last executing test programs:

1m38.497565678s ago: executing program 4 (id=233):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r1 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x880)
sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c"], 0x30}], 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2})
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000280)={0x20, r2, 0x1, 0x0, &(0x7f0000000240)=[{}]})

1m37.913074576s ago: executing program 4 (id=234):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000900), 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m34.690747674s ago: executing program 4 (id=246):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
userfaultfd(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, 0x0, &(0x7f00000002c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x1401, 0x1, 0x70bd2d, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x20008010}, 0x4000)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r3, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000fe050000000000000000000095d9130057ca03c510fa2fc5ece32a99abbed07d2b344b983372db41442ce6a7ff6cc2e6a296781c910e06d2b09525a4b2f1e62e60b5ce6593224d8f24cce43d99c336c07c3956c503c827b6b9270237a7ed21280611ec2ec062488d2e24b549ad6166132e912db6c7b130fbd911466d3c29ea8e735b60228bfff202556cd31f8945cc776742cc23a9226d09ad459844e41595760c558c555368b981485913b658a4df64cd0c"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={r0, r6, 0x0, 0x0, 0x0}, 0x30)

1m34.132989413s ago: executing program 4 (id=249):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001b40), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0}}, 0x0)

1m33.935810174s ago: executing program 4 (id=253):
syz_usb_connect$printer(0x2, 0x36, &(0x7f0000000180)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x0, 0xa, [{{0x9, 0x4, 0x0, 0x7f, 0x2, 0x7, 0x1, 0x2, 0x4f, "", {{{0x9, 0x5, 0x1, 0x2, 0x8, 0x8, 0x7, 0x34}}, [{{0x9, 0x5, 0x82, 0x2, 0x20, 0x81, 0x7, 0x1}}]}}}]}}]}}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0})
r0 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x891c, &(0x7f0000000140)={'ipvlan0\x00', @random="0200ff7fffff"})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ppoll(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="3ef48b3da41d20ee3e8ff4a8c105fa346065816a35723e90add2daef6269e3919bd29588cdb2b6747a6bccf7fad04f347eae6ec564c43577195178cbc05ae9703bc8163a015b057a13b4ec6d619f8b92d89350783f9e585d50c07a9f846a24fb050250952c603595bb29d623ccfb75273b4f54ea8f0a4c7cca4c45b8a8c6e844c9a263b92a32c1745cab0785631c64a74b130328fdbaf554a5184f2e14275e9efd87f3b6", @ANYRES8=r2], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='signal_generate\x00', r4}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
accept(r0, &(0x7f0000000ac0)=@l2tp6={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000b40)=0x80)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002"], 0x7c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x5c}, 0x1, 0x6c, 0x0, 0x4000000}, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x34}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87}, './file0\x00'})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="481e0500000001040000003f0800000000000000", @ANYRES32=0x0, @ANYBLOB="21000000000000002800128008000100767469001c000280080002000400000008000100", @ANYRES32=0x0, @ANYBLOB="0800030005000000"], 0x48}}, 0x0)

1m26.960990584s ago: executing program 4 (id=261):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$vim2m(0x0, 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, 0x0)
r5 = syz_open_dev$mouse(&(0x7f0000000080), 0x8, 0x200903)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
accept4$rose(r6, 0x0, 0x0, 0x80000)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
syz_open_dev$vim2m(0x0, 0x5, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r7, 0x6, 0x3, &(0x7f0000000540)=0x2, 0x4)
connect$inet6(r7, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @private2, 0x394}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newtaction={0x14, 0x30, 0xffff}, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7000000}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0xf0b, 0xfffffffc, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3f9aca03}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x48}}, 0x0)
splice(r2, &(0x7f0000000080)=0x1c9, r1, &(0x7f0000000100)=0x8000, 0x4, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000880)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010448", 0x20, 0x3a, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @remote, [{0x2, 0x1, "36dad83aea8d"}]}}}}}}, 0x0)

1m12.515788673s ago: executing program 3 (id=308):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000140)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde"})
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps_rollup\x00')
pread64(r5, &(0x7f0000002180)=""/4105, 0x137, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$EVIOCGPROP(r5, 0x40047438, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
lremovexattr(0x0, 0x0)

1m11.200912674s ago: executing program 32 (id=261):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$vim2m(0x0, 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, 0x0)
r5 = syz_open_dev$mouse(&(0x7f0000000080), 0x8, 0x200903)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
accept4$rose(r6, 0x0, 0x0, 0x80000)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
syz_open_dev$vim2m(0x0, 0x5, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r7, 0x6, 0x3, &(0x7f0000000540)=0x2, 0x4)
connect$inet6(r7, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @private2, 0x394}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newtaction={0x14, 0x30, 0xffff}, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7000000}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0xf0b, 0xfffffffc, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3f9aca03}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x48}}, 0x0)
splice(r2, &(0x7f0000000080)=0x1c9, r1, &(0x7f0000000100)=0x8000, 0x4, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000880)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010448", 0x20, 0x3a, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @remote, [{0x2, 0x1, "36dad83aea8d"}]}}}}}}, 0x0)

1m11.174068625s ago: executing program 3 (id=314):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$loop(0x0, 0x6, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4c000000, &(0x7f0000000080)=[{&(0x7f0000000300)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f0000000401a800080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)

1m10.204873566s ago: executing program 3 (id=316):
r0 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, &(0x7f0000000040))
r1 = socket$netlink(0x10, 0x3, 0x14)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_pidfd_open(0x0, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x306, @link_local}, 0x0, {0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x2f}}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @multicast2}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1}}, 0x2, {0x2, 0x0, @remote}, 'lo\x00'})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth1\x00', <r6=>0x0})
r7 = socket(0xa, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x1, 0x1a8, [0x0, 0x20000180, 0x200001b0, 0x200001e0], 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000f5ff0000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000dfff0000000000000000180000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001500000000000000100073397a5f74756e00001000000000000079615330000000000000000000000000b76f6e645f736c6176655f310000000073697430000000002000000000000000aaaaaaaaaa0000000000feff0080c20000000000000000000000e8000000e8000000180100006c696d6974004000000000800000000002000000000000000000000000000000200000000000000000f9ff210000009400000000000000003830325f330080000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000b827d85034bb5ec6a300000200000000000000000000000000000000000000000000166d668100"/424]}, 0x220)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4001}}}]}, 0x38}}, 0x800)
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f0000000180)={0x403, 0x3ff, 0x7, 0xffff646a})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000380)=ANY=[@ANYBLOB="10000000141401"], 0x10}}, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r8, 0x0)
gettid()
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000200)={{0x97, 0xaf6}, 0x100, './file0\x00'})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)

1m9.129599672s ago: executing program 3 (id=319):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000c80)={0x24, 0x2, 0x3, 0x5, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x1}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x23}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x40000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={<r2=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r3, &(0x7f0000000840)=[{&(0x7f00000005c0)=""/85, 0x55}], 0x1, 0x6, 0x0)
ioctl$MON_IOCQ_RING_SIZE(r3, 0x9205)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000240)={r2, @in6={{0xa, 0x4e22, 0xc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8001}}, 0x0, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000840)={r2, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0x14, 0x7, 0x9}, 0x9c)

1m8.143134178s ago: executing program 3 (id=322):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = getuid()
quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, r1, &(0x7f00000000c0))
r2 = dup(r0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendto$l2tp(r3, &(0x7f0000000100)="e5786a0d000000000000c83b", 0xffffff9b, 0x0, &(0x7f0000000140)={0x2, 0x0, @multicast2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000040)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={0x0, &(0x7f00000000c0), 0x0, r5})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x44, r7, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x8, 0x4, '\x00\x00\x00\x00'}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x44}}, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r4, 0xc01864ba, &(0x7f0000000000)={0x4, 0x0, r5, 0xeeeeeeee})
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x14)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x270}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x2, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
syz_io_uring_setup(0x2c4c, &(0x7f0000000400)={0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, r2}, 0x0, 0x0)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)="286d81866e6b77fbbd308e1683", 0xd}], 0x1, &(0x7f00000002c0), 0x0, 0x24008000}, 0xc040)
bind$packet(0xffffffffffffffff, &(0x7f00000014c0)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f00000003c0)={@broadcast, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x500, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

1m7.669403504s ago: executing program 3 (id=326):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f00000003c0)={0xc})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r3, 0x0)
accept4$x25(r3, 0x0, 0x0, 0x80800)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc))
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$nfs(&(0x7f0000000500)='/^\n\x00\x00\x00\x00\x00\x00\x00\x00\x0e\xcc\xa7\xedH`\'\xf2\xb9 0\xc5\x8bJ\x18\xd9M\xfd\xc5\xbe$\x02\x02\xaa\xc7\x12\xe9\x86)\xdex6\xd3\xf58D;\xda\xd5\xdd\x7f\x1f\xad\x8a\x19\xb3\x17DU\xd1:\xc7\xda8\x8a\xccm;\xb8\xb4\xe5\x1f!\xd1{\x0f<,\xd5\xb5\xe1T\x80\xe8M\xf4\xaa\xbf\x039Ew\xe1\xbc\xceXv\x06p\x9d\xfc|W\xd2\x05#\x1a\x14\x1a\xdc\x0e\x90$\xf1|^\x04\xa0\xa0\x86\x8d\xfa5D\xb5{\xa6F\xe4H\x98\xd7`7\x12\xd9\xc2C\x9bU\x87\xa3\xcd<\x1d\xdf\x8c\xc3k\xec\xfcT#\x97=&\xef}\x1cD\xe8\\\x98\xbc\x1bW\xea\x1ef\xd0\x8b\xef\xb5u\xfe\x88\x10\x81\xe6\x90)\x9a3si\xd5\"\x01\xf4:\xb7T(\xf0*\xfb\xf5;\x92', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x9, 0x2000000100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r4, 0x4b41, 0x4000000000001)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r6 = memfd_secret(0x80000)
ioctl$SNDCTL_TMR_SELECT(r6, 0x40045408)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1m6.740799845s ago: executing program 33 (id=326):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f00000003c0)={0xc})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r3, 0x0)
accept4$x25(r3, 0x0, 0x0, 0x80800)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc))
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$nfs(&(0x7f0000000500)='/^\n\x00\x00\x00\x00\x00\x00\x00\x00\x0e\xcc\xa7\xedH`\'\xf2\xb9 0\xc5\x8bJ\x18\xd9M\xfd\xc5\xbe$\x02\x02\xaa\xc7\x12\xe9\x86)\xdex6\xd3\xf58D;\xda\xd5\xdd\x7f\x1f\xad\x8a\x19\xb3\x17DU\xd1:\xc7\xda8\x8a\xccm;\xb8\xb4\xe5\x1f!\xd1{\x0f<,\xd5\xb5\xe1T\x80\xe8M\xf4\xaa\xbf\x039Ew\xe1\xbc\xceXv\x06p\x9d\xfc|W\xd2\x05#\x1a\x14\x1a\xdc\x0e\x90$\xf1|^\x04\xa0\xa0\x86\x8d\xfa5D\xb5{\xa6F\xe4H\x98\xd7`7\x12\xd9\xc2C\x9bU\x87\xa3\xcd<\x1d\xdf\x8c\xc3k\xec\xfcT#\x97=&\xef}\x1cD\xe8\\\x98\xbc\x1bW\xea\x1ef\xd0\x8b\xef\xb5u\xfe\x88\x10\x81\xe6\x90)\x9a3si\xd5\"\x01\xf4:\xb7T(\xf0*\xfb\xf5;\x92', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x9, 0x2000000100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r4, 0x4b41, 0x4000000000001)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r6 = memfd_secret(0x80000)
ioctl$SNDCTL_TMR_SELECT(r6, 0x40045408)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

6.976740049s ago: executing program 6 (id=770):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x20}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040a000000e8fe55a1", 0x18}], 0x1}, 0x400d)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x468, 0x0, 0x5002004a, 0xb, 0x310, 0xea13, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0xffffff00, 0x0, 'erspan0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16, 0xfc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4c8)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0)

6.873479704s ago: executing program 6 (id=771):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2c779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000180)={@in={{0x2, 0x4e24, @rand_addr=0x64010101}}, 0x0, 0x0, 0xb, 0x0, "0c9e089c01860b471037f43d223b3c1b324debec40e55a07f709417eb48821996aff1c7154e746be4d7686455261c425a7519cc269d04e6205abaabde24a2b12440b329ad5bd35f21907c7988d1300"}, 0xd8)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r4, r4, r4}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}})
bind$netlink(0xffffffffffffffff, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00'})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
msgsnd(0x0, &(0x7f0000000280)={0x3}, 0x8, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt(r5, 0x1, 0xe, 0x0, &(0x7f000000afc0))

6.054309085s ago: executing program 6 (id=784):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}]}, 0x2c}}, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x5000, 0x0, 0x1, r3})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0x2, 0x0, 0x1, r3, 0x4})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)

5.928848588s ago: executing program 6 (id=789):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}}, @NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0xfffe}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x50}}, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x28, r1, 0x1, 0x0, 0x1, {{}, {@val={0x8}, @void, @val={0xc, 0x99, {0x10, 0x2b}}}}}, 0x28}}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000f00000005002a000000000008000300", @ANYRES32=r5, @ANYBLOB="0800320000000000050038000100000005002e0000000008003100"], 0x4c}}, 0x0)

5.833398704s ago: executing program 6 (id=790):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x64}}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
bind$bt_l2cap(r4, 0x0, 0x0)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000200)=0x10)
symlink(&(0x7f0000000580)='.\x02/file1\x00', &(0x7f00000002c0)='.\x02\x00')
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x8000003d)
fcntl$setsig(r6, 0xa, 0x21)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x4000, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

4.999958139s ago: executing program 6 (id=797):
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x3a)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="40000000050603000000000000000000000000090900030073797a320000000005000100070000000900020073797a30000000000900020073797a32000000002a3b3e438c20ecb3e539d7deeebe0d8e392f297ffb761ccfeae403c888b8872e936090eb1742a389e358a83ccab8513202e99e7dc15ca6e08004d9cc7ecfbefd9a56380bf57a9a3ce85b5c835095d9c9a7b27de8d86265a9c65ad6778a92b699c53f3bdd4c2e9f1028bdf97781c6796beff4b2364de55f466e5ddd0507de8de3c0fb900699e8d24ebe84eaf86303a7c409efcecfec5b4703b1267b73a6e4bb3ea9079e14113a732fa972d9f1a5b00da61dd75ff20999990d44dd0bd49a"], 0x40}, 0x1, 0x0, 0x0, 0xa0000}, 0x48000)
recvmsg(0xffffffffffffffff, 0x0, 0x10000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r3, 0x4bfb, 0x0) (fail_nth: 2)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000100)={0x2})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0)
r5 = signalfd4(r4, &(0x7f0000000200)={[0x7fff]}, 0x8, 0x800)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)

