T10544]  sec_pagetables:0 bounce:0
[  427.639936][T10544]  kernel_misc_reclaimable:0
[  427.639936][T10544]  free:1279019 free_pcp:3507 free_cma:0
[  427.685075][    C0] vkms_vblank_simulate: vblank timer overrun
[  427.760593][T10544] Node 0 active_anon:39592kB inactive_anon:4kB active_file:56356kB inactive_file:156032kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111108kB dirty:1252kB writeback:0kB shmem:27192kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11212kB pagetables:3004kB sec_pagetables:0kB all_unreclaimable? no
[  427.793746][T10594] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1163'.
[  427.798832][T10544] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  427.832947][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.326575][   T29] audit: type=1400 audit(1730766251.245:730): avc:  denied  { write } for  pid=10587 comm="syz.5.1161" path="socket:[27040]" dev="sockfs" ino=27040 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  428.333554][T10544] Node 0 
[  428.352573][   T29] audit: type=1400 audit(1730766251.245:731): avc:  denied  { accept } for  pid=10587 comm="syz.5.1161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  428.392998][T10544] DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  428.470343][T10544] lowmem_reserve[]: 0 2461 2461 0 0
[  428.483591][T10544] Node 0 DMA32 free:1196284kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:28104kB inactive_anon:4kB active_file:56356kB inactive_file:155720kB unevictable:1536kB writepending:1268kB present:3129332kB managed:2549172kB mlocked:0kB bounce:0kB free_pcp:8248kB local_pcp:400kB free_cma:0kB
[  428.534508][T10544] lowmem_reserve[]: 0 0 0 0 0
[  428.539996][T10544] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  428.710234][T10544] lowmem_reserve[]: 0 0 0 0 0
[  428.715149][T10544] Node 1 Normal free:3912484kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  428.743910][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.830643][ T5873] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  428.889652][T10544] lowmem_reserve[]: 0 0 0 0 0
[  428.894692][T10544] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  428.907476][T10544] Node 0 DMA32: 2*4kB (UE) 54*8kB (UE) 349*16kB (UME) 226*32kB (ME) 352*64kB (UME) 92*128kB (UME) 59*256kB (UME) 28*512kB (UME) 11*1024kB (UME) 7*2048kB (ME) 264*4096kB (M) = 1183944kB
[  428.926055][T10544] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  428.937646][T10544] Node 1 Normal: 177*4kB (UME) 44*8kB (UME) 40*16kB (UME) 184*32kB (UME) 88*64kB (UME) 27*128kB (UME) 10*256kB (UM) 6*512kB (UM) 3*1024kB (UM) 2*2048kB (U) 948*4096kB (UME) = 3912484kB
[  428.956340][T10544] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  428.966849][T10544] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  428.976251][T10544] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  428.985874][T10544] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  428.995272][T10544] 60300 total pagecache pages
[  428.999987][T10544] 1 pages in swap cache
[  429.004192][T10544] Free swap  = 124472kB
[  429.008420][T10544] Total swap = 124996kB
[  429.012665][T10544] 2097051 pages RAM
[  429.016514][T10544] 0 pages HighMem/MovableOnly
[  429.039021][T10544] 428036 pages reserved
[  429.046885][T10544] 0 pages cma reserved
[  429.191393][T10623] FAULT_INJECTION: forcing a failure.
[  429.191393][T10623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.204793][T10623] CPU: 0 UID: 0 PID: 10623 Comm: syz.1.1170 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  429.215569][T10623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  429.225638][T10623] Call Trace:
[  429.228926][T10623]  <TASK>
[  429.231861][T10623]  dump_stack_lvl+0x16c/0x1f0
[  429.236552][T10623]  should_fail_ex+0x497/0x5b0
[  429.241245][T10623]  _copy_to_user+0x32/0xd0
[  429.245684][T10623]  snd_pcm_oss_read2+0x292/0x3e0
[  429.250641][T10623]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  429.256116][T10623]  ? snd_pcm_kernel_ioctl+0x257/0x2d0
[  429.261509][T10623]  snd_pcm_oss_read+0x5a3/0x750
[  429.266382][T10623]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  429.271767][T10623]  vfs_read+0x1df/0xbe0
[  429.275934][T10623]  ? __fget_files+0x23a/0x3f0
[  429.280618][T10623]  ? __pfx_lock_release+0x10/0x10
[  429.285636][T10623]  ? trace_lock_acquire+0x14a/0x1d0
[  429.290825][T10623]  ? __pfx_vfs_read+0x10/0x10
[  429.295491][T10623]  ? lock_acquire+0x2f/0xb0
[  429.299981][T10623]  ? __fget_files+0x40/0x3f0
[  429.304822][T10623]  ? __fget_files+0x244/0x3f0
[  429.309490][T10623]  ksys_read+0x12f/0x260
[  429.313728][T10623]  ? __pfx_ksys_read+0x10/0x10
[  429.318482][T10623]  ? trace_csd_function_exit+0x173/0x1f0
[  429.324100][T10623]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  429.329730][T10623]  do_syscall_64+0xcd/0x250
[  429.334220][T10623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.340186][T10623] RIP: 0033:0x7fb0c0d7e719
[  429.344589][T10623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.364186][T10623] RSP: 002b:00007fb0c1bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  429.372586][T10623] RAX: ffffffffffffffda RBX: 00007fb0c0f35f80 RCX: 00007fb0c0d7e719
[  429.380539][T10623] RDX: 00000000200021d5 RSI: 00000000200011c0 RDI: 0000000000000004
[  429.388493][T10623] RBP: 00007fb0c1bd5090 R08: 0000000000000000 R09: 0000000000000000
[  429.396447][T10623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.404400][T10623] R13: 0000000000000000 R14: 00007fb0c0f35f80 R15: 00007ffe056be678
[  429.412363][T10623]  </TASK>
[  429.415443][    C0] vkms_vblank_simulate: vblank timer overrun
[  429.650464][ T5873] usb 4-1: Using ep0 maxpacket: 32
[  429.750160][ T5873] usb 4-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=1a.51
[  429.759380][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.770776][ T5873] usb 4-1: Product: syz
[  429.774955][ T5873] usb 4-1: Manufacturer: syz
[  429.820575][ T5873] usb 4-1: SerialNumber: syz
[  429.858376][ T5873] usb 4-1: config 0 descriptor??