4.243429477s ago: executing program 5 (id=802):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xca)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000000)=0x7)
read$dsp(r2, &(0x7f0000001300)=""/4096, 0x1000)
shutdown(r0, 0x0)

3.693502719s ago: executing program 0 (id=807):
r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x80)
prctl$PR_SET_MM(0x35, 0x2, &(0x7f0000f77000/0x4000)=nil)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x360, 0x11, 0x148, 0x360, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x70, 0xd8, 0x1c}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x288)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
landlock_create_ruleset(&(0x7f00000000c0)={0x0, 0x2, 0x3}, 0x11, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={"b9ecdc6b", 0x2b34, 0x5, 0x3, 0x9, 0x9, "e8488af100006f9c1e69942e4bc820", "b2b4b4cd", '\x00', "9a0c30db", ["0000000000009e8bff400240", "f59be340f723ba414ec28b74", "d317b68d6411d4e782d15024", "6e3f19347c7b8a24e0ddc31e"]})
r1 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
read$FUSE(r1, &(0x7f00000002c0)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000801, r2, &(0x7f0000002300)={0x9, 0x6, 0x0, 0x0, 0x1ff, 0x9, 0x2, 0x0, 0x8})

3.640554899s ago: executing program 0 (id=808):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$loop(0x0, 0x6, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f0000000401a800080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017", 0x5f}], 0x1}, 0x0)

3.615628008s ago: executing program 2 (id=809):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}]}, 0x2c}}, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000140)={0x5000, 0x0, 0x1, r6})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000100)={0x2, 0x0, 0x1, r6, 0x4})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)

3.469461443s ago: executing program 5 (id=810):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$loop(0x0, 0x6, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f0000000401a800080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017", 0x5f}], 0x1}, 0x0)

2.507521378s ago: executing program 0 (id=814):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@local, @local}, 0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x8, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x100020, 0x0, 0x0, 0x100, 0x33, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x76, @void, @value}, 0x94)
r1 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file1/file3\x00', 0x0, 0x46)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@ifindex=<r2=>0x0, 0x6, 0x0, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000100), &(0x7f0000000100), &(0x7f0000000400), <r3=>0x0}, 0x40)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendto$inet(r5, &(0x7f0000000000)="3abe17ecc3de8f6ff05265cc0ce448ebf0224f0b70ee", 0x16, 0x60008000, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000480)=ANY=[], 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000840)={r0, 0x0, 0x30, 0x16, @val=@tcx={@void, @value=r0, @void, @void, r3}}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0, {0x9}}, './file1/file3\x00'})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x6, &(0x7f0000000380)=0x7ff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000480)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r11 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000440)={'syztnl1\x00', 0x0, 0x80, 0x7800, 0x9, 0x3, {{0x5, 0x4, 0x2, 0x0, 0x14, 0x64, 0x0, 0x7, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback}}}})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="4945f0bb9a761f45514e657ffa85862a9796be41be3b658002335e3c4eb24ba0f2f91121d1b91286337f542640263dbab4028e95b36f9c1552e54178981009bc4056c786aabcc671f516ef6050c8a7a7dbfd31d52594607aea934426ea6a1e82fab583d343f7cee6cacba4afd195d2e6af33aa2823792190e9478dbea15a28c7a33d00fde0713c0a145ed59bf73ad2b4e8626ce81356f2bd7560690e7389471293a90ac2f8ee595213dd29ecf2a3820975d3ef6f436f0545671230c47ed1dd55b48a96afaedda99924a615b397b6deba5fee00287bf99b4a4998568db354a1705d83c3e4d7", @ANYRESOCT=r7], 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x22, 0x4, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x80003, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)

2.349682257s ago: executing program 5 (id=816):
r0 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x1, &(0x7f0000000100)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @empty}, 0x10)
sendto(r0, 0x0, 0x0, 0x40040085, 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x21)
ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000180))
fcntl$setlease(r0, 0x400, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000600)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000000, @void, @value}, 0x94)
openat(0xffffffffffffffff, &(0x7f00000003c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r4, 0xc08c5332, &(0x7f0000000500))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r3, 0x0, 0x7f}, 0x18)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000080), 0xc, 0x109042)
syz_open_dev$amidi(&(0x7f0000000040), 0x3, 0x2d4603)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
clock_gettime(0x4, &(0x7f00000000c0))
socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

2.140593397s ago: executing program 2 (id=819):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000380))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
readv(r4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x2, 0x1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0xfffffffffffffcb4)
r6 = socket$netlink(0x10, 0x3, 0x4)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(0xffffffffffffffff, 0x7b1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x9c0})
shutdown(r6, 0x1)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_CONTINUE(r7, 0x8010aa02, &(0x7f0000000000)={{&(0x7f0000fe5000/0x2000)=nil, 0x2000}, 0x1})
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203f3021600000000000000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000fffffffbfdff000020030005000000000002000000ac1414aa00000000000000000a0008"], 0xb0}, 0x1, 0x7}, 0x0)
r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000002c0), 0x8001, 0x0)
write$vga_arbiter(r9, &(0x7f0000000400)=ANY=[@ANYBLOB='target PCI:7:4:1b.(J\x00'], 0x15)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x110, 0xffffffffffffffff, 0x0)

2.074268341s ago: executing program 1 (id=820):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xca)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000000)=0x7)
read$dsp(r2, &(0x7f0000001300)=""/4096, 0x1000)
shutdown(r0, 0x0)

1.858766811s ago: executing program 0 (id=821):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r4 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r3, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x12, r0, 0x4000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, 0x0, 0x0, 0x1, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)

1.401013716s ago: executing program 5 (id=822):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x5, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0900000006000000ff0f00000400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000002321f3230000000000000000000000001f"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000008900000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000007500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000700)={'erspan0\x00', <r3=>0x0, 0x7, 0x10, 0x34, 0x0, {{0x21, 0x4, 0x0, 0x3, 0x84, 0x67, 0x0, 0x1, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@timestamp_addr={0x44, 0x14, 0x55, 0x1, 0x8, [{@broadcast, 0x200}, {@multicast1, 0xa2c00000}]}, @timestamp={0x44, 0x2c, 0x6a, 0x0, 0x0, [0x4, 0x6, 0x3d4, 0x8, 0x4, 0x9, 0x6, 0x9, 0x0, 0x6]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x2b, 0xf3, [@dev={0xac, 0x14, 0x14, 0x1b}, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @local, @rand_addr=0x64010101, @rand_addr=0x64010101, @empty, @multicast2, @multicast1]}]}}}}})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000280)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @jmp={0x5, 0x0, 0x1, 0x7, 0x3, 0x18, 0xfffffffffffffff0}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @ldst={0x0, 0x0, 0x2, 0xc, 0x6, 0x56, 0x10}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0xd1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x72, &(0x7f0000000340)=""/114, 0x41000, 0x41, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x1, 0x3, 0x200, 0x4}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000005c0)=[r4, r0], &(0x7f0000000600)=[{0x1, 0x3, 0x10, 0x5}, {0x2, 0x4, 0xf, 0x3}, {0x0, 0x2, 0x9, 0x2}], 0x10, 0xe9, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x5, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0900000006000000ff0f00000400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000002321f3230000000000000000000000001f"], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000008900000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000007500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000700)={'erspan0\x00', 0x0, 0x7, 0x10, 0x34, 0x0, {{0x21, 0x4, 0x0, 0x3, 0x84, 0x67, 0x0, 0x1, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@timestamp_addr={0x44, 0x14, 0x55, 0x1, 0x8, [{@broadcast, 0x200}, {@multicast1, 0xa2c00000}]}, @timestamp={0x44, 0x2c, 0x6a, 0x0, 0x0, [0x4, 0x6, 0x3d4, 0x8, 0x4, 0x9, 0x6, 0x9, 0x0, 0x6]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x2b, 0xf3, [@dev={0xac, 0x14, 0x14, 0x1b}, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @local, @rand_addr=0x64010101, @rand_addr=0x64010101, @empty, @multicast2, @multicast1]}]}}}}}) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580), 0x4) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000280)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @jmp={0x5, 0x0, 0x1, 0x7, 0x3, 0x18, 0xfffffffffffffff0}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @ldst={0x0, 0x0, 0x2, 0xc, 0x6, 0x56, 0x10}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0xd1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x72, &(0x7f0000000340)=""/114, 0x41000, 0x41, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x1, 0x3, 0x200, 0x4}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000005c0)=[r4, r0], &(0x7f0000000600)=[{0x1, 0x3, 0x10, 0x5}, {0x2, 0x4, 0xf, 0x3}, {0x0, 0x2, 0x9, 0x2}], 0x10, 0xe9, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10) (async)

1.364945183s ago: executing program 1 (id=823):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x5000, 0x0, 0x1, r3})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0x2, 0x0, 0x1, r3, 0x4})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)

1.274886129s ago: executing program 5 (id=824):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$loop(0x0, 0x6, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f0000000401a800080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017", 0x5f}], 0x1}, 0x0)

1.173372953s ago: executing program 1 (id=825):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x9c8c4, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000780)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8e", 0x36, 0x6d91fb6102d8d9cc, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300), 0x1000)
sendto$inet6(r0, &(0x7f0000000e00)="dd11fa62c01f7cef67f2a127346208", 0xf, 0x0, 0x0, 0x0)
recvfrom(r0, &(0x7f0000001a80)=""/4096, 0x1000, 0x10100, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$IMGETVERSION(0xffffffffffffffff, 0x80044942, &(0x7f0000000000))
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r4 = signalfd(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@generic={0x2, 0x8, 0x1, 0x1, 0x9}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000040)=""/73, 0x2}, 0x70)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2000000043000900fffffffffddbdf25010000000c0001"], 0x20}}, 0x44850)
setsockopt$RDS_CONG_MONITOR(r4, 0x114, 0x6, &(0x7f0000000280), 0x4)

916.661513ms ago: executing program 0 (id=826):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x15)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x200, 0x0, 0x0, 0x800040, 0x0, 0x0, 0x802004cb, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], 0xffff1000, 0x202})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'nq\x00'}, 0x2c)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000240)={[{0x0, 0xecad, 0x0, 0x0, 0x0, 0x2, 0x40, 0x7, 0x0, 0x3}, {0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xbee5}, {0x0, 0xffff, 0xfe, 0x2, 0x0, 0x0, 0x8, 0x0, 0xf6, 0x0, 0x1, 0x10, 0x2000000000000}], 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000600)=@deltaction={0x14, 0x31, 0x8, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x1, 0x400000}, 0x20)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x6, 0x7fffffff})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r5, 0x1, 0x29, &(0x7f0000000540)=0x10001, 0x4)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000000)=0x24d2, 0x4)
write(r5, &(0x7f0000000180)="b1f6a4e6086771339298ff93c614cda94476d7b36598b8cb08591ffc2467faa14eba6144e8129396", 0x28)
recvmmsg(r5, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2100, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r4, 0x0, 0x48a, &(0x7f0000000040)={0x4, 0x4, 0x7}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000c7f000)='./file0\x00', &(0x7f0000df9000)='nfs4\x00', 0x0, &(0x7f0000590ffe)='v4')
connect$l2tp6(r3, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)

805.81061ms ago: executing program 2 (id=827):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86ddf9fffffffffffffffc010000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)
syz_clone3(&(0x7f0000000080)={0x300000480, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, 0x0}, 0x58)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xc0}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000100)={r2})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x40, 0x1}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20008000}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0xa000000d})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x2066012, 0xffff}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl(r5, 0xfffff000, &(0x7f0000000080))
getdents64(r5, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="10"], 0x0, 0x0, 0x0})

655.593054ms ago: executing program 2 (id=828):
r0 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, &(0x7f0000000040))
r1 = socket$netlink(0x10, 0x3, 0x14)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_pidfd_open(0x0, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x306, @link_local}, 0x0, {0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x2f}}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @multicast2}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1}}, 0x2, {0x2, 0x0, @remote}, 'lo\x00'})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth1\x00', <r6=>0x0})
r7 = socket(0xa, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x1, 0x1a8, [0x0, 0x20000180, 0x200001b0, 0x200001e0], 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000f5ff0000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000dfff0000000000000000180000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001500000000000000100073397a5f74756e00001000000000000079615330000000000000000000000000b76f6e645f736c6176655f310000000073697430000000002000000000000000aaaaaaaaaa0000000000feff0080c20000000000000000000000e8000000e8000000180100006c696d6974004000000000800000000002000000000000000000000000000000200000000000000000f9ff210000009400000000000000003830325f330080000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000b827d85034bb5ec6a300000200000000000000000000000000000000000000000000166d668100"/424]}, 0x220)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4001}}}]}, 0x38}}, 0x800)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000380)=ANY=[@ANYBLOB="10000000141401"], 0x10}}, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r8, 0x0)
r9 = gettid()
ioctl$BINDER_GET_FROZEN_INFO(r8, 0xc00c620f, &(0x7f0000000000)={r9})
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000200)={{0x97, 0xaf6}, 0x100, './file0\x00'})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)

653.933981ms ago: executing program 0 (id=829):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}]}, 0x2c}}, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000140)={0x5000, 0x0, 0x1, r6})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000100)={0x2, 0x0, 0x1, r6, 0x4})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)

397.6259ms ago: executing program 2 (id=830):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = io_uring_setup(0x41b4, &(0x7f0000000340)={0x0, 0x86faf, 0x1, 0x0, 0x2e7})
r2 = inotify_init1(0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000000000/0x4000)=nil, 0x1000, 0xb, 0x8012, r3, 0x83000000)
r4 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r5, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
ioctl$EXT4_IOC_GETFSUUID(r2, 0x8008662c, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x1)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r6, &(0x7f0000000380)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2, 0x0, 0xd17, 0x0, 0x0, 0x1}}, 0x120)
readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/80, 0x50}, {&(0x7f00000002c0)=""/179, 0xb3}], 0x2)
readv(r6, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1)
write$UHID_DESTROY(r6, &(0x7f0000000200), 0x4)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r9}, 0x10)
pread64(r9, &(0x7f0000004c40)=""/4116, 0x1014, 0xffffffffffffffff)
r10 = epoll_create1(0x80000)
read$FUSE(r7, &(0x7f0000002c00)={0x2020}, 0x2020)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r7, &(0x7f0000000000))
write$binfmt_script(r8, &(0x7f0000020240), 0x10010)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00'})
socket(0x2, 0x80805, 0x0)

292.135366ms ago: executing program 1 (id=831):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mkdir(0x0, 0x136)
creat(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="04044aaaaaaaaaaa11e491570139596ed243e591fac646849eb462702acf4c9e522de8f2749a344658734b317b657c7a9b14a60be0c63cac9f4f8bec410ef9691dad2d7f90ae5342bf2a76645717ddbea718c44b61624adecbc2b86a6e783f02564f77"], 0xd)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)

181.217091ms ago: executing program 5 (id=832):
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007ce7c810d804300a47ce0102030109022400010000000009040000020de67a0009050402ecffffffff08058102", @ANYRES64], 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000000d29cf6796d17adaee1ef4fa794d4132f0000000000100a00000a20000000020a01010000000900010073797a3000000000140000360057001100010000000000000000000000000aad6c57678db2ccfebf279f8c08c990f7cb0a052252cea7eb8cb1282a2b2d54ddf2945f4da6851dff381cae9dce7df997683ee3006f61193a2705756f2daa6a81370a58c462ad6b"], 0x48}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a800000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x28, r7, 0x1, 0x70bd2b, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0xfe8c}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000044}, 0x8800)
socket(0x22, 0x3, 0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f00000002c0)=@raw=[@map_idx_val={0x18, 0x3, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0xda65}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10000000}}, @map_fd={0x18, 0xa, 0x1, 0x0, r4}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0x10, 0xfffff001, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x804, @void, @value}, 0x94)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r11, &(0x7f00000002c0)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@delchain={0x5c, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @mcast1}, @TCA_FLOWER_KEY_ENC_IPV6_DST_MASK={0x6, 0x22, [0xff, 0xffffffff, 0xffffff00, 0xff000000]}]}}]}, 0x5c}}, 0x1000000)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r13 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r13, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback, 0x580d5476}, 0x1c)
sendto$inet6(r13, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$inet(r13, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="98e9", 0x2}], 0x1}, 0x8001)

180.763513ms ago: executing program 2 (id=833):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xca)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000000)=0x7)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
shutdown(r0, 0x0)

142.256763ms ago: executing program 1 (id=834):
r0 = eventfd(0x100)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000180)=ANY=[@ANYBLOB="040000000000000008000000030000000100000000000000f9ffffff0100000007000000030000000000000000000000000000000000000006000000020000000100000000000000ff0700008a1f000000000000000000000000000000000000000000000000000085000000020000000000000000000000ff7f0000ff00000000008c8500000000000000000000000000000000000000000300000002000000000000000000000069f7000004000000000000000000000000000000000000000000000000000000413b89154125564a2b27443dd52b7c424346faaf35246574927c375b66c97ceae5"])
userfaultfd(0x80001)
write$eventfd(r0, &(0x7f0000000040)=0x2, 0x4e)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f00000000c0)='wg0\x00', 0x4)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x82, 0x0, 0x0)

0s ago: executing program 1 (id=835):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) (async)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="5ecc50a8b4d901c9d9cb69e9088731bbe6c142eca481c4c7a20e48c397a62080fafef105401a4b94def97f80f560ffea3597b09332047fde8a780f49c20edef0c53222226857728cb42ad604003724e97c99c29182896c3f8fd047046ccae8eb0054b3bbc0b727d5848c267f123705a9198e8ce429c9b260c924e241b8a0540acfc50841202ed4d2fe0fb3a7bca781fdd549ea34ebdde4144671da4e49f40dbce74d8e54360f9fd0c8e540ecfb304061d151511dcd8e205e5ec6922cead65a1b14f7ae464052538c9aba1642a015217b9a84ff2f465468db84295a2b6761096529103e93c597d31aa846a4bef84153da0d93cc3cc27bef0e6527785fbab275daad"], 0x6)
close(r0)
socketpair(0x11, 0x800, 0x7fffffff, &(0x7f00000000c0)) (async)
socketpair(0x11, 0x800, 0x7fffffff, &(0x7f00000000c0))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = open(0x0, 0x48141, 0x0)
fcntl$getflags(r5, 0x401)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
ustat(0xfffffffeffffffff, 0x0) (async)
ustat(0xfffffffeffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003700)=ANY=[], 0x44}}, 0x4010) (async)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003700)=ANY=[], 0x44}}, 0x4010)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x4}, 0x6) (async)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x4}, 0x6)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff) (async)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)=ANY=[@ANYBLOB='(\b\x00\x00', @ANYRES16=r8, @ANYBLOB="01002abd7000fbdbdf250700000008000100010000000c0006000200000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x48801}, 0x800)
write(r1, &(0x7f0000000340)="09000000010082", 0x7)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, 0x0, 0x0)
sendmsg$NFT_MSG_GETSET(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0xa, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0xe38d7cb34f855d36}, 0xbeee7b6c4f05b496)

kernel console output (not intermixed with test programs):