[  429.878516][ T5873] gspca_main: sn9c2028-2.14.0 probing 0458:7005
[  430.082204][   T29] audit: type=1400 audit(1730766253.355:732): avc:  denied  { ioctl } for  pid=10611 comm="syz.3.1167" path="socket:[27896]" dev="sockfs" ino=27896 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  430.083562][T10612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  430.204474][T10612] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  430.263817][ T5873] gspca_sn9c2028: read1 error -71
[  430.280596][ T5873] gspca_sn9c2028: read1 error -71
[  430.296023][ T5873] gspca_sn9c2028: read1 error -71
[  430.302475][ T5873] sn9c2028 4-1:0.0: probe with driver sn9c2028 failed with error -71
[  430.348004][ T5873] usb 4-1: USB disconnect, device number 10
[  431.056063][T10643] netlink: 'syz.4.1177': attribute type 9 has an invalid length.
[  431.067612][T10643] netlink: 134636 bytes leftover after parsing attributes in process `syz.4.1177'.
[  431.776648][T10646] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1178'.
[  431.807771][T10650] bond2 (unregistering): Released all slaves
[  434.334364][T10677] FAULT_INJECTION: forcing a failure.
[  434.334364][T10677] name failslab, interval 1, probability 0, space 0, times 0
[  434.347057][T10677] CPU: 1 UID: 0 PID: 10677 Comm: syz.4.1185 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  434.357817][T10677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  434.367867][T10677] Call Trace:
[  434.371140][T10677]  <TASK>
[  434.374067][T10677]  dump_stack_lvl+0x16c/0x1f0
[  434.378745][T10677]  should_fail_ex+0x497/0x5b0
[  434.383421][T10677]  ? fs_reclaim_acquire+0xae/0x150
[  434.388537][T10677]  should_failslab+0xc2/0x120
[  434.393214][T10677]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  434.398602][T10677]  ? skb_clone+0x190/0x3f0
[  434.403021][T10677]  skb_clone+0x190/0x3f0
[  434.407265][T10677]  nfnetlink_rcv_batch+0x1d9/0x24e0
[  434.412478][T10677]  ? find_held_lock+0x2d/0x110
[  434.417247][T10677]  ? __pfx_lock_release+0x10/0x10
[  434.422267][T10677]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  434.427907][T10677]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  434.433718][T10677]  ? lockdep_hardirqs_on+0x7c/0x110
[  434.438921][T10677]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  434.444755][T10677]  ? avc_has_perm_noaudit+0x143/0x3a0
[  434.450131][T10677]  ? __asan_memset+0x23/0x50
[  434.454715][T10677]  ? __nla_validate_parse+0x601/0x2880
[  434.460182][T10677]  ? find_held_lock+0x2d/0x110
[  434.464949][T10677]  ? __pfx___nla_validate_parse+0x10/0x10
[  434.470677][T10677]  ? rcu_preempt_deferred_qs_irqrestore+0x505/0xb80
[  434.477273][T10677]  ? __pfx_lock_release+0x10/0x10
[  434.482294][T10677]  ? cap_capable+0x1cf/0x240
[  434.486891][T10677]  ? __nla_parse+0x40/0x60
[  434.491308][T10677]  nfnetlink_rcv+0x3c3/0x430
[  434.495909][T10677]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  434.501035][T10677]  netlink_unicast+0x53c/0x7f0
[  434.505830][T10677]  ? __pfx_netlink_unicast+0x10/0x10
[  434.511129][T10677]  netlink_sendmsg+0x8b8/0xd70
[  434.515897][T10677]  ? __pfx_netlink_sendmsg+0x10/0x10
[  434.521187][T10677]  ____sys_sendmsg+0xaaf/0xc90
[  434.525974][T10677]  ? copy_msghdr_from_user+0x10b/0x160
[  434.531453][T10677]  ? __pfx_____sys_sendmsg+0x10/0x10
[  434.536751][T10677]  ? __pfx___lock_acquire+0x10/0x10
[  434.541963][T10677]  ___sys_sendmsg+0x135/0x1e0
[  434.546672][T10677]  ? __pfx____sys_sendmsg+0x10/0x10
[  434.552353][T10677]  ? lock_acquire+0x2f/0xb0
[  434.556893][T10677]  ? __fget_files+0x40/0x3f0
[  434.561539][T10677]  ? fdget+0x176/0x210
[  434.565652][T10677]  __sys_sendmsg+0x117/0x1f0
[  434.570253][T10677]  ? __pfx___sys_sendmsg+0x10/0x10
[  434.575385][T10677]  do_syscall_64+0xcd/0x250
[  434.579889][T10677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.585796][T10677] RIP: 0033:0x7f30c457e719
[  434.590232][T10677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.609858][T10677] RSP: 002b:00007f30c29f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  434.618293][T10677] RAX: ffffffffffffffda RBX: 00007f30c4736130 RCX: 00007f30c457e719
[  434.626280][T10677] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[  434.634257][T10677] RBP: 00007f30c29f6090 R08: 0000000000000000 R09: 0000000000000000
[  434.642220][T10677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.650177][T10677] R13: 0000000000000000 R14: 00007f30c4736130 R15: 00007fff491e7a88
[  434.658158][T10677]  </TASK>
[  434.785522][T10682] overlayfs: failed to resolve './file0': -2
[  434.866554][   T29] audit: type=1400 audit(1730766258.135:733): avc:  denied  { bind } for  pid=10683 comm="syz.5.1188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  435.082829][T10686] overlayfs: failed to resolve './file0': -2
[  435.297654][   T29] audit: type=1400 audit(1730766258.565:734): avc:  denied  { mount } for  pid=10688 comm="syz.4.1190" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  435.360303][   T29] audit: type=1400 audit(1730766258.565:735): avc:  denied  { setopt } for  pid=10688 comm="syz.4.1190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  435.405961][   T29] audit: type=1400 audit(1730766258.565:736): avc:  denied  { write } for  pid=10688 comm="syz.4.1190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  436.090481][ T5906] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  436.220249][   T29] audit: type=1400 audit(1730766259.485:737): avc:  denied  { watch } for  pid=10688 comm="syz.4.1190" path="/120/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[  436.223510][T10694] infiniband syz0: set active