re+0x10/0x10
[   86.528695][ T6185]  ? bpf_prog_alloc_no_stats+0x54/0x620
[   86.534255][ T6185]  __vmalloc_noprof+0x6d/0x90
[   86.538939][ T6185]  ? bpf_prog_alloc_no_stats+0x54/0x620
[   86.544587][ T6185]  bpf_prog_alloc_no_stats+0x54/0x620
[   86.549975][ T6185]  ? security_capable+0x7e/0x260
[   86.555049][ T6185]  bpf_prog_alloc+0x3b/0x230
[   86.559648][ T6185]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   86.565577][ T6185]  bpf_prog_load+0x159e/0x2660
[   86.570371][ T6185]  ? __pfx_bpf_prog_load+0x10/0x10
[   86.575500][ T6185]  ? avc_has_perm_noaudit+0x143/0x3a0
[   86.580916][ T6185]  ? selinux_bpf+0xde/0x130
[   86.585446][ T6185]  __sys_bpf+0x4043/0x49c0
[   86.589879][ T6185]  ? __pfx_lock_release+0x10/0x10
[   86.594920][ T6185]  ? __pfx___sys_bpf+0x10/0x10
[   86.599694][ T6185]  ? vfs_write+0x306/0x1150
[   86.604203][ T6185]  ? __mutex_unlock_slowpath+0x164/0x690
[   86.609866][ T6185]  ? fput+0x67/0x440
[   86.613769][ T6185]  ? ksys_write+0x1ba/0x250
[   86.618279][ T6185]  ? __pfx_ksys_write+0x10/0x10
[   86.623153][ T6185]  __x64_sys_bpf+0x78/0xc0
[   86.627594][ T6185]  ? lockdep_hardirqs_on+0x7c/0x110
[   86.632898][ T6185]  do_syscall_64+0xcd/0x250
[   86.637423][ T6185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.643336][ T6185] RIP: 0033:0x7ff487d7fed9
[   86.647770][ T6185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.667523][ T6185] RSP: 002b:00007ff488b34058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   86.675962][ T6185] RAX: ffffffffffffffda RBX: 00007ff487f45fa0 RCX: 00007ff487d7fed9
[   86.683951][ T6185] RDX: 0000000000000094 RSI: 0000000020000540 RDI: 0000000000000005
[   86.691935][ T6185] RBP: 00007ff488b340a0 R08: 0000000000000000 R09: 0000000000000000
[   86.699919][ T6185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.707894][ T6185] R13: 0000000000000001 R14: 00007ff487f45fa0 R15: 00007ffcab6457a8
[   86.715873][ T6185]  </TASK>
[   86.724690][ T6185] syz.1.65: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[   86.741813][ T6185] CPU: 0 UID: 0 PID: 6185 Comm: syz.1.65 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[   86.752337][ T6185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   86.762379][ T6185] Call Trace:
[   86.765643][ T6185]  <TASK>
[   86.768561][ T6185]  dump_stack_lvl+0x16c/0x1f0
[   86.773241][ T6185]  warn_alloc+0x24d/0x3a0
[   86.777558][ T6185]  ? __pfx_warn_alloc+0x10/0x10
[   86.782398][ T6185]  ? kfree+0x14f/0x4b0
[   86.786467][ T6185]  ? __get_vm_area_node+0x1dc/0x2f0
[   86.791764][ T6185]  __vmalloc_node_range_noprof+0xd27/0x1530
[   86.797664][ T6185]  ? bpf_prog_alloc_no_stats+0x54/0x620
[   86.803403][ T6185]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   86.809732][ T6185]  ? __pfx___lock_acquire+0x10/0x10
[   86.814926][ T6185]  ? bpf_prog_alloc_no_stats+0x54/0x620
[   86.820504][ T6185]  __vmalloc_noprof+0x6d/0x90
[   86.825171][ T6185]  ? bpf_prog_alloc_no_stats+0x54/0x620
[   86.830797][ T6185]  bpf_prog_alloc_no_stats+0x54/0x620
[   86.836160][ T6185]  ? security_capable+0x7e/0x260
[   86.841091][ T6185]  bpf_prog_alloc+0x3b/0x230
[   86.845664][ T6185]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   86.851687][ T6185]  bpf_prog_load+0x159e/0x2660
[   86.856621][ T6185]  ? __pfx_bpf_prog_load+0x10/0x10
[   86.861723][ T6185]  ? avc_has_perm_noaudit+0x143/0x3a0
[   86.867108][ T6185]  ? selinux_bpf+0xde/0x130
[   86.871604][ T6185]  __sys_bpf+0x4043/0x49c0
[   86.876096][ T6185]  ? __pfx_lock_release+0x10/0x10
[   86.881196][ T6185]  ? __pfx___sys_bpf+0x10/0x10
[   86.885959][ T6185]  ? vfs_write+0x306/0x1150
[   86.890450][ T6185]  ? __mutex_unlock_slowpath+0x164/0x690
[   86.896086][ T6185]  ? fput+0x67/0x440
[   86.899970][ T6185]  ? ksys_write+0x1ba/0x250
[   86.904462][ T6185]  ? __pfx_ksys_write+0x10/0x10
[   86.909328][ T6185]  __x64_sys_bpf+0x78/0xc0
[   86.913751][ T6185]  ? lockdep_hardirqs_on+0x7c/0x110
[   86.918945][ T6185]  do_syscall_64+0xcd/0x250
[   86.923472][ T6185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.929373][ T6185] RIP: 0033:0x7ff487d7fed9
[   86.933804][ T6185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.953433][ T6185] RSP: 002b:00007ff488b34058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   86.961838][ T6185] RAX: ffffffffffffffda RBX: 00007ff487f45fa0 RCX: 00007ff487d7fed9
[   86.969800][ T6185] RDX: 0000000000000094 RSI: 0000000020000540 RDI: 0000000000000005
[   86.977762][ T6185] RBP: 00007ff488b340a0 R08: 0000000000000000 R09: 0000000000000000
[   86.985727][ T6185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.993688][ T6185] R13: 0000000000000001 R14: 00007ff487f45fa0 R15: 00007ffcab6457a8
[   87.001660][ T6185]  </TASK>
[   87.004736][    C0] vkms_vblank_simulate: vblank timer overrun
[   87.020371][ T6185] Mem-Info:
[   87.026318][ T6185] active_anon:5537 inactive_anon:0 isolated_anon:0
[   87.026318][ T6185]  active_file:1050 inactive_file:38935 isolated_file:0
[   87.026318][ T6185]  unevictable:768 dirty:303 writeback:75
[   87.026318][ T6185]  slab_reclaimable:10998 slab_unreclaimable:101478
[   87.026318][ T6185]  mapped:29214 shmem:1439 pagetables:900
[   87.026318][ T6185]  sec_pagetables:0 bounce:0
[   87.026318][ T6185]  kernel_misc_reclaimable:0
[   87.026318][ T6185]  free:1336579 free_pcp:455 free_cma:0
[   87.075379][ T6185] Node 0 active_anon:22148kB inactive_anon:0kB active_file:4200kB inactive_file:155668kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116856kB dirty:1008kB writeback:500kB shmem:4220kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11440kB pagetables:3600kB sec_pagetables:0kB all_unreclaimable? no
[   87.107869][    C0] vkms_vblank_simulate: vblank timer overrun
[   87.133789][ T6185] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   87.177393][ T6185] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   87.222839][ T6196] netlink: 'syz.0.68': attribute type 1 has an invalid length.
[   87.253202][ T6185] lowmem_reserve[]: 0 2459 2459 0 0
[   87.280410][ T6168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.292204][ T6185] Node 0 DMA32 free:1426080kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:23448kB inactive_anon:0kB active_file:4300kB inactive_file:155576kB unevictable:1536kB writepending:208kB present:3129332kB managed:2547176kB mlocked:0kB bounce:0kB free_pcp:1572kB local_pcp:1200kB free_cma:0kB
[   87.322487][    C0] vkms_vblank_simulate: vblank timer overrun
[   87.331453][ T6197] netlink: 'syz.4.66': attribute type 1 has an invalid length.
[   87.339159][ T6197] netlink: 4 bytes leftover after parsing attributes in process `syz.4.66'.
[   87.387518][ T6168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.455494][ T6185] lowmem_reserve[]: 0 0 0 0 0
[   87.460287][ T6185] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[   87.513815][   T25] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 137 proto 1 vid 0x0525 pid 0xA4A8
[   87.527381][   T25] usb 4-1: USB disconnect, device number 4
[   87.538210][   T25] usblp0: removed
[   87.587766][ T6200] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   87.597894][ T6185] lowmem_reserve[]: 0 0 0 0 0
[   87.606515][ T6200] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   87.619638][ T6185] Node 1 Normal free:3904220kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   87.691073][ T6185] lowmem_reserve[]: 0 0 0 0 0
[   87.698146][ T6185] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   87.731042][ T6185] Node 0 DMA32: 292*4kB (UM) 287*8kB (UME) 197*16kB (UME) 99*32kB (ME) 66*64kB (UME) 43*128kB (UME) 22*256kB (UME) 18*512kB (UME) 5*1024kB (UM) 6*2048kB (UME) 336*4096kB (M) = 1428024kB
[   87.757276][ T6185] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[   87.773072][ T6185] Node 1 Normal: 219*4kB (UME) 50*8kB (UME) 36*16kB (UME) 207*32kB (UME) 93*64kB (UME) 33*128kB (UME) 16*256kB (UM) 9*512kB (UM) 4*1024kB (UME) 3*2048kB (UE) 944*4096kB (M) = 3904220kB
[   87.794530][ T6185] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   87.804704][ T6185] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   87.814909][ T6185] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   87.913198][ T6185] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   87.922750][ T6185] 41485 total pagecache pages
[   87.927603][ T6185] 0 pages in swap cache
[   87.931891][ T6185] Free swap  = 124996kB
[   87.936166][ T6185] Total swap = 124996kB
[   87.940434][ T6185] 2097051 pages RAM
[   87.944351][ T6185] 0 pages HighMem/MovableOnly
[   87.949120][ T6185] 428599 pages reserved
[   87.953538][ T6185] 0 pages cma reserved
[   89.020333][ T6217] delete_channel: no stack
[   90.115521][ T6233] capability: warning: `syz.0.78' uses deprecated v2 capabilities in a way that may be insecure
[   90.269980][   T29] kauditd_printk_skb: 4 callbacks suppressed
[   90.269998][   T29] audit: type=1400 audit(1733536172.328:303): avc:  denied  { read } for  pid=6225 comm="syz.0.78" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   90.299153][   T29] audit: type=1400 audit(1733536172.328:304): avc:  denied  { open } for  pid=6225 comm="syz.0.78" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   90.679328][   T29] audit: type=1400 audit(1733536172.328:305): avc:  denied  { ioctl } for  pid=6225 comm="syz.0.78" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   90.704973][   T29] audit: type=1400 audit(1733536172.328:306): avc:  denied  { set_context_mgr } for  pid=6225 comm="syz.0.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   90.725009][   T29] audit: type=1400 audit(1733536172.328:307): avc:  denied  { create } for  pid=6225 comm="syz.0.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.949731][   T29] audit: type=1400 audit(1733536172.328:308): avc:  denied  { bind } for  pid=6225 comm="syz.0.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.980435][   T29] audit: type=1400 audit(1733536172.328:309): avc:  denied  { accept } for  pid=6225 comm="syz.0.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   91.000916][   T29] audit: type=1400 audit(1733536172.338:310): avc:  denied  { read } for  pid=6225 comm="syz.0.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   91.522586][ T6248] vivid-003: disconnect
[   91.658322][ T6248] vivid-003: reconnect
[   91.692899][   T29] audit: type=1400 audit(1733536173.908:311): avc:  denied  { write } for  pid=6247 comm="syz.4.81" name="psched" dev="proc" ino=4026532821 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   92.538573][   T29] audit: type=1400 audit(1733536174.758:312): avc:  denied  { write } for  pid=6263 comm="syz.4.86" path="socket:[9142]" dev="sockfs" ino=9142 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   92.562057][ T6263] delete_channel: no stack
[   92.672206][ T6267] ebt_limit: overflow, try lower: 570423552/2483027968
[   92.819263][ T6275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.844668][ T6276] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.853331][ T6276] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.891469][ T6275] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.774227][ T6279] netlink: 16 bytes leftover after parsing attributes in process `syz.2.89'.
[   93.843370][ T5899] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   93.901731][ T6288] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64272 sclass=netlink_route_socket pid=6288 comm=syz.1.92
[   94.762954][ T6301] binder: 6277:6301 ioctl c0306201 0 returned -14
[   94.844509][ T6308] netlink: 36 bytes leftover after parsing attributes in process `syz.3.98'.
[   94.853040][ T5899] usb 1-1: device descriptor read/64, error -71
[   94.853363][ T6308] netlink: 16 bytes leftover after parsing attributes in process `syz.3.98'.
[   94.868729][ T6308] netlink: 36 bytes leftover after parsing attributes in process `syz.3.98'.
[   94.911357][ T6308] netlink: 36 bytes leftover after parsing attributes in process `syz.3.98'.
[   95.443900][ T5899] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   95.550830][ T6314] sp0: Synchronizing with TNC
[   95.727853][   T29] kauditd_printk_skb: 8 callbacks suppressed
[   95.727869][   T29] audit: type=1400 audit(1733536177.908:321): avc:  denied  { read } for  pid=6312 comm="syz.1.100" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   95.757288][ T5899] usb 1-1: Using ep0 maxpacket: 32
[   95.766892][ T5899] usb 1-1: config 0 has an invalid interface number: 61 but max is 1
[   95.778356][ T5899] usb 1-1: config 0 has an invalid interface number: 98 but max is 1
[   95.877208][   T29] audit: type=1400 audit(1733536177.908:322): avc:  denied  { open } for  pid=6312 comm="syz.1.100" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   95.900162][    C0] vkms_vblank_simulate: vblank timer overrun
[   95.907834][ T5899] usb 1-1: config 0 has no interface number 0
[   95.917158][ T5899] usb 1-1: config 0 has no interface number 1
[   95.941521][ T5899] usb 1-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[   95.956249][   T29] audit: type=1400 audit(1733536177.938:323): avc:  denied  { map } for  pid=6312 comm="syz.1.100" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   95.979186][    C0] vkms_vblank_simulate: vblank timer overrun
[   95.993903][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.002064][ T5899] usb 1-1: Product: syz
[   96.468382][ T5899] usb 1-1: Manufacturer: syz
[   96.501892][ T5899] usb 1-1: SerialNumber: syz
[   96.521506][ T5899] usb 1-1: config 0 descriptor??
[   96.649422][ T6313] Zero length message leads to an empty skb
[   96.680551][ T5899] viperboard 1-1:0.61: version 0.00 found at bus 001 address 003
[   96.765630][ T6294] netlink: 20 bytes leftover after parsing attributes in process `syz.0.94'.
[   96.773229][ T5899] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[   96.784065][ T5899] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[   96.852249][ T5899] viperboard 1-1:0.98: version 0.00 found at bus 001 address 003
[   96.920309][ T5899] viperboard-i2c viperboard-i2c.5.auto: failure setting i2c_bus_freq to 100
[   96.940649][ T5899] viperboard-i2c viperboard-i2c.5.auto: probe with driver viperboard-i2c failed with error -5
[   97.010955][ T5899] usb 1-1: USB disconnect, device number 3
[   97.427241][   T29] audit: type=1400 audit(1733536179.648:324): avc:  denied  { read write } for  pid=6351 comm="syz.1.117" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   97.436041][ T6352] netlink: 8 bytes leftover after parsing attributes in process `syz.1.117'.
[   97.655693][   T29] audit: type=1400 audit(1733536179.648:325): avc:  denied  { open } for  pid=6351 comm="syz.1.117" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   97.679454][    C0] vkms_vblank_simulate: vblank timer overrun
[   98.524781][   T29] audit: type=1400 audit(1733536180.748:326): avc:  denied  { ioctl } for  pid=6351 comm="syz.1.117" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   99.259920][ T6377] ebt_limit: overflow, try lower: 570423552/2483027968
[  100.014097][ T6383] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[  101.211579][   T29] audit: type=1800 audit(1733536183.428:327): pid=6388 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.3.126" name="/newroot/28/file0" dev="tmpfs" ino=169 res=0 errno=0
[  103.037152][   T29] audit: type=1400 audit(1733536185.248:328): avc:  denied  { setopt } for  pid=6416 comm="syz.0.133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  103.059352][ T6420] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  103.084915][ T6419] netlink: 36 bytes leftover after parsing attributes in process `syz.2.135'.
[  103.132037][ T6419] netlink: 16 bytes leftover after parsing attributes in process `syz.2.135'.
[  103.180283][ T6419] netlink: 36 bytes leftover after parsing attributes in process `syz.2.135'.
[  103.224224][ T6419] netlink: 36 bytes leftover after parsing attributes in process `syz.2.135'.
[  105.507397][ T6448] binder: 6437:6448 ioctl c0306201 0 returned -14
[  105.656181][ T6453] sch_tbf: burst 824 is lower than device lo mtu (65550) !
[  106.661019][   T29] audit: type=1400 audit(1733536188.768:329): avc:  denied  { getopt } for  pid=6454 comm="syz.2.146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  106.934605][   T29] audit: type=1400 audit(1733536189.158:330): avc:  denied  { listen } for  pid=6460 comm="syz.0.147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  106.994369][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  107.011298][   T29] audit: type=1400 audit(1733536189.198:331): avc:  denied  { create } for  pid=6460 comm="syz.0.147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  107.144931][ T6461] can: request_module (can-proto-3) failed.
[  107.203748][   T29] audit: type=1400 audit(1733536189.418:332): avc:  denied  { read write } for  pid=6471 comm="syz.2.149" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  107.258314][   T29] audit: type=1400 audit(1733536189.418:333): avc:  denied  { open } for  pid=6471 comm="syz.2.149" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  107.353097][   T29] audit: type=1400 audit(1733536189.418:334): avc:  denied  { mounton } for  pid=6471 comm="syz.2.149" path="/29/file0" dev="tmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  107.443987][   T29] audit: type=1400 audit(1733536189.668:335): avc:  denied  { getopt } for  pid=6477 comm="syz.3.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  107.852236][   T29] audit: type=1400 audit(1733536190.068:336): avc:  denied  { write } for  pid=6489 comm="syz.1.155" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  107.888638][   T29] audit: type=1400 audit(1733536190.108:337): avc:  denied  { map } for  pid=6489 comm="syz.1.155" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  107.932341][  T900] libceph: connect (1)[c::]:6789 error -101
[  107.932613][  T900] libceph: mon0 (1)[c::]:6789 connect error
[  107.934617][  T900] libceph: connect (1)[c::]:6789 error -101
[  107.934732][  T900] libceph: mon0 (1)[c::]:6789 connect error
[  107.985124][   T29] audit: type=1400 audit(1733536190.208:338): avc:  denied  { unmount } for  pid=5817 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  108.056288][    C1] vkms_vblank_simulate: vblank timer overrun
[  108.197102][  T900] libceph: connect (1)[c::]:6789 error -101
[  108.197224][  T900] libceph: mon0 (1)[c::]:6789 connect error
[  108.834374][  T900] libceph: connect (1)[c::]:6789 error -101
[  108.835355][  T900] libceph: mon0 (1)[c::]:6789 connect error
[  108.877409][ T6488] ceph: No mds server is up or the cluster is laggy
[  111.144776][ T6547] netlink: 'syz.4.166': attribute type 10 has an invalid length.
[  111.183981][ T6547] netlink: 'syz.4.166': attribute type 19 has an invalid length.
[  111.191749][ T6547] netlink: 156 bytes leftover after parsing attributes in process `syz.4.166'.
[  111.242933][ T6543] 9pnet_fd: Insufficient options for proto=fd
[  111.433003][ T6552] netlink: 8 bytes leftover after parsing attributes in process `syz.1.169'.
[  111.523746][ T5867] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  111.723188][ T5867] usb 4-1: Using ep0 maxpacket: 16
[  111.782073][ T5867] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.860568][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  111.860609][   T29] audit: type=1400 audit(1733536194.078:344): avc:  denied  { create } for  pid=6554 comm="syz.4.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  112.095927][   T29] audit: type=1400 audit(1733536194.078:345): avc:  denied  { bind } for  pid=6554 comm="syz.4.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  112.273066][ T5867] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.282989][ T5867] usb 4-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  112.295839][ T5867] usb 4-1: config 0 interface 0 has no altsetting 0
[  112.302463][ T5867] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  112.311581][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.334540][ T5867] usb 4-1: config 0 descriptor??
[  112.346001][ T6561] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.171'.
[  112.356272][ T6561] netlink: 24 bytes leftover after parsing attributes in process `syz.1.171'.
[  112.478454][   T29] audit: type=1400 audit(1733536194.698:346): avc:  denied  { bind } for  pid=6562 comm="syz.2.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  112.513352][ T5835] Bluetooth: hci3: failed to read key size for handle 200
[  112.598247][ T5867] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5010.0003/input/input6
[  112.687325][   T29] audit: type=1400 audit(1733536194.908:347): avc:  denied  { ioctl } for  pid=5177 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2778 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  112.712356][    C1] vkms_vblank_simulate: vblank timer overrun
[  112.732287][ T5867] kye 0003:0458:5010.0003: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0
[  112.786119][ T5867] usb 4-1: USB disconnect, device number 5
[  113.578669][   T29] audit: type=1400 audit(1733536195.798:348): avc:  denied  { map } for  pid=6578 comm="syz.4.176" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  113.580362][ T6579] FAULT_INJECTION: forcing a failure.
[  113.580362][ T6579] name failslab, interval 1, probability 0, space 0, times 0
[  113.623279][ T6579] CPU: 1 UID: 0 PID: 6579 Comm: syz.4.176 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  113.633873][ T6579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  113.643912][ T6579] Call Trace:
[  113.647179][ T6579]  <TASK>
[  113.650100][ T6579]  dump_stack_lvl+0x16c/0x1f0
[  113.654946][ T6579]  should_fail_ex+0x497/0x5b0
[  113.659619][ T6579]  ? fs_reclaim_acquire+0xae/0x150
[  113.664827][ T6579]  should_failslab+0xc2/0x120
[  113.669502][ T6579]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  113.675658][ T6579]  ? mas_alloc_nodes+0x18b/0x8b0
[  113.675689][ T6579]  mas_alloc_nodes+0x18b/0x8b0
[  113.685629][ T6579]  mas_node_count_gfp+0x105/0x130
[  113.690644][ T6579]  mas_preallocate+0x53f/0xce0
[  113.695410][ T6579]  ? __pfx_mas_preallocate+0x10/0x10
[  113.700681][ T6579]  ? anon_vma_name+0x75/0x100
[  113.705350][ T6579]  __split_vma+0x474/0x1160
[  113.709831][ T6579]  ? __pfx___split_vma+0x10/0x10
[  113.714756][ T6579]  vms_gather_munmap_vmas+0x1c3/0x1730
[  113.720280][ T6579]  ? hlock_class+0x4e/0x130
[  113.724761][ T6579]  ? mark_lock+0xb5/0xc60
[  113.729066][ T6579]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  113.734976][ T6579]  ? __pfx_native_flush_tlb_one_user+0x10/0x10
[  113.741121][ T6579]  ? find_held_lock+0x2d/0x110
[  113.745872][ T6579]  ? find_held_lock+0x2d/0x110
[  113.750616][ T6579]  do_vmi_align_munmap+0x27f/0x890
[  113.755712][ T6579]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  113.761426][ T6579]  do_vmi_munmap+0x20b/0x3e0
[  113.766004][ T6579]  move_vma+0x8ff/0x1c60
[  113.770234][ T6579]  ? __pfx_move_vma+0x10/0x10
[  113.774894][ T6579]  ? __pfx_mtree_load+0x10/0x10
[  113.779727][ T6579]  ? selinux_mmap_addr+0x2b/0x110
[  113.784729][ T6579]  ? bpf_lsm_mmap_addr+0x9/0x10
[  113.789559][ T6579]  ? security_mmap_addr+0x6c/0x1e0
[  113.794650][ T6579]  __do_sys_mremap+0xfc7/0x15e0
[  113.799495][ T6579]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  113.805469][ T6579]  ? __pfx___do_sys_mremap+0x10/0x10
[  113.810795][ T6579]  ? __fget_files+0x206/0x3a0
[  113.815513][ T6579]  ? fput+0x67/0x440
[  113.819396][ T6579]  ? ksys_write+0x1ba/0x250
[  113.823877][ T6579]  ? __pfx_ksys_write+0x10/0x10
[  113.828712][ T6579]  do_syscall_64+0xcd/0x250
[  113.833198][ T6579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.839071][ T6579] RIP: 0033:0x7f7c8917fed9
[  113.843462][ T6579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.863076][ T6579] RSP: 002b:00007f7c89ec6058 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  113.871477][ T6579] RAX: ffffffffffffffda RBX: 00007f7c89345fa0 RCX: 00007f7c8917fed9
[  113.879439][ T6579] RDX: 0000000000003000 RSI: 0000000000003000 RDI: 00000000200e9000
[  113.887386][ T6579] RBP: 00007f7c89ec60a0 R08: 00000000201de000 R09: 0000000000000000
[  113.895334][ T6579] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  113.903280][ T6579] R13: 0000000000000000 R14: 00007f7c89345fa0 R15: 00007ffd1a3fcfb8
[  113.911234][ T6579]  </TASK>
[  113.914331][    C1] vkms_vblank_simulate: vblank timer overrun
[  114.108444][ T6588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.178'.
[  114.254566][   T29] audit: type=1400 audit(1733536196.478:349): avc:  denied  { bind } for  pid=6593 comm="syz.3.181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.310251][   T29] audit: type=1400 audit(1733536196.498:350): avc:  denied  { name_bind } for  pid=6593 comm="syz.3.181" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  114.346004][   T29] audit: type=1400 audit(1733536196.498:351): avc:  denied  { node_bind } for  pid=6593 comm="syz.3.181" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  114.371872][   T29] audit: type=1400 audit(1733536196.498:352): avc:  denied  { read } for  pid=6593 comm="syz.3.181" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.399186][   T29] audit: type=1400 audit(1733536196.508:353): avc:  denied  { write } for  pid=6593 comm="syz.3.181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  114.459967][ T6601] netlink: 36 bytes leftover after parsing attributes in process `syz.1.183'.
[  114.492091][ T6604] netlink: 32 bytes leftover after parsing attributes in process `syz.3.185'.
[  114.493664][ T6601] netlink: 16 bytes leftover after parsing attributes in process `syz.1.183'.
[  114.538434][ T6601] netlink: 36 bytes leftover after parsing attributes in process `syz.1.183'.
[  114.563521][ T6601] netlink: 36 bytes leftover after parsing attributes in process `syz.1.183'.
[  116.557552][ T6644] netlink: 14601 bytes leftover after parsing attributes in process `syz.2.194'.
[  116.586081][ T5835] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  116.597869][ T5835] Bluetooth: hci3: Injecting HCI hardware error event
[  116.606207][ T5831] Bluetooth: hci3: hardware error 0x00
[  116.646787][ T6640] netlink: 666 bytes leftover after parsing attributes in process `syz.2.194'.
[  116.862766][  T934] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  117.023827][  T934] usb 5-1: Using ep0 maxpacket: 8
[  117.044234][  T934] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  117.156990][  T934] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  117.221444][  T934] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  117.290395][  T934] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  117.398308][  T934] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  117.422350][  T934] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  117.442614][  T934] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.901535][  T934] usb 5-1: usb_control_msg returned -32
[  118.047922][  T934] usbtmc 5-1:16.0: can't read capabilities
[  118.991077][ T5831] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  119.238663][ T6695] netlink: 16 bytes leftover after parsing attributes in process `syz.0.211'.
[  119.702131][ T5899] usb 5-1: USB disconnect, device number 4
[  119.769872][ T6704] netlink: 36 bytes leftover after parsing attributes in process `syz.0.217'.
[  120.361901][ T6704] =======================================================
[  120.361901][ T6704] WARNING: The mand mount option has been deprecated and
[  120.361901][ T6704]          and is ignored by this kernel. Remove the mand
[  120.361901][ T6704]          option from the mount to silence this warning.
[  120.361901][ T6704] =======================================================
[  120.856260][ T6704] overlayfs: failed to resolve './bus/file0': -2
[  122.324326][ T6726] ebt_limit: overflow, try lower: 570423552/2483027968
[  122.392114][ T6730] ebt_limit: overflow, try lower: 570423552/2483027968
[  122.401918][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  122.401928][   T29] audit: type=1400 audit(1733536204.628:369): avc:  denied  { mount } for  pid=6728 comm="syz.2.224" name="/" dev="autofs" ino=12507 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  122.544414][ T6727] ebt_limit: overflow, try lower: 570423552/2483027968
[  122.961096][   T29] audit: type=1400 audit(1733536205.038:370): avc:  denied  { create } for  pid=6738 comm="syz.4.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  123.033744][ T6743] netlink: 16 bytes leftover after parsing attributes in process `syz.1.228'.
[  123.260264][   T29] audit: type=1400 audit(1733536205.038:371): avc:  denied  { setopt } for  pid=6738 comm="syz.4.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  123.318219][   T29] audit: type=1400 audit(1733536205.508:372): avc:  denied  { unmount } for  pid=5817 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  123.422405][ T5899] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  123.623719][ T5899] usb 1-1: Using ep0 maxpacket: 32
[  123.635900][ T6757] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  123.667766][ T5899] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.724291][ T5899] usb 1-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.00
[  123.917469][ T5899] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.093909][ T5899] usb 1-1: config 0 descriptor??
[  124.222178][   T29] audit: type=1400 audit(1733536206.398:373): avc:  denied  { append } for  pid=6763 comm="syz.1.235" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  124.788125][ T5899] kye 0003:0458:5015.0004: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  124.800900][ T5899] kye 0003:0458:5015.0004: item fetching failed at offset 6/7
[  124.808829][ T5899] kye 0003:0458:5015.0004: parse failed
[  124.814499][ T5899] kye 0003:0458:5015.0004: probe with driver kye failed with error -22
[  124.833569][ T5899] usb 1-1: USB disconnect, device number 4
[  127.010065][ T6796] netlink: 112 bytes leftover after parsing attributes in process `syz.1.242'.
[  127.730206][   T29] audit: type=1400 audit(1733536209.938:374): avc:  denied  { mount } for  pid=6804 comm="syz.1.247" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  127.806064][ T6805] ALSA: mixer_oss: invalid OSS volume 'sitdyn,'
[  127.808517][ T6814] netlink: 80 bytes leftover after parsing attributes in process `syz.3.248'.
[  127.835250][   T29] audit: type=1400 audit(1733536210.008:375): avc:  denied  { mounton } for  pid=6804 comm="syz.1.247" path="/49/file0" dev="tmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  127.888830][   T29] audit: type=1400 audit(1733536210.108:376): avc:  denied  { unmount } for  pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  128.303735][ T5827] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  128.357675][   T29] audit: type=1400 audit(1733536210.578:377): avc:  denied  { unmount } for  pid=5826 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  128.465100][ T5827] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  128.475431][ T5827] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  128.484570][   T25] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  128.496472][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.514309][ T5827] usb 1-1: config 0 descriptor??
[  128.522881][ T5827] pwc: Askey VC010 type 2 USB webcam detected.
[  128.635775][   T25] usb 5-1: unable to get BOS descriptor or descriptor too short
[  128.704262][   T25] usb 5-1: not running at top speed; connect to a high speed hub
[  128.715561][   T25] usb 5-1: config 1 interface 0 has no altsetting 0
[  128.725204][   T25] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  128.737737][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.746623][   T25] usb 5-1: Product: syz
[  128.750830][   T25] usb 5-1: Manufacturer: syz
[  129.373723][ T5827] pwc: recv_control_msg error -32 req 02 val 2b00
[  129.381978][ T5827] pwc: recv_control_msg error -32 req 02 val 2700
[  129.390206][   T25] usb 5-1: SerialNumber: syz
[  129.396596][ T5827] pwc: recv_control_msg error -32 req 02 val 2c00
[  129.723102][   T29] audit: type=1400 audit(1733536211.758:378): avc:  denied  { setopt } for  pid=6839 comm="syz.3.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  129.750800][ T5827] pwc: recv_control_msg error -71 req 04 val 1300
[  129.757670][   T29] audit: type=1400 audit(1733536211.758:379): avc:  denied  { ioctl } for  pid=6839 comm="syz.3.257" path="socket:[12935]" dev="sockfs" ino=12935 ioctlcmd=0x6615 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  130.794952][   T29] audit: type=1400 audit(1733536213.008:380): avc:  denied  { accept } for  pid=6827 comm="syz.4.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  130.892837][   T29] audit: type=1400 audit(1733536213.008:381): avc:  denied  { read } for  pid=6827 comm="syz.4.253" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  131.853750][ T5827] pwc: recv_control_msg error -71 req 04 val 1400
[  134.603960][ T5827] pwc: recv_control_msg error -71 req 02 val 2000
[  134.664782][ T5827] pwc: recv_control_msg error -71 req 02 val 2100
[  134.671854][ T5827] pwc: recv_control_msg error -71 req 04 val 1500
[  134.678831][ T5827] pwc: recv_control_msg error -71 req 02 val 2500
[  134.685807][ T5827] pwc: recv_control_msg error -71 req 02 val 2400
[  134.692793][ T5827] pwc: recv_control_msg error -71 req 02 val 2600
[  134.700337][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  134.706918][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  134.714334][   T29] audit: type=1400 audit(1733536213.008:382): avc:  denied  { open } for  pid=6827 comm="syz.4.253" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  134.737937][   T29] audit: type=1400 audit(1733536213.008:383): avc:  denied  { mounton } for  pid=6827 comm="syz.4.253" path="/43/file1/file0" dev="autofs" ino=12953 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  134.761276][   T29] audit: type=1400 audit(1733536213.018:384): avc:  denied  { ioctl } for  pid=6827 comm="syz.4.253" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  134.786590][ T5827] pwc: recv_control_msg error -71 req 02 val 2900
[  134.863878][ T6848] sg_read: process 208 (syz.3.259) changed security contexts after opening file descriptor, this is not allowed.
[  134.872798][ T5827] pwc: recv_control_msg error -71 req 02 val 2800
[  134.887048][   T29] audit: type=1400 audit(1733536217.078:385): avc:  denied  { read write } for  pid=6846 comm="syz.3.259" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  134.916137][   T29] audit: type=1400 audit(1733536217.078:386): avc:  denied  { open } for  pid=6846 comm="syz.3.259" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  134.940275][   T29] audit: type=1400 audit(1733536217.078:387): avc:  denied  { ioctl } for  pid=6846 comm="syz.3.259" path="/dev/sg0" dev="devtmpfs" ino=722 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  134.965961][   T29] audit: type=1400 audit(1733536217.098:388): avc:  denied  { append } for  pid=6846 comm="syz.3.259" name="iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  134.997551][ T6847] ALSA: mixer_oss: invalid OSS volume 'sit0'
[  135.006653][ T5827] pwc: recv_control_msg error -71 req 04 val 1100
[  135.045039][ T5827] pwc: recv_control_msg error -71 req 04 val 1200
[  135.084362][ T5827] pwc: Registered as video103.
[  135.090290][ T5827] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input7
[  135.127070][   T25] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 127 proto 2 vid 0x0525 pid 0xA4A8
[  135.140686][ T5827] usb 1-1: USB disconnect, device number 5
[  135.239087][ T6855] ebt_limit: overflow, try lower: 570423552/2483027968
[  135.272359][   T29] audit: type=1400 audit(1733536217.488:389): avc:  denied  { map } for  pid=6851 comm="syz.1.264" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  135.307118][   T29] audit: type=1400 audit(1733536217.528:390): avc:  denied  { execute } for  pid=6851 comm="syz.1.264" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  135.476826][   T25] usb 5-1: USB disconnect, device number 5
[  135.495146][   T25] usblp0: removed
[  135.645430][   T29] audit: type=1400 audit(1733536217.868:391): avc:  denied  { mount } for  pid=6868 comm="syz.3.268" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  135.673832][ T5899] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  135.853797][ T5899] usb 2-1: Using ep0 maxpacket: 32