[  436.297677][ T5906] usb 2-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99
[  436.318573][T10694] infiniband syz0: added syz_tun
[  436.422536][ T5906] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.422562][ T5906] usb 2-1: Product: syz
[  436.422577][ T5906] usb 2-1: Manufacturer: syz
[  436.422591][ T5906] usb 2-1: SerialNumber: syz
[  436.424757][ T5906] usb 2-1: config 0 descriptor??
[  436.930593][   T29] audit: type=1400 audit(1730766259.795:738): avc:  denied  { module_request } for  pid=10713 comm="syz.3.1196" kmod="net-pf-10-proto-10-type-5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  437.039509][T10694] RDS/IB: syz0: added
[  437.039658][T10694] smc: adding ib device syz0 with port count 1
[  437.039696][T10694] smc:    ib device syz0 port 1 has pnetid 
[  437.140705][ T5906] rtsx_usb 2-1:0.0: probe with driver rtsx_usb failed with error -22
[  438.407301][ T5872] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  438.540719][  T965] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  438.651347][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.708276][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.816393][ T5872] usb 6-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  438.825582][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.853884][ T5906] usb 2-1: USB disconnect, device number 22
[  438.860707][ T5872] usb 6-1: config 0 descriptor??
[  439.015826][  T965] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[  439.024113][  T965] usb 4-1: config 0 has no interface number 0
[  439.038409][  T965] usb 4-1: config 0 interface 50 has no altsetting 0
[  439.875990][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  439.882516][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  440.374989][  T965] usb 4-1: New USB device found, idVendor=19d2, idProduct=1075, bcdDevice=f4.d6
[  440.384397][  T965] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.392565][  T965] usb 4-1: Product: syz
[  440.396800][  T965] usb 4-1: Manufacturer: syz
[  440.401557][  T965] usb 4-1: SerialNumber: syz
[  440.465848][T10747] tmpfs: Bad value for 'mpol'
[  440.998659][  T965] usb 4-1: config 0 descriptor??
[  441.229073][  T965] option 4-1:0.50: GSM modem (1-port) converter detected
[  441.251358][  T965] usb 4-1: USB disconnect, device number 11
[  441.258115][  T965] option 4-1:0.50: device disconnected
[  441.287843][ T5872] usbhid 6-1:0.0: can't add hid device: -71
[  441.294025][ T5872] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  441.336352][ T5872] usb 6-1: USB disconnect, device number 13
[  442.215491][T10760] overlayfs: failed to resolve './file0': -2
[  442.290302][T10763] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  442.299234][T10763] PKCS7: Only support pkcs7_signedData type
[  442.492898][   T29] audit: type=1400 audit(1730766265.765:739): avc:  denied  { unmount } for  pid=7961 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  444.709328][T10744] warn_alloc: 3 callbacks suppressed
[  444.709346][T10744] syz.1.1204: vmalloc error: size 3268608, failed to allocated page array size 6384, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  444.746945][T10744] CPU: 0 UID: 0 PID: 10744 Comm: syz.1.1204 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  444.757744][T10744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  444.767813][T10744] Call Trace:
[  444.771101][T10744]  <TASK>
[  444.774033][T10744]  dump_stack_lvl+0x16c/0x1f0
[  444.778723][T10744]  warn_alloc+0x24d/0x3a0
[  444.783065][T10744]  ? __pfx_warn_alloc+0x10/0x10
[  444.787939][T10744]  ? __get_vm_area_node+0x190/0x2d0
[  444.793143][T10744]  ? __get_vm_area_node+0x1bc/0x2d0
[  444.798352][T10744]  __vmalloc_node_range_noprof+0x114a/0x15a0
[  444.804349][T10744]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  444.810522][T10744]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  444.816868][T10744]  ? __get_vm_area_node+0x190/0x2d0
[  444.822072][T10744]  ? __get_vm_area_node+0x1bc/0x2d0
[  444.827286][T10744]  __vmalloc_node_range_noprof+0xd85/0x15a0
[  444.833175][T10744]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  444.839315][T10744]  ? __mutex_trylock_common+0xea/0x250
[  444.844755][T10744]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  444.850890][T10744]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  444.857192][T10744]  ? rcu_is_watching+0x12/0xc0
[  444.861934][T10744]  ? rcu_is_watching+0x12/0xc0
[  444.866671][T10744]  ? trace_kmalloc+0x2d/0xe0
[  444.871237][T10744]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  444.876934][T10744]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  444.883067][T10744]  __kvmalloc_node_noprof+0x14f/0x1a0
[  444.888415][T10744]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  444.894545][T10744]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  444.900507][T10744]  vivid_update_format_cap+0x127b/0x2530
[  444.906120][T10744]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  444.912077][T10744]  ? v4l2_match_dv_timings+0x1df/0x1010
[  444.917612][T10744]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[  444.923314][T10744]  vidioc_s_dv_timings+0xa5/0xc0
[  444.928234][T10744]  ? v4l_stub_s_dv_timings+0x1b/0x60