[  135.861078][ T5899] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  135.871794][ T5899] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.885778][ T5899] usb 2-1: config 0 descriptor??
[  135.897533][ T5899] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  136.013809][  T900] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  136.117754][ T6856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.126426][ T6856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.138109][ T5899] gspca_vc032x: reg_r err -71
[  136.142824][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.153035][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.158931][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.164826][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.174117][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.181066][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.186533][  T900] usb 4-1: Using ep0 maxpacket: 8
[  136.192242][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.198368][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.204621][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.209924][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.215403][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.220869][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.227252][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.232578][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.238300][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.243613][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.249870][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.255559][ T5899] gspca_vc032x: I2c Bus Busy Wait 00
[  136.260873][ T5899] gspca_vc032x: Unknown sensor...
[  136.266117][ T5899] vc032x 2-1:0.0: probe with driver vc032x failed with error -22
[  136.277064][  T900] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  136.286515][ T5899] usb 2-1: USB disconnect, device number 3
[  136.293690][  T900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.301697][  T900] usb 4-1: Product: syz
[  136.307028][  T900] usb 4-1: Manufacturer: syz
[  136.311658][  T900] usb 4-1: SerialNumber: syz
[  136.317557][  T900] usb 4-1: config 0 descriptor??
[  136.325419][  T900] gspca_main: se401-2.14.0 probing 047d:5003
[  136.426702][   T25] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  136.517840][ T6879] netlink: 32 bytes leftover after parsing attributes in process `syz.2.272'.
[  136.527115][ T6879] netlink: 32 bytes leftover after parsing attributes in process `syz.2.272'.
[  136.584631][   T25] usb 1-1: Using ep0 maxpacket: 8
[  136.595247][   T25] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  136.605287][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.615690][   T25] usb 1-1: config 0 descriptor??
[  136.738934][  T900] gspca_se401: Bayer format not supported!
[  136.814213][ T5827] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  136.941953][  T900] usb 4-1: USB disconnect, device number 6
[  136.973844][ T5827] usb 3-1: Using ep0 maxpacket: 16
[  136.994027][ T5827] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  137.008190][ T5827] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[  137.022476][ T5827] usb 3-1: config 0 interface 0 has no altsetting 0
[  137.035632][ T5827] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  137.085303][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.093401][ T5827] usb 3-1: Product: syz
[  137.097733][ T5827] usb 3-1: Manufacturer: syz
[  137.102405][ T5827] usb 3-1: SerialNumber: syz
[  137.112933][ T5827] usb 3-1: config 0 descriptor??
[  137.326583][ T6881] netlink: 32 bytes leftover after parsing attributes in process `syz.2.273'.
[  137.562119][    T8] usb 3-1: USB disconnect, device number 2
[  139.887071][   T25] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  139.899212][   T25] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  139.916576][   T25] asix 1-1:0.0: probe with driver asix failed with error -71
[  140.000568][   T25] usb 1-1: USB disconnect, device number 6
[  140.164343][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  141.743111][ T6914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'.
[  141.775947][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  141.775963][   T29] audit: type=1400 audit(1733536223.998:397): avc:  denied  { read } for  pid=6916 comm="syz.2.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  141.820810][ T6919] syz.3.285: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  141.830217][   T29] audit: type=1400 audit(1733536224.038:398): avc:  denied  { setopt } for  pid=6918 comm="syz.3.285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  141.836157][ T6919] CPU: 0 UID: 0 PID: 6919 Comm: syz.3.285 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  141.865729][ T6919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.875804][ T6919] Call Trace:
[  141.879105][ T6919]  <TASK>
[  141.882569][ T6919]  dump_stack_lvl+0x16c/0x1f0
[  141.887267][ T6919]  warn_alloc+0x24d/0x3a0
[  141.891617][ T6919]  ? __pfx_warn_alloc+0x10/0x10
[  141.896480][ T6919]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  141.902314][ T6919]  ? kasan_save_stack+0x42/0x60
[  141.907198][ T6919]  ? kasan_save_stack+0x33/0x60
[  141.912059][ T6919]  ? kasan_save_track+0x14/0x30
[  141.916916][ T6919]  ? __kasan_kmalloc+0xaa/0xb0
[  141.921706][ T6919]  ? xskq_create+0x52/0x1d0
[  141.926217][ T6919]  ? do_sock_setsockopt+0x222/0x480
[  141.931427][ T6919]  ? __sys_setsockopt+0x1a0/0x230
[  141.936456][ T6919]  ? __x64_sys_setsockopt+0xbd/0x160
[  141.941752][ T6919]  __vmalloc_node_range_noprof+0x10df/0x1530
[  141.947768][ T6919]  ? xskq_create+0xfb/0x1d0
[  141.952289][ T6919]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  141.958641][ T6919]  ? xskq_create+0xfb/0x1d0
[  141.963156][ T6919]  vmalloc_user_noprof+0x6b/0x90
[  141.968111][ T6919]  ? xskq_create+0xfb/0x1d0
[  141.972621][ T6919]  xskq_create+0xfb/0x1d0
[  141.976968][ T6919]  xsk_setsockopt+0x757/0xa10
[  141.981655][ T6919]  ? __pfx_xsk_setsockopt+0x10/0x10
[  141.986892][ T6919]  ? selinux_socket_setsockopt+0x6a/0x80
[  141.992537][ T6919]  ? __pfx_xsk_setsockopt+0x10/0x10
[  141.997747][ T6919]  do_sock_setsockopt+0x222/0x480
[  142.002785][ T6919]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  142.008344][ T6919]  ? lock_acquire+0x2f/0xb0
[  142.012873][ T6919]  __sys_setsockopt+0x1a0/0x230
[  142.017740][ T6919]  __x64_sys_setsockopt+0xbd/0x160
[  142.022874][ T6919]  ? do_syscall_64+0x91/0x250
[  142.027574][ T6919]  ? lockdep_hardirqs_on+0x7c/0x110
[  142.032796][ T6919]  do_syscall_64+0xcd/0x250
[  142.037333][ T6919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.043254][ T6919] RIP: 0033:0x7f7e7d17fed9
[  142.047686][ T6919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.067306][ T6919] RSP: 002b:00007f7e7df46058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  142.075698][ T6919] RAX: ffffffffffffffda RBX: 00007f7e7d345fa0 RCX: 00007f7e7d17fed9
[  142.083660][ T6919] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  142.091607][ T6919] RBP: 00007f7e7d1f3cc8 R08: 0000000000000020 R09: 0000000000000000
[  142.099662][ T6919] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  142.107653][ T6919] R13: 0000000000000000 R14: 00007f7e7d345fa0 R15: 00007fff0b77b0f8
[  142.115657][ T6919]  </TASK>
[  142.152199][   T29] audit: type=1400 audit(1733536224.368:399): avc:  denied  { connect } for  pid=6916 comm="syz.2.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  142.186457][ T6919] Mem-Info:
[  142.189598][ T6919] active_anon:8337 inactive_anon:0 isolated_anon:0
[  142.189598][ T6919]  active_file:12648 inactive_file:39006 isolated_file:0
[  142.189598][ T6919]  unevictable:768 dirty:325 writeback:0
[  142.189598][ T6919]  slab_reclaimable:10930 slab_unreclaimable:105247
[  142.189598][ T6919]  mapped:32337 shmem:4276 pagetables:869
[  142.189598][ T6919]  sec_pagetables:0 bounce:0
[  142.189598][ T6919]  kernel_misc_reclaimable:0
[  142.189598][ T6919]  free:1315792 free_pcp:3378 free_cma:0
[  142.240290][ T6919] Node 0 active_anon:33448kB inactive_anon:0kB active_file:50592kB inactive_file:155952kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129448kB dirty:1300kB writeback:0kB shmem:15568kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11288kB pagetables:3576kB sec_pagetables:0kB all_unreclaimable? no
[  142.273063][ T6919] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  142.304582][ T6919] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  142.332237][ T6919] lowmem_reserve[]: 0 2459 2459 0 0
[  142.343537][ T6919] Node 0 DMA32 free:1335764kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:39448kB inactive_anon:0kB active_file:50592kB inactive_file:155860kB unevictable:1536kB writepending:1300kB present:3129332kB managed:2547176kB mlocked:0kB bounce:0kB free_pcp:14820kB local_pcp:12724kB free_cma:0kB
[  142.374516][ T6919] lowmem_reserve[]: 0 0 0 0 0
[  142.379246][ T6919] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  142.407306][ T6919] lowmem_reserve[]: 0 0 0 0 0
[  142.473735][ T6919] Node 1 Normal free:3904372kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  142.814326][ T6919] lowmem_reserve[]: 0 0 0 0 0
[  142.961545][ T6919] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  142.983915][ T6919] Node 0 DMA32: 490*4kB (UME) 773*8kB (UME) 618*16kB (UME) 333*32kB (UME) 427*64kB (UME) 61*128kB (UME) 19*256kB (ME) 12*512kB (UME) 5*1024kB (UM) 16*2048kB (UME) 301*4096kB (UM) = 1345616kB
[  143.009330][ T6919] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  143.041946][ T6919] Node 1 Normal: 233*4kB (UME) 50*8kB (UME) 36*16kB (UME) 204*32kB (UME) 92*64kB (UME) 33*128kB (UME) 15*256kB (UM) 10*512kB (UM) 4*1024kB (UME) 3*2048kB (UE) 944*4096kB (M) = 3904372kB
[  143.063728][ T6919] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  143.083758][ T6919] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  143.093146][ T6919] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  143.102820][ T6919] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  143.147330][ T6919] 56395 total pagecache pages
[  143.177552][ T6919] 0 pages in swap cache
[  143.181789][ T6919] Free swap  = 124996kB
[  143.191955][ T6919] Total swap = 124996kB
[  143.201211][ T6919] 2097051 pages RAM
[  143.217895][ T6919] 0 pages HighMem/MovableOnly
[  143.222628][ T6919] 428599 pages reserved
[  143.237145][ T6919] 0 pages cma reserved
[  143.846961][   T29] audit: type=1400 audit(1733536226.058:400): avc:  denied  { write } for  pid=6928 comm="syz.0.288" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  143.889216][ T6943] binder: 6939:6943 ioctl c0306201 0 returned -14
[  143.919500][   T29] audit: type=1400 audit(1733536226.088:401): avc:  denied  { create } for  pid=6928 comm="syz.0.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  144.185225][    T8] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  144.848845][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  144.863693][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  144.957846][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  145.018846][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  145.111207][    T8] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  145.120408][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.128490][    T8] usb 1-1: Product: syz
[  145.132661][    T8] usb 1-1: Manufacturer: syz
[  145.137350][    T8] usb 1-1: SerialNumber: syz
[  145.158783][    T8] usb 1-1: config 0 descriptor??
[  145.173548][    T8] ums-isd200 1-1:0.0: USB Mass Storage device detected
[  145.447016][    T8] scsi host1: usb-storage 1-1:0.0
[  145.475098][    T8] usb 1-1: USB disconnect, device number 7
[  148.716980][ T6987] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  148.884025][ T6994] netlink: 20 bytes leftover after parsing attributes in process `syz.3.304'.
[  151.045631][   T29] audit: type=1400 audit(1733536233.248:402): avc:  denied  { connect } for  pid=7010 comm="syz.0.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  151.071138][   T29] audit: type=1400 audit(1733536233.248:403): avc:  denied  { name_connect } for  pid=7010 comm="syz.0.311" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  151.092483][   T29] audit: type=1400 audit(1733536233.248:404): avc:  denied  { write } for  pid=7010 comm="syz.0.311" faddr=fc00::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  151.685653][ T5835] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  151.713203][ T5835] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  151.808406][ T5835] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  151.891748][    T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  151.907182][ T5835] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  152.028504][ T5835] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  152.036831][ T5835] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  152.058842][   T29] audit: type=1400 audit(1733536234.278:405): avc:  denied  { mounton } for  pid=7017 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  152.080983][    T8] usb 3-1: Using ep0 maxpacket: 32
[  152.629893][    T8] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  152.639041][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.650513][    T8] usb 3-1: Product: syz
[  152.654819][    T8] usb 3-1: Manufacturer: syz
[  152.659459][    T8] usb 3-1: SerialNumber: syz
[  152.712181][    T8] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  152.774371][ T7032] ebt_limit: overflow, try lower: 570423552/2483027968
[  152.831338][ T7034] netlink: 'syz.1.318': attribute type 10 has an invalid length.
[  152.880261][ T7034] veth0_macvtap: left promiscuous mode
[  152.888439][ T7034] veth0_macvtap: entered promiscuous mode
[  152.913338][ T7034] team0: Device macvtap0 failed to register rx_handler
[  152.933453][ T7034] veth0_macvtap: left promiscuous mode
[  153.008496][ T2955] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.101031][ T7044] binder: 7030:7044 ioctl c0306201 0 returned -14
[  153.115590][ T2955] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.136686][ T7017] chnl_net:caif_netlink_parms(): no params data found
[  153.207315][ T2955] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.290444][ T2955] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.316232][ T7017] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.324888][ T7017] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.333848][ T7017] bridge_slave_0: entered allmulticast mode
[  153.345382][ T7017] bridge_slave_0: entered promiscuous mode
[  153.404090][ T7017] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.411692][ T7017] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.420888][ T7017] bridge_slave_1: entered allmulticast mode
[  153.432378][ T7017] bridge_slave_1: entered promiscuous mode
[  153.920078][ T7017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.941364][ T7017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.989122][ T7017] team0: Port device team_slave_0 added
[  154.033882][ T7017] team0: Port device team_slave_1 added
[  154.081384][ T7017] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.090275][ T7017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.174668][ T7017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.192210][ T5835] Bluetooth: hci5: command tx timeout
[  154.223384][ T7017] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.232211][    T8] gspca_stk1135: reg_w 0xf err -71
[  154.238803][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.244803][ T7017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.245369][    T8] gspca_stk1135: Sensor write failed
[  154.276815][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.283115][    T8] gspca_stk1135: Sensor write failed
[  154.288643][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.295367][    T8] gspca_stk1135: Sensor read failed
[  154.300896][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.307429][    T8] gspca_stk1135: Sensor read failed
[  154.313511][    T8] gspca_stk1135: Detected sensor type unknown (0x0)
[  154.320177][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.326619][    T8] gspca_stk1135: Sensor read failed
[  154.331853][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.338666][    T8] gspca_stk1135: Sensor read failed
[  154.343912][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.350322][    T8] gspca_stk1135: Sensor write failed
[  154.355673][    T8] gspca_stk1135: serial bus timeout: status=0x00
[  154.361995][    T8] gspca_stk1135: Sensor write failed
[  154.367383][    T8] stk1135 3-1:64.0: probe with driver stk1135 failed with error -71
[  154.380511][ T7017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.801830][   T29] audit: type=1400 audit(1733536236.918:406): avc:  denied  { search } for  pid=5486 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  155.033450][    T8] usb 3-1: USB disconnect, device number 3
[  155.041607][   T29] audit: type=1400 audit(1733536236.918:407): avc:  denied  { read } for  pid=5486 comm="dhcpcd" name="n102" dev="tmpfs" ino=3177 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  155.153685][   T29] audit: type=1400 audit(1733536236.918:408): avc:  denied  { open } for  pid=5486 comm="dhcpcd" path="/run/udev/data/n102" dev="tmpfs" ino=3177 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  155.199939][   T29] audit: type=1400 audit(1733536236.918:409): avc:  denied  { getattr } for  pid=5486 comm="dhcpcd" path="/run/udev/data/n102" dev="tmpfs" ino=3177 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  155.228461][ T2955] bridge_slave_1: left allmulticast mode
[  155.236520][ T2955] bridge_slave_1: left promiscuous mode
[  155.242854][ T2955] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.256574][ T2955] bridge_slave_0: left allmulticast mode
[  155.263857][ T2955] bridge_slave_0: left promiscuous mode
[  155.273295][ T2955] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.117472][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  156.132938][ T5831] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  156.144871][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  156.217456][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  156.225161][ T5831] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  156.232424][ T5831] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  156.265358][ T5831] Bluetooth: hci5: command tx timeout
[  156.370859][   T29] audit: type=1400 audit(1733536238.588:410): avc:  denied  { shutdown } for  pid=7072 comm="syz.1.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  156.419068][   T29] audit: type=1400 audit(1733536238.608:411): avc:  denied  { getopt } for  pid=7072 comm="syz.1.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  157.072633][ T2955] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.086349][ T2955] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.098838][ T2955] bond0 (unregistering): Released all slaves
[  157.127359][ T7017] hsr_slave_0: entered promiscuous mode
[  157.201720][ T7017] hsr_slave_1: entered promiscuous mode
[  157.203889][    T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  157.216322][ T7017] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.224972][ T7017] Cannot create hsr debugfs directory
[  158.278666][    T8] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  158.441895][ T5835] Bluetooth: hci5: command tx timeout
[  158.447372][ T5835] Bluetooth: hci0: command tx timeout
[  158.601375][   T29] audit: type=1400 audit(1733536240.818:412): avc:  denied  { read } for  pid=7096 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  158.652996][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.661106][    T8] usb 2-1: Product: syz
[  158.665336][    T8] usb 2-1: Manufacturer: syz
[  158.670377][    T8] usb 2-1: SerialNumber: syz
[  158.676605][    T8] usb 2-1: config 0 descriptor??
[  158.683811][   T29] audit: type=1400 audit(1733536240.848:413): avc:  denied  { open } for  pid=7096 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  158.793782][   T29] audit: type=1400 audit(1733536240.848:414): avc:  denied  { getattr } for  pid=7096 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  158.953427][   T29] audit: type=1400 audit(1733536241.168:415): avc:  denied  { mounton } for  pid=7103 comm="syz.0.337" path="/proc/244/task" dev="proc" ino=13662 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  158.984914][  T934] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  159.019273][   T29] audit: type=1400 audit(1733536241.168:416): avc:  denied  { write } for  pid=7095 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  159.046084][   T29] audit: type=1400 audit(1733536241.168:417): avc:  denied  { add_name } for  pid=7095 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  159.069246][   T29] audit: type=1400 audit(1733536241.168:418): avc:  denied  { create } for  pid=7095 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  159.091596][   T29] audit: type=1400 audit(1733536241.168:419): avc:  denied  { write } for  pid=7095 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth2.link" dev="tmpfs" ino=3234 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  159.173681][  T934] usb 3-1: Using ep0 maxpacket: 8
[  159.185965][    T8] usb 2-1: Firmware version (0.0) predates our first public release.
[  159.187134][  T934] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  159.203539][  T934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.206734][    T8] usb 2-1: Please update to version 0.2 or newer
[  159.215342][  T934] usb 3-1: Product: syz
[  159.222038][  T934] usb 3-1: Manufacturer: syz
[  159.226811][  T934] usb 3-1: SerialNumber: syz
[  159.233366][  T934] usb 3-1: config 0 descriptor??
[  159.240851][  T934] gspca_main: sq930x-2.14.0 probing 2770:930c
[  159.266228][ T2955] hsr_slave_0: left promiscuous mode
[  159.273891][ T2955] hsr_slave_1: left promiscuous mode
[  159.280112][ T2955] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  159.288016][ T2955] batman_adv: batadv0: Removing interface: batadv_slave_0
[  159.296783][ T2955] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  159.311941][ T2955] batman_adv: batadv0: Removing interface: batadv_slave_1
[  159.327938][ T2955] veth1_macvtap: left promiscuous mode
[  159.334292][ T2955] veth0_macvtap: left promiscuous mode
[  159.339958][ T2955] veth1_vlan: left promiscuous mode
[  159.346646][ T2955] veth0_vlan: left promiscuous mode
[  159.641618][ T2955] team0 (unregistering): Port device team_slave_1 removed
[  159.672654][ T2955] team0 (unregistering): Port device team_slave_0 removed
[  160.055500][ T7125] netlink: 72 bytes leftover after parsing attributes in process `syz.2.336'.
[  160.327750][    T8] usb 2-1: USB disconnect, device number 4
[  160.539660][ T7068] chnl_net:caif_netlink_parms(): no params data found
[  160.561186][ T5831] Bluetooth: hci0: command tx timeout
[  160.562041][ T5831] Bluetooth: hci5: command tx timeout
[  160.685284][ T7129] netlink: 'syz.2.336': attribute type 13 has an invalid length.
[  160.690413][ T7017] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  160.703982][  T934] gspca_sq930x: reg_w 0305 fd00 failed -110
[  160.819255][ T7017] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  160.825285][ T7017] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  161.001114][ T7017] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  161.126526][ T7068] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.135166][ T7068] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.142749][ T7068] bridge_slave_0: entered allmulticast mode
[  161.151513][ T7068] bridge_slave_0: entered promiscuous mode
[  161.708889][ T7068] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.728298][ T7068] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.749307][ T7068] bridge_slave_1: entered allmulticast mode
[  161.757756][ T7068] bridge_slave_1: entered promiscuous mode
[  161.800589][ T7068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  161.811456][ T7068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.849158][ T7068] team0: Port device team_slave_0 added
[  161.868947][ T7068] team0: Port device team_slave_1 added
[  161.941061][ T7068] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.965417][ T7068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.991817][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  161.991831][   T29] audit: type=1400 audit(1733536244.188:426): avc:  denied  { unmount } for  pid=5817 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  162.029669][ T7068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  162.068059][  T934] gspca_sq930x: Unknown sensor
[  162.072896][  T934] sq930x 3-1:0.0: probe with driver sq930x failed with error -22
[  162.091013][  T934] usb 3-1: USB disconnect, device number 4
[  162.111343][ T7068] batman_adv: batadv0: Adding interface: batadv_slave_1
[  162.121525][ T7068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.148736][ T7068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  162.226418][ T7160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.343'.
[  162.307693][   T29] audit: type=1400 audit(1733536244.528:427): avc:  denied  { wake_alarm } for  pid=7163 comm="syz.0.344" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  162.357662][ T7068] hsr_slave_0: entered promiscuous mode
[  162.386831][ T7068] hsr_slave_1: entered promiscuous mode
[  162.416101][ T7068] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  162.445179][ T7068] Cannot create hsr debugfs directory
[  162.587055][ T5835] Bluetooth: hci0: command tx timeout
[  162.925653][ T7017] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.939291][ T7017] 8021q: adding VLAN 0 to HW filter on device team0
[  162.964996][ T7017] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  162.975519][ T7017] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  163.071155][ T2955] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.078307][ T2955] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.107330][ T2955] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.115447][ T2955] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.448848][ T7068] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  164.549167][ T7068] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  164.663769][ T5835] Bluetooth: hci0: command tx timeout
[  164.680926][ T7068] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  164.742778][ T7068] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  164.743264][ T7208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.353'.
[  164.961530][ T7068] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.013498][ T7068] 8021q: adding VLAN 0 to HW filter on device team0
[  165.140862][ T7017] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.309552][ T2955] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.316715][ T2955] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.525187][   T29] audit: type=1400 audit(1733536247.708:428): avc:  denied  { ioctl } for  pid=7216 comm="syz.1.354" path="socket:[15187]" dev="sockfs" ino=15187 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  165.553985][ T6284] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.561245][ T6284] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.583849][   T29] audit: type=1400 audit(1733536247.708:429): avc:  denied  { bind } for  pid=7216 comm="syz.1.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  165.694740][   T29] audit: type=1400 audit(1733536247.798:430): avc:  denied  { write } for  pid=7216 comm="syz.1.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  167.681798][ T7017] veth0_vlan: entered promiscuous mode
[  167.693692][ T7017] veth1_vlan: entered promiscuous mode
[  167.711383][ T7017] veth0_macvtap: entered promiscuous mode
[  167.759232][ T7068] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.805369][ T7017] veth1_macvtap: entered promiscuous mode
[  167.842938][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.923680][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.962523][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.985363][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.016596][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.039329][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.074370][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.153367][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.184249][ T7017] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.224436][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.258860][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.291983][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.321554][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.334579][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.349799][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.363950][ T7017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.378151][ T7017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.390891][ T7017] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.447716][ T7017] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.476828][ T7017] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.530990][ T7017] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.568882][ T7017] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.678771][ T7068] veth0_vlan: entered promiscuous mode
[  168.825386][ T7068] veth1_vlan: entered promiscuous mode
[  168.838608][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.362'.
[  168.899006][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.911586][ T7068] veth0_macvtap: entered promiscuous mode
[  168.923744][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.985469][ T7068] veth1_macvtap: entered promiscuous mode
[  169.031154][ T7079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.031914][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.047842][ T7079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.050137][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.063786][ T5899] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  169.084159][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.116739][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.152764][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.168927][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.179329][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.190171][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.203213][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.214181][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.267318][ T7068] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.674194][   T29] audit: type=1400 audit(1733536251.838:431): avc:  denied  { mounton } for  pid=7017 comm="syz-executor" path="/root/syzkaller.piLFVv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  169.733022][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.736853][ T5899] usb 3-1: Using ep0 maxpacket: 8
[  169.754716][ T5899] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 13
[  169.765155][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.765474][ T5899] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  169.787641][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.795938][ T5899] usb 3-1: Product: syz
[  169.800271][ T5899] usb 3-1: Manufacturer: syz
[  169.800283][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.804996][ T5899] usb 3-1: SerialNumber: syz
[  169.821240][ T5899] usb 3-1: config 0 descriptor??
[  169.827666][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.835684][ T5899] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  169.841896][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.854780][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.870868][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.883709][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.894682][ T7068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.905323][ T7068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.916642][ T7068] batman_adv: batadv0: Interface activated: batadv_slave_1
[  169.926948][ T7068] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.936335][ T7068] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.945776][ T7068] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.954998][ T7068] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.051752][ T5875] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  170.054824][   T29] audit: type=1400 audit(1733536252.268:432): avc:  denied  { write } for  pid=7302 comm="syz.5.312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  170.126646][ T7079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.143733][ T7079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.204168][ T5875] usb 1-1: Using ep0 maxpacket: 8
[  170.302616][ T3014] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.324116][ T3014] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.470407][   T29] audit: type=1400 audit(1733536252.688:433): avc:  denied  { read } for  pid=7312 comm="syz.6.327" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  170.482763][ T5875] usb 1-1: device descriptor read/all, error -71
[  170.543304][ T7314] FAULT_INJECTION: forcing a failure.
[  170.543304][ T7314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.543740][   T29] audit: type=1400 audit(1733536252.688:434): avc:  denied  { open } for  pid=7312 comm="syz.6.327" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  170.562399][ T7314] CPU: 1 UID: 0 PID: 7314 Comm: syz.6.327 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  170.590346][ T7314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  170.600512][ T7314] Call Trace:
[  170.603797][ T7314]  <TASK>
[  170.606830][ T7314]  dump_stack_lvl+0x16c/0x1f0
[  170.611521][ T7314]  should_fail_ex+0x497/0x5b0
[  170.616224][ T7314]  _copy_from_user+0x2e/0xd0
[  170.620823][ T7314]  copy_msghdr_from_user+0x99/0x160
[  170.626130][ T7314]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  170.632233][ T7314]  ___sys_sendmsg+0xff/0x1e0
[  170.633703][   T29] audit: type=1400 audit(1733536252.688:435): avc:  denied  { ioctl } for  pid=7312 comm="syz.6.327" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x700f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  170.636848][ T7314]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.636883][ T7314]  ? __pfx_lock_release+0x10/0x10
[  170.671818][ T7314]  ? trace_lock_acquire+0x14e/0x1f0
[  170.676651][ T5899] gspca_zc3xx: reg_w_i err -71
[  170.677035][ T7314]  ? __fget_files+0x206/0x3a0
[  170.686487][ T7314]  __sys_sendmsg+0x16e/0x220
[  170.691096][ T7314]  ? __pfx___sys_sendmsg+0x10/0x10
[  170.696238][ T7314]  do_syscall_64+0xcd/0x250
[  170.698070][   T29] audit: type=1404 audit(1733536252.688:436): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  170.700742][ T7314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.721475][ T7314] RIP: 0033:0x7fcd0977fed9
[  170.725897][ T7314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.733844][   T29] audit: type=1400 audit(1733536252.758:437): avc:  denied  { prog_run } for  pid=7312 comm="syz.6.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  170.745493][ T7314] RSP: 002b:00007fcd0a4e0058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.745516][ T7314] RAX: ffffffffffffffda RBX: 00007fcd09946080 RCX: 00007fcd0977fed9
[  170.745529][ T7314] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  170.745540][ T7314] RBP: 00007fcd0a4e00a0 R08: 0000000000000000 R09: 0000000000000000
[  170.745552][ T7314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.745563][ T7314] R13: 0000000000000000 R14: 00007fcd09946080 R15: 00007ffd8c41da78
[  170.745587][ T7314]  </TASK>
[  170.836280][   T29] audit: type=1400 audit(1733536252.758:438): avc:  denied  { connect } for  pid=7312 comm="syz.6.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=0
[  170.859173][   T29] audit: type=1400 audit(1733536252.898:439): avc:  denied  { ioctl } for  pid=7278 comm="syz.2.361" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  170.885607][   T29] audit: type=1400 audit(1733536252.898:440): avc:  denied  { ioctl } for  pid=7278 comm="syz.2.361" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  170.910277][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.029942][ T7317] netdevsim netdevsim1: Direct firmware load for printk failed with error -2