[  444.933496][T10744]  __video_do_ioctl+0xaf0/0xf00
[  444.938340][T10744]  ? __pfx___video_do_ioctl+0x10/0x10
[  444.943699][T10744]  ? __might_fault+0xe3/0x190
[  444.948360][T10744]  video_usercopy+0x4ce/0x1600
[  444.953121][T10744]  ? __pfx___video_do_ioctl+0x10/0x10
[  444.958493][T10744]  ? __pfx_video_usercopy+0x10/0x10
[  444.963690][T10744]  v4l2_ioctl+0x1ba/0x250
[  444.967998][T10744]  ? __pfx_v4l2_ioctl+0x10/0x10
[  444.972823][T10744]  __x64_sys_ioctl+0x18f/0x220
[  444.977566][T10744]  do_syscall_64+0xcd/0x250
[  444.982046][T10744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.987917][T10744] RIP: 0033:0x7fb0c0d7e719
[  444.992364][T10744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.011963][T10744] RSP: 002b:00007fb0c1bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  445.020365][T10744] RAX: ffffffffffffffda RBX: 00007fb0c0f35f80 RCX: 00007fb0c0d7e719
[  445.028320][T10744] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[  445.036282][T10744] RBP: 00007fb0c0df139e R08: 0000000000000000 R09: 0000000000000000
[  445.044248][T10744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  445.052209][T10744] R13: 0000000000000000 R14: 00007fb0c0f35f80 R15: 00007ffe056be678
[  445.060172][T10744]  </TASK>
[  445.063249][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.218792][T10744] Mem-Info:
[  445.222073][T10744] active_anon:11777 inactive_anon:1 isolated_anon:0
[  445.222073][T10744]  active_file:14089 inactive_file:39032 isolated_file:0
[  445.222073][T10744]  unevictable:768 dirty:228 writeback:0
[  445.222073][T10744]  slab_reclaimable:7787 slab_unreclaimable:103452
[  445.222073][T10744]  mapped:30205 shmem:9055 pagetables:796
[  445.222073][T10744]  sec_pagetables:0 bounce:0
[  445.222073][T10744]  kernel_misc_reclaimable:0
[  445.222073][T10744]  free:1274303 free_pcp:1767 free_cma:0
[  445.269190][T10744] Node 0 active_anon:47108kB inactive_anon:4kB active_file:56356kB inactive_file:156056kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120820kB dirty:908kB writeback:0kB shmem:34684kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11148kB pagetables:3184kB sec_pagetables:0kB all_unreclaimable? no
[  445.300519][   T29] audit: type=1400 audit(1730766268.515:740): avc:  denied  { create } for  pid=10787 comm="syz.3.1216" name="#f" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  445.301814][T10744] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  445.323566][   T29] audit: type=1400 audit(1730766268.515:741): avc:  denied  { link } for  pid=10787 comm="syz.3.1216" name="#f" dev="tmpfs" ino=1510 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  445.351972][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.352241][T10744] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  445.352303][T10744] lowmem_reserve[]: 0 2461 2461 0 0
[  445.352345][T10744] Node 0 DMA32 free:1171488kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:45168kB inactive_anon:4kB active_file:56356kB inactive_file:155740kB unevictable:1536kB writepending:908kB present:3129332kB managed:2549172kB mlocked:0kB bounce:0kB free_pcp:7288kB local_pcp:4588kB free_cma:0kB
[  445.444242][T10744] lowmem_reserve[]: 0 0 0 0 0
[  445.448938][T10744] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  445.475874][T10744] lowmem_reserve[]: 0 0 0 0 0
[  445.480714][T10744] Node 1 Normal free:3912484kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  445.494143][   T29] audit: type=1400 audit(1730766268.515:742): avc:  denied  { rename } for  pid=10787 comm="syz.3.1216" name="#10" dev="tmpfs" ino=1510 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  445.509479][T10744] lowmem_reserve[]: 0 0 0 0 0
[  445.509525][T10744] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  445.549987][T10744] Node 0 DMA32: 910*4kB (UME) 666*8kB (UME) 275*16kB (UME) 282*32kB (UME) 188*64kB (UME) 93*128kB (UME) 64*256kB (UME) 34*512kB (UME) 12*1024kB (UME) 7*2048kB (ME) 261*4096kB (UM) = 1175800kB
[  445.569480][T10744] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  445.581130][T10744] Node 1 Normal: 177*4kB (UME) 44*8kB (UME) 40*16kB (UME) 184*32kB (UME) 88*64kB (UME) 27*128kB (UME) 10*256kB (UM) 6*512kB (UM) 3*1024kB (UM) 2*2048kB (U) 948*4096kB (UME) = 3912484kB
[  445.599603][T10744] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  445.609256][T10744] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  445.618581][T10744] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  445.628238][T10744] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  445.637601][T10744] 60761 total pagecache pages
[  445.642337][T10744] 1 pages in swap cache
[  445.646484][T10744] Free swap  = 124436kB
[  445.651033][T10744] Total swap = 124996kB
[  445.655193][T10744] 2097051 pages RAM
[  445.658996][T10744] 0 pages HighMem/MovableOnly
[  445.663980][T10744] 428036 pages reserved
[  445.668141][T10744] 0 pages cma reserved
[  445.718840][   T29] audit: type=1400 audit(1730766268.525:743): avc:  denied  { remount } for  pid=10787 comm="syz.3.1216" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  446.487958][T10802] (syz.2.1219,10802,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  448.101685][T10808] overlayfs: failed to resolve './file0': -2
[  449.575122][T10828] tmpfs: Bad value for 'mpol'
[  450.610652][ T5906] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  450.699425][T10838] netlink: 'syz.5.1229': attribute type 10 has an invalid length.
[  450.882513][T10840] netlink: 'syz.3.1230': attribute type 4 has an invalid length.
[  450.932146][ T5906] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  450.943329][ T5906] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  451.640409][ T5906] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  451.649749][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.841068][T10826] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  452.560360][T10851] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1229'.
[  452.564093][ T5906] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  452.603772][ T5906] usb 3-1: USB disconnect, device number 31
[  452.661753][   T29] audit: type=1400 audit(1730766275.935:744): avc:  denied  { override_creds } for  pid=10837 comm="syz.5.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  452.672285][T10851] netlink: 272 bytes leftover after parsing attributes in process `syz.5.1229'.
[  452.707390][T10851] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1229'.
[  452.815390][   T29] audit: type=1400 audit(1730766276.085:745): avc:  denied  { sqpoll } for  pid=10837 comm="syz.5.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  454.931249][T10893] netlink: 'syz.4.1242': attribute type 10 has an invalid length.
[  454.939210][T10893] netlink: 210880 bytes leftover after parsing attributes in process `syz.4.1242'.
[  456.140416][ T5872] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  456.249843][T10905] netlink: 'syz.5.1246': attribute type 10 has an invalid length.
[  456.258047][T10905] netlink: 210880 bytes leftover after parsing attributes in process `syz.5.1246'.
[  456.368615][T10904] netlink: 'syz.1.1247': attribute type 9 has an invalid length.
[  456.440148][T10904] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1247'.
[  457.250627][ T5872] usb 5-1: Using ep0 maxpacket: 8
[  457.463595][ T5872] usb 5-1: config 0 has no interfaces?
[  457.469360][ T5872] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  457.553860][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.641146][ T5872] usb 5-1: config 0 descriptor??
[  458.662765][ T5872] usb 5-1: string descriptor 0 read error: -71
[  458.693306][ T5872] usb 5-1: USB disconnect, device number 18
[  458.772252][   T29] audit: type=1400 audit(1730766282.045:746): avc:  denied  { create } for  pid=10941 comm="syz.2.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  458.792689][    C0] vkms_vblank_simulate: vblank timer overrun
[  458.834133][   T29] audit: type=1400 audit(1730766282.095:747): avc:  denied  { write } for  pid=10941 comm="syz.2.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  458.888392][   T29] audit: type=1400 audit(1730766282.095:748): avc:  denied  { nlmsg_read } for  pid=10941 comm="syz.2.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  459.640598][  T965] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  459.844278][  T965] usb 5-1: config 0 has an invalid interface number: 50 but max is 0
[  459.853504][  T965] usb 5-1: config 0 has no interface number 0
[  459.859705][  T965] usb 5-1: config 0 interface 50 has no altsetting 0
[  459.969410][T10960] (syz.5.1263,10960,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  460.066565][  T965] usb 5-1: New USB device found, idVendor=19d2, idProduct=1075, bcdDevice=f4.d6
[  460.154939][  T965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.273096][  T965] usb 5-1: Product: syz
[  460.336437][  T965] usb 5-1: Manufacturer: syz
[  460.373038][  T965] usb 5-1: SerialNumber: syz
[  460.413736][  T965] usb 5-1: config 0 descriptor??
[  460.654122][T10948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  460.663249][T10948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  460.876418][  T965] option 5-1:0.50: GSM modem (1-port) converter detected
[  460.893930][  T965] usb 5-1: USB disconnect, device number 19
[  460.910584][  T965] option 5-1:0.50: device disconnected
[  461.908411][T10980] netlink: 'syz.2.1268': attribute type 10 has an invalid length.
[  462.244583][T10980] bond0: (slave bond_slave_0): Releasing backup interface
[  463.399564][T10997] PKCS7: Unknown OID: [4] 5.25.43183.11314.97.496.3.846527319083.2007.15776
[  463.472848][T10997] PKCS7: Only support pkcs7_signedData type
[  468.133220][T11036] netlink: 'syz.2.1282': attribute type 10 has an invalid length.
[  468.300889][   T29] audit: type=1400 audit(1730766291.575:749): avc:  denied  { write } for  pid=11032 comm="syz.1.1283" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  468.357207][   T29] audit: type=1400 audit(1730766291.575:750): avc:  denied  { getopt } for  pid=11032 comm="syz.1.1283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  468.470752][ T5905] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  468.594304][ T5906] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  468.678382][ T5905] usb 3-1: config 0 has an invalid interface number: 50 but max is 0
[  468.758696][ T5905] usb 3-1: config 0 has no interface number 0
[  468.767051][ T5905] usb 3-1: config 0 interface 50 has no altsetting 0
[  468.807484][ T5905] usb 3-1: New USB device found, idVendor=19d2, idProduct=1075, bcdDevice=f4.d6
[  468.817711][ T5905] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.827004][ T5905] usb 3-1: Product: syz
[  468.832358][ T5905] usb 3-1: Manufacturer: syz
[  468.838092][ T5905] usb 3-1: SerialNumber: syz
[  469.086276][ T5905] usb 3-1: config 0 descriptor??
[  469.244295][ T5906] usb 6-1: config index 0 descriptor too short (expected 147, got 72)
[  469.254379][ T5906] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  469.310623][ T5906] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.327987][ T5906] usb 6-1: Product: syz
[  469.513739][ T5906] usb 6-1: Manufacturer: syz
[  469.518401][ T5906] usb 6-1: SerialNumber: syz
[  469.527391][ T5906] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  469.755705][   T25] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  470.521684][ T5905] option 3-1:0.50: GSM modem (1-port) converter detected
[  470.530472][ T5905] usb 3-1: USB disconnect, device number 32
[  470.537555][ T5905] option 3-1:0.50: device disconnected
[  470.694761][T11081] netlink: 'syz.4.1295': attribute type 4 has an invalid length.
[  470.710648][T11081] netlink: 'syz.4.1295': attribute type 4 has an invalid length.
[  470.806757][T11059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  470.817666][T11059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  470.876532][ T5872] usb 6-1: USB disconnect, device number 14
[  471.485584][   T25] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  471.512379][T11090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1298'.
[  471.530044][   T25] ath9k_htc: Failed to initialize the device
[  471.543226][ T5872] usb 6-1: ath9k_htc: USB layer deinitialized
[  471.588159][T11090] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1137 sclass=netlink_route_socket pid=11090 comm=syz.1.1298
[  471.712357][T11100] FAULT_INJECTION: forcing a failure.
[  471.712357][T11100] name failslab, interval 1, probability 0, space 0, times 0
[  471.739598][T11100] CPU: 0 UID: 0 PID: 11100 Comm: syz.2.1302 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  471.750409][T11100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  471.760476][T11100] Call Trace:
[  471.763758][T11100]  <TASK>
[  471.766692][T11100]  dump_stack_lvl+0x16c/0x1f0
[  471.771389][T11100]  should_fail_ex+0x497/0x5b0
[  471.776087][T11100]  ? fs_reclaim_acquire+0xae/0x150
[  471.781225][T11100]  should_failslab+0xc2/0x120
[  471.785913][T11100]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  471.791295][T11100]  ? ptlock_alloc+0x1f/0x70
[  471.795820][T11100]  ptlock_alloc+0x1f/0x70
[  471.800158][T11100]  pte_alloc_one+0x74/0x390
[  471.804675][T11100]  __pte_alloc+0x6e/0x3b0
[  471.809026][T11100]  ? __pfx___pte_alloc+0x10/0x10
[  471.813952][T11100]  ? find_held_lock+0x2d/0x110
[  471.818696][T11100]  do_pte_missing+0x280b/0x3e70
[  471.823533][T11100]  __handle_mm_fault+0x100a/0x2a10
[  471.828637][T11100]  ? __pfx_mt_find+0x10/0x10
[  471.833215][T11100]  ? hlock_class+0x4e/0x130
[  471.837699][T11100]  ? __pfx___handle_mm_fault+0x10/0x10
[  471.843155][T11100]  handle_mm_fault+0x3fa/0xaa0
[  471.847900][T11100]  __get_user_pages+0x8d9/0x3b50
[  471.852829][T11100]  ? __pfx___get_user_pages+0x10/0x10
[  471.858210][T11100]  ? down_read_killable+0xcc/0x380
[  471.863311][T11100]  ? __pfx_down_read_killable+0x10/0x10
[  471.868857][T11100]  ? __pfx_mark_lock+0x10/0x10
[  471.873607][T11100]  ? hlock_class+0x4e/0x130
[  471.878105][T11100]  __gup_longterm_locked+0x639/0x1b90
[  471.883466][T11100]  ? __pfx___gup_longterm_locked+0x10/0x10
[  471.889250][T11100]  ? sanity_check_pinned_pages+0x23/0x11c0
[  471.895046][T11100]  gup_fast_fallback+0x1802/0x2690
[  471.900138][T11100]  ? is_bpf_text_address+0x8a/0x1a0
[  471.905318][T11100]  ? __pfx_lock_release+0x10/0x10
[  471.910323][T11100]  ? __pfx_gup_fast_fallback+0x10/0x10
[  471.915761][T11100]  ? is_bpf_text_address+0x94/0x1a0
[  471.920942][T11100]  ? __kernel_text_address+0xd/0x40
[  471.926117][T11100]  ? unwind_get_return_address+0x59/0xa0
[  471.931076][T11090] ------------[ cut here ]------------
[  471.931721][T11100]  ? arch_stack_walk+0xa7/0x100
[  471.931845][T11100]  pin_user_pages_fast+0xa8/0x100
[  471.937485][T11090] platform vkms: [drm] vblank wait timed out on crtc 0
[  471.942282][T11100]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  471.942308][T11100]  ? stack_trace_save+0x95/0xd0
[  471.942327][T11100]  ? __pfx_stack_trace_save+0x10/0x10
[  471.942348][T11100]  pfn_reader_user_pin+0x637/0x7a0
[  471.948204][T11090] WARNING: CPU: 1 PID: 11090 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x334/0x550
[  471.954175][T11100]  iopt_pages_fill_xarray+0x353/0x8f0
[  471.954201][T11100]  ? iommufd_access_pin_pages+0x634/0xa10
[  471.954223][T11100]  ? iommufd_fops_ioctl+0x359/0x4f0
[  471.959847][T11090] Modules linked in:
[  471.964648][T11100]  ? __pfx_iopt_pages_fill_xarray+0x10/0x10
[  471.970217][T11090] 
[  471.975103][T11100]  iopt_area_add_access+0x1d3/0x380
[  471.975131][T11100]  iommufd_access_pin_pages+0x634/0xa10
[  471.975160][T11100]  ? __pfx_iommufd_access_pin_pages+0x10/0x10
[  471.975182][T11100]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  471.975213][T11100]  iommufd_test+0x2edd/0x4190
[  471.975246][T11100]  ? __pfx_iommufd_test+0x10/0x10
[  471.975272][T11100]  ? __pfx_lock_release+0x10/0x10
[  471.975289][T11100]  ? trace_lock_acquire+0x14a/0x1d0
[  471.975315][T11100]  ? lock_acquire+0x2f/0xb0
[  471.975331][T11100]  ? __might_fault+0xe3/0x190
[  471.985980][T11090] CPU: 1 UID: 0 PID: 11090 Comm: syz.1.1298 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  471.991226][T11100]  ? __might_fault+0xe3/0x190
[  471.996925][T11090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  472.002096][T11100]  iommufd_fops_ioctl+0x359/0x4f0
[  472.002119][T11100]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  472.005975][T11090] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  472.011832][T11100]  ? trace_lock_acquire+0x14a/0x1d0
[  472.011867][T11100]  ? selinux_file_ioctl+0x180/0x270
[  472.014155][T11090] Code: 85 ed 0f 84 54 01 00 00 e8 99 82 61 fc 4c 89 e7 e8 41 fa 86 00 89 e9 4c 89 ea 48 c7 c7 00 67 e7 8b 48 89 c6 e8 0d 74 22 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 6e 82 61 fc 90 48 8d 7b 08 48 b8 00
[  472.019320][T11100]  ? selinux_file_ioctl+0xb4/0x270
[  472.019342][T11100]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  472.019360][T11100]  __x64_sys_ioctl+0x18f/0x220
[  472.019384][T11100]  do_syscall_64+0xcd/0x250
[  472.019402][T11100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.019425][T11100] RIP: 0033:0x7fa0f337e719
[  472.019441][T11100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.024973][T11090] RSP: 0018:ffffc90004207b28 EFLAGS: 00010286
[  472.030986][T11100] RSP: 002b:00007fa0f4140038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  472.031007][T11100] RAX: ffffffffffffffda RBX: 00007fa0f3535f80 RCX: 00007fa0f337e719
[  472.031019][T11100] RDX: 0000000020000400 RSI: 0000000000003ba0 RDI: 0000000000000006
[  472.031030][T11100] RBP: 00007fa0f4140090 R08: 0000000000000000 R09: 0000000000000000
[  472.031041][T11100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  472.031052][T11100] R13: 0000000000000000 R14: 00007fa0f3535f80 R15: 00007ffe412781f8
[  472.031076][T11100]  </TASK>
[  472.031178][    C0] vkms_vblank_simulate: vblank timer overrun
[  472.253841][T11090] 
[  472.256178][T11090] RAX: 0000000000000000 RBX: ffff8880258a0000 RCX: ffffc9000b381000
[  472.264335][T11090] RDX: 0000000000040000 RSI: ffffffff814e6e86 RDI: 0000000000000001
[  472.272352][T11090] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  472.280601][T11090] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888142739010
[  472.288836][T11090] R13: ffff888140f11140 R14: 1ffff92000840f67 R15: 0000000000006d4b
[  472.296903][T11090] FS:  00007fb0c1bd56c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  472.305888][T11090] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  472.312512][T11090] CR2: 00007f4552753090 CR3: 0000000047262000 CR4: 00000000003526f0
[  472.320556][T11090] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  472.328558][T11090] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  472.336611][T11090] Call Trace:
[  472.339906][T11090]  <TASK>
[  472.342901][T11090]  ? __warn+0xea/0x3d0
[  472.347014][T11090]  ? preempt_schedule_notrace+0x62/0xe0
[  472.352624][T11090]  ? drm_wait_one_vblank+0x334/0x550
[  472.357937][T11090]  ? report_bug+0x3c0/0x580
[  472.362510][T11090]  ? handle_bug+0x54/0xa0
[  472.366864][T11090]  ? exc_invalid_op+0x17/0x50
[  472.371598][T11090]  ? asm_exc_invalid_op+0x1a/0x20
[  472.376880][T11090]  ? __warn_printk+0x1a6/0x350
[  472.381876][T11090]  ? drm_wait_one_vblank+0x334/0x550
[  472.387234][T11090]  ? drm_wait_one_vblank+0x333/0x550
[  472.388207][T11102] netlink: 'syz.5.1301': attribute type 10 has an invalid length.
[  472.392595][T11090]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  472.406045][T11090]  ? mark_held_locks+0x9f/0xe0
[  472.410854][T11090]  ? __pfx_autoremove_wake_function+0x10/0x10
[  472.416939][T11090]  ? lockdep_hardirqs_on+0x7c/0x110
[  472.422230][T11090]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  472.428073][T11090]  ? drm_vblank_get+0x150/0x280
[  472.433018][T11090]  drm_fb_helper_ioctl+0x156/0x1a0
[  472.438138][T11090]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  472.443887][T11090]  do_fb_ioctl+0x3d4/0x7d0
[  472.448329][T11090]  ? __pfx_do_fb_ioctl+0x10/0x10
[  472.453372][T11090]  ? do_vfs_ioctl+0x513/0x1990
[  472.458206][T11090]  ? selinux_file_ioctl+0x180/0x270
[  472.463496][T11090]  fb_ioctl+0xe5/0x150
[  472.467599][T11090]  ? __pfx_fb_ioctl+0x10/0x10
[  472.472346][T11090]  __x64_sys_ioctl+0x18f/0x220
[  472.477142][T11090]  do_syscall_64+0xcd/0x250
[  472.481959][T11090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.488131][T11090] RIP: 0033:0x7fb0c0d7e719
[  472.492619][T11090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.512415][T11090] RSP: 002b:00007fb0c1bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  472.520910][T11090] RAX: ffffffffffffffda RBX: 00007fb0c0f35f80 RCX: 00007fb0c0d7e719
[  472.528901][T11090] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 000000000000000d
[  472.536942][T11090] RBP: 00007fb0c0df139e R08: 0000000000000000 R09: 0000000000000000
[  472.544949][T11090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.552977][T11090] R13: 0000000000000000 R14: 00007fb0c0f35f80 R15: 00007ffe056be678
[  472.561008][T11090]  </TASK>
[  472.564041][T11090] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  472.571306][T11090] CPU: 1 UID: 0 PID: 11090 Comm: syz.1.1298 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
[  472.582048][T11090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  472.592086][T11090] Call Trace:
[  472.595348][T11090]  <TASK>
[  472.598287][T11090]  dump_stack_lvl+0x3d/0x1f0
[  472.602890][T11090]  panic+0x71d/0x800
[  472.606790][T11090]  ? __pfx_panic+0x10/0x10
[  472.611204][T11090]  ? show_trace_log_lvl+0x29d/0x3d0
[  472.616411][T11090]  ? drm_wait_one_vblank+0x334/0x550
[  472.621695][T11090]  check_panic_on_warn+0xab/0xb0
[  472.626628][T11090]  __warn+0xf6/0x3d0
[  472.630515][T11090]  ? preempt_schedule_notrace+0x62/0xe0
[  472.636052][T11090]  ? drm_wait_one_vblank+0x334/0x550
[  472.641324][T11090]  report_bug+0x3c0/0x580
[  472.645646][T11090]  handle_bug+0x54/0xa0
[  472.649803][T11090]  exc_invalid_op+0x17/0x50
[  472.654292][T11090]  asm_exc_invalid_op+0x1a/0x20
[  472.659131][T11090] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  472.665014][T11090] Code: 85 ed 0f 84 54 01 00 00 e8 99 82 61 fc 4c 89 e7 e8 41 fa 86 00 89 e9 4c 89 ea 48 c7 c7 00 67 e7 8b 48 89 c6 e8 0d 74 22 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 6e 82 61 fc 90 48 8d 7b 08 48 b8 00
[  472.684605][T11090] RSP: 0018:ffffc90004207b28 EFLAGS: 00010286
[  472.690660][T11090] RAX: 0000000000000000 RBX: ffff8880258a0000 RCX: ffffc9000b381000
[  472.698615][T11090] RDX: 0000000000040000 RSI: ffffffff814e6e86 RDI: 0000000000000001
[  472.706569][T11090] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  472.714536][T11090] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888142739010
[  472.722489][T11090] R13: ffff888140f11140 R14: 1ffff92000840f67 R15: 0000000000006d4b
[  472.730451][T11090]  ? __warn_printk+0x1a6/0x350
[  472.735225][T11090]  ? drm_wait_one_vblank+0x333/0x550
[  472.740500][T11090]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  472.746119][T11090]  ? mark_held_locks+0x9f/0xe0
[  472.750866][T11090]  ? __pfx_autoremove_wake_function+0x10/0x10
[  472.756928][T11090]  ? lockdep_hardirqs_on+0x7c/0x110
[  472.762130][T11090]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  472.767924][T11090]  ? drm_vblank_get+0x150/0x280
[  472.772779][T11090]  drm_fb_helper_ioctl+0x156/0x1a0
[  472.777901][T11090]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  472.783519][T11090]  do_fb_ioctl+0x3d4/0x7d0
[  472.787921][T11090]  ? __pfx_do_fb_ioctl+0x10/0x10
[  472.792871][T11090]  ? do_vfs_ioctl+0x513/0x1990
[  472.797673][T11090]  ? selinux_file_ioctl+0x180/0x270
[  472.802876][T11090]  fb_ioctl+0xe5/0x150
[  472.806931][T11090]  ? __pfx_fb_ioctl+0x10/0x10
[  472.811596][T11090]  __x64_sys_ioctl+0x18f/0x220
[  472.816369][T11090]  do_syscall_64+0xcd/0x250
[  472.820857][T11090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.826741][T11090] RIP: 0033:0x7fb0c0d7e719
[  472.831139][T11090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.850728][T11090] RSP: 002b:00007fb0c1bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  472.859153][T11090] RAX: ffffffffffffffda RBX: 00007fb0c0f35f80 RCX: 00007fb0c0d7e719
[  472.867106][T11090] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 000000000000000d
[  472.875063][T11090] RBP: 00007fb0c0df139e R08: 0000000000000000 R09: 0000000000000000
[  472.883015][T11090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.890989][T11090] R13: 0000000000000000 R14: 00007fb0c0f35f80 R15: 00007ffe056be678
[  472.898969][T11090]  </TASK>
[  472.902168][T11090] Kernel Offset: disabled
[  472.906521][T11090] Rebooting in 86400 seconds..