[  171.053001][ T7317] netdevsim netdevsim1: Falling back to sysfs fallback for: printk
[  171.264199][ T5899] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  171.270542][ T5899] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  171.303194][ T6038] udevd[6038]: failed to send result of seq 12714 to main daemon: Connection refused
[  171.303260][ T5899] usb 3-1: USB disconnect, device number 5
[  171.882184][ T7316] [U] vÔ3
[  172.691374][  T900] libceph: connect (1)[c::]:6789 error -101
[  172.698096][  T900] libceph: mon0 (1)[c::]:6789 connect error
[  172.829008][ T7360] ceph: No mds server is up or the cluster is laggy
[  173.023975][ T7372] FAULT_INJECTION: forcing a failure.
[  173.023975][ T7372] name failslab, interval 1, probability 0, space 0, times 0
[  173.092607][ T7372] CPU: 0 UID: 0 PID: 7372 Comm: syz.5.386 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  173.103676][ T7372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  173.113837][ T7372] Call Trace:
[  173.117127][ T7372]  <TASK>
[  173.120059][ T7372]  dump_stack_lvl+0x16c/0x1f0
[  173.124838][ T7372]  should_fail_ex+0x497/0x5b0
[  173.129537][ T7372]  ? fs_reclaim_acquire+0xae/0x150
[  173.134666][ T7372]  should_failslab+0xc2/0x120
[  173.139698][ T7372]  __kmalloc_noprof+0xcb/0x510
[  173.144475][ T7372]  ? trace_kmalloc+0x2d/0xd0
[  173.149170][ T7372]  ? __kmalloc_noprof+0x23b/0x510
[  173.154215][ T7372]  tomoyo_realpath_from_path+0xb9/0x720
[  173.159777][ T7372]  ? tomoyo_fill_path_info+0x233/0x420
[  173.165227][ T7372]  tomoyo_mount_acl+0x1af/0x880
[  173.170153][ T7372]  ? hlock_class+0x4e/0x130
[  173.174830][ T7372]  ? __lock_acquire+0x15a9/0x3c40
[  173.179853][ T7372]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  173.185225][ T7372]  ? __pfx___lock_acquire+0x10/0x10
[  173.190413][ T7372]  ? stack_trace_save+0x95/0xd0
[  173.195268][ T7372]  ? trace_lock_acquire+0x14e/0x1f0
[  173.200458][ T7372]  ? tomoyo_mount_permission+0x149/0x420
[  173.206147][ T7372]  ? lock_acquire+0x2f/0xb0
[  173.210681][ T7372]  ? tomoyo_mount_permission+0x149/0x420
[  173.216311][ T7372]  tomoyo_mount_permission+0x16e/0x420
[  173.221846][ T7372]  ? tomoyo_mount_permission+0x149/0x420
[  173.227481][ T7372]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  173.233545][ T7372]  ? get_current_fs_domain+0x184/0x1f0
[  173.238989][ T7372]  security_sb_mount+0x9b/0x260
[  173.243934][ T7372]  path_mount+0x129/0x1f20
[  173.248352][ T7372]  ? kmem_cache_free+0x152/0x4c0
[  173.253276][ T7372]  ? __pfx_path_mount+0x10/0x10
[  173.258117][ T7372]  ? putname+0x13c/0x180
[  173.262354][ T7372]  __x64_sys_mount+0x294/0x320
[  173.267108][ T7372]  ? __pfx___x64_sys_mount+0x10/0x10
[  173.272384][ T7372]  do_syscall_64+0xcd/0x250
[  173.276969][ T7372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.282862][ T7372] RIP: 0033:0x7f6cb157fed9
[  173.287260][ T7372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.306857][ T7372] RSP: 002b:00007f6cb244b058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  173.315256][ T7372] RAX: ffffffffffffffda RBX: 00007f6cb1745fa0 RCX: 00007f6cb157fed9
[  173.323214][ T7372] RDX: 00000000200002c0 RSI: 0000000020000280 RDI: 0000000020000580
[  173.331167][ T7372] RBP: 00007f6cb244b0a0 R08: 0000000000000000 R09: 0000000000000000
[  173.339144][ T7372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.347099][ T7372] R13: 0000000000000000 R14: 00007f6cb1745fa0 R15: 00007ffd37805c78
[  173.355066][ T7372]  </TASK>
[  173.358143][    C0] vkms_vblank_simulate: vblank timer overrun
[  173.405704][ T7372] ERROR: Out of memory at tomoyo_realpath_from_path.
[  173.594218][ T7381] warning: `syz.2.389' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  173.822824][ T7383] serio: Serial port ptm0
[  174.479500][ T7409] netlink: 24 bytes leftover after parsing attributes in process `syz.6.401'.
[  174.742774][   T29] kauditd_printk_skb: 218 callbacks suppressed
[  174.742791][   T29] audit: type=1400 audit(1733536256.958:659): avc:  denied  { read } for  pid=7410 comm="syz.2.402" dev="nsfs" ino=4026533249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  174.786374][   T29] audit: type=1400 audit(1733536256.968:660): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  174.786659][ T7413] xt_addrtype: ipv6 does not support BROADCAST matching
[  174.811721][   T29] audit: type=1400 audit(1733536256.998:661): avc:  denied  { create } for  pid=7410 comm="syz.2.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  174.850839][   T29] audit: type=1400 audit(1733536256.998:662): avc:  denied  { create } for  pid=7410 comm="syz.2.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  174.876394][   T29] audit: type=1400 audit(1733536256.998:663): avc:  denied  { read write } for  pid=7410 comm="syz.2.402" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  174.902689][   T29] audit: type=1400 audit(1733536256.998:664): avc:  denied  { read } for  pid=7410 comm="syz.2.402" dev="nsfs" ino=4026533249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  174.924209][   T29] audit: type=1400 audit(1733536256.998:665): avc:  denied  { prog_load } for  pid=7410 comm="syz.2.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  174.947896][   T29] audit: type=1400 audit(1733536256.998:666): avc:  denied  { create } for  pid=7410 comm="syz.2.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  174.976934][   T29] audit: type=1400 audit(1733536257.068:667): avc:  denied  { create } for  pid=7412 comm="syz.5.403" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0
[  174.999523][   T29] audit: type=1400 audit(1733536257.068:668): avc:  denied  { watch watch_reads } for  pid=7412 comm="syz.5.403" path="/8" dev="tmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0
[  175.692556][ T7392] kexec: Could not allocate control_code_buffer
[  179.751758][   T29] kauditd_printk_skb: 266 callbacks suppressed
[  179.751775][   T29] audit: type=1400 audit(1733536261.968:935): avc:  denied  { map_create } for  pid=7541 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  179.808039][   T29] audit: type=1400 audit(1733536261.968:936): avc:  denied  { prog_load } for  pid=7541 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  179.862582][   T29] audit: type=1400 audit(1733536261.968:937): avc:  denied  { prog_load } for  pid=7541 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  179.917041][   T29] audit: type=1400 audit(1733536261.968:938): avc:  denied  { map_create } for  pid=7541 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  179.997021][   T29] audit: type=1400 audit(1733536261.968:939): avc:  denied  { create } for  pid=7541 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  180.065341][   T29] audit: type=1400 audit(1733536262.008:940): avc:  denied  { create } for  pid=7541 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=0
[  180.128135][   T29] audit: type=1400 audit(1733536262.198:941): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  180.215966][   T29] audit: type=1400 audit(1733536262.218:942): avc:  denied  { read write } for  pid=5817 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  180.298445][   T29] audit: type=1400 audit(1733536262.278:943): avc:  denied  { read } for  pid=7545 comm="syz.5.448" name="nbd5" dev="devtmpfs" ino=684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  180.375356][   T29] audit: type=1400 audit(1733536262.348:944): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  180.675053][ T5143] Bluetooth: hci1: command 0x0406 tx timeout
[  180.681185][ T5825] Bluetooth: hci2: command 0x0406 tx timeout
[  184.747490][   T25] IPVS: starting estimator thread 0...
[  184.758529][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  184.758545][   T29] audit: type=1400 audit(1733536266.978:1091): avc:  denied  { prog_load } for  pid=7623 comm="syz.0.472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  184.832521][   T29] audit: type=1400 audit(1733536266.978:1092): avc:  denied  { read } for  pid=7623 comm="syz.0.472" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=0
[  184.865548][ T7626] IPVS: using max 34 ests per chain, 81600 per kthread
[  185.027849][   T29] audit: type=1400 audit(1733536267.008:1093): avc:  denied  { create } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  185.267144][   T29] audit: type=1400 audit(1733536267.008:1094): avc:  denied  { create } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  185.325669][   T29] audit: type=1400 audit(1733536267.018:1095): avc:  denied  { create } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  185.409566][   T29] audit: type=1400 audit(1733536267.028:1096): avc:  denied  { create } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=0
[  185.460125][   T29] audit: type=1400 audit(1733536267.028:1097): avc:  denied  { map_create } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  185.511452][   T29] audit: type=1400 audit(1733536267.028:1098): avc:  denied  { prog_load } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  185.547741][   T29] audit: type=1400 audit(1733536267.028:1099): avc:  denied  { prog_load } for  pid=7619 comm="syz.5.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  185.593906][   T29] audit: type=1400 audit(1733536267.098:1100): avc:  denied  { read write } for  pid=5817 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  185.859910][ T5835] Bluetooth: hci0: failed to read key size for handle 200
[  186.031195][ T7643] xt_limit: Overflow, try lower: 0/0
[  186.121922][ T7647] FAULT_INJECTION: forcing a failure.
[  186.121922][ T7647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.169442][ T7647] CPU: 0 UID: 0 PID: 7647 Comm: syz.0.480 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  186.180067][ T7647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  186.190235][ T7647] Call Trace:
[  186.193602][ T7647]  <TASK>
[  186.196543][ T7647]  dump_stack_lvl+0x16c/0x1f0
[  186.201257][ T7647]  should_fail_ex+0x497/0x5b0
[  186.205997][ T7647]  _copy_from_user+0x2e/0xd0
[  186.210664][ T7647]  kstrtouint_from_user+0xd7/0x1c0
[  186.215764][ T7647]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  186.221480][ T7647]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  186.227380][ T7647]  proc_fail_nth_write+0x84/0x250
[  186.232423][ T7647]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  186.238636][ T7647]  ? ksys_write+0x12b/0x250
[  186.243156][ T7647]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  186.248780][ T7647]  vfs_write+0x24c/0x1150
[  186.253110][ T7647]  ? __fget_files+0x1fc/0x3a0
[  186.257774][ T7647]  ? __pfx___mutex_lock+0x10/0x10
[  186.262792][ T7647]  ? __pfx_vfs_write+0x10/0x10
[  186.267548][ T7647]  ? __fget_files+0x206/0x3a0
[  186.272219][ T7647]  ksys_write+0x12b/0x250
[  186.276536][ T7647]  ? __pfx_ksys_write+0x10/0x10
[  186.281390][ T7647]  do_syscall_64+0xcd/0x250
[  186.285912][ T7647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.291796][ T7647] RIP: 0033:0x7febee37e98f
[  186.296197][ T7647] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  186.315991][ T7647] RSP: 002b:00007febef218050 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  186.324397][ T7647] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007febee37e98f
[  186.332360][ T7647] RDX: 0000000000000001 RSI: 00007febef2180b0 RDI: 0000000000000003
[  186.340335][ T7647] RBP: 00007febef2180a0 R08: 0000000000000000 R09: 0000000000000000
[  186.348290][ T7647] R10: 000000000000006e R11: 0000000000000293 R12: 0000000000000001
[  186.356260][ T7647] R13: 0000000000000000 R14: 00007febee545fa0 R15: 00007ffcf56addf8
[  186.364226][ T7647]  </TASK>
[  186.691781][ T7660] SELinux: syz.5.485 (7660) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  186.894429][ T5835] Bluetooth: hci1: unexpected event for opcode 0x100c
[  188.301762][ T5835] Bluetooth: hci5: Unknown advertising packet type: 0x18
[  188.301809][ T5835] Bluetooth: hci5: Unknown advertising packet type: 0x1e
[  189.819589][   T29] kauditd_printk_skb: 253 callbacks suppressed
[  189.819613][   T29] audit: type=1400 audit(1733536272.038:1354): avc:  denied  { create } for  pid=7757 comm="syz.0.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  189.883683][   T29] audit: type=1400 audit(1733536272.058:1355): avc:  denied  { read write } for  pid=7757 comm="syz.0.521" name="userio" dev="devtmpfs" ino=914 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  189.906907][   T29] audit: type=1400 audit(1733536272.058:1356): avc:  denied  { read } for  pid=7757 comm="syz.0.521" dev="nsfs" ino=4026533084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  189.928055][   T29] audit: type=1400 audit(1733536272.058:1357): avc:  denied  { create } for  pid=7757 comm="syz.0.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  189.949266][   T29] audit: type=1400 audit(1733536272.058:1358): avc:  denied  { create } for  pid=7757 comm="syz.0.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  189.970624][   T29] audit: type=1400 audit(1733536272.068:1359): avc:  denied  { read } for  pid=7757 comm="syz.0.521" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=0
[  189.993275][   T29] audit: type=1400 audit(1733536272.068:1360): avc:  denied  { read } for  pid=7757 comm="syz.0.521" dev="nsfs" ino=4026533084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  190.014375][   T29] audit: type=1400 audit(1733536272.068:1361): avc:  denied  { read } for  pid=7757 comm="syz.0.521" dev="nsfs" ino=4026533084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  190.026126][ T5835] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  190.035374][    C0] vkms_vblank_simulate: vblank timer overrun
[  190.035511][   T29] audit: type=1400 audit(1733536272.068:1362): avc:  denied  { create } for  pid=7757 comm="syz.0.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  190.035541][   T29] audit: type=1400 audit(1733536272.068:1363): avc:  denied  { create } for  pid=7757 comm="syz.0.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  190.044106][ T5835] Bluetooth: hci0: Injecting HCI hardware error event
[  190.100318][ T5835] Bluetooth: hci0: hardware error 0x00
[  190.636537][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.653416][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.673207][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.692318][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.710777][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.723366][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.741099][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.768808][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.781518][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  190.799724][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7779 comm=syz.1.529
[  191.943516][ T5831] Bluetooth: hci0: unexpected event for opcode 0x1408
[  192.184250][ T5835] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  192.448032][ T7824] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  193.352105][ T5835] Bluetooth: hci5: failed to read key size for handle 200
[  193.948280][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  193.954768][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  194.955027][   T29] kauditd_printk_skb: 371 callbacks suppressed
[  194.955046][   T29] audit: type=1400 audit(1733536277.168:1735): avc:  denied  { read write } for  pid=7068 comm="syz-executor" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  195.029752][   T29] audit: type=1400 audit(1733536277.228:1736): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  195.103266][   T29] audit: type=1400 audit(1733536277.248:1737): avc:  denied  { create } for  pid=7900 comm="syz.6.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  195.159820][   T29] audit: type=1400 audit(1733536277.298:1738): avc:  denied  { create } for  pid=7902 comm="syz.5.574" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0
[  195.212785][   T29] audit: type=1400 audit(1733536277.308:1739): avc:  denied  { create } for  pid=7902 comm="syz.5.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  195.271494][   T29] audit: type=1400 audit(1733536277.308:1740): avc:  denied  { prog_load } for  pid=7902 comm="syz.5.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  195.296729][   T29] audit: type=1400 audit(1733536277.308:1741): avc:  denied  { watch watch_reads } for  pid=7902 comm="syz.5.574" path="/43" dev="tmpfs" ino=239 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0
[  195.350833][ T5835] Bluetooth: hci5: failed to read key size for handle 200
[  195.369376][   T29] audit: type=1400 audit(1733536277.308:1742): avc:  denied  { watch } for  pid=7902 comm="syz.5.574" path="/43" dev="tmpfs" ino=239 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0
[  195.394049][   T29] audit: type=1400 audit(1733536277.318:1743): avc:  denied  { mounton } for  pid=7902 comm="syz.5.574" path="/43/bus" dev="tmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0
[  195.447542][   T29] audit: type=1400 audit(1733536277.368:1744): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  197.393993][ T5835] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  197.402557][ T5835] Bluetooth: hci5: Injecting HCI hardware error event
[  197.411350][ T5835] Bluetooth: hci5: hardware error 0x00
[  198.340475][ T5825] Bluetooth: hci4: sending frame failed (-49)
[  198.349631][ T5831] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  198.360907][ T7991] Bluetooth: hci4: Frame reassembly failed (-84)
[  199.463911][ T5835] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  200.058797][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  200.058814][   T29] audit: type=1400 audit(1733536282.278:1991): avc:  denied  { map_create } for  pid=8028 comm="syz.0.621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  200.108613][   T29] audit: type=1400 audit(1733536282.278:1992): avc:  denied  { prog_load } for  pid=8028 comm="syz.0.621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  200.158303][   T29] audit: type=1400 audit(1733536282.378:1993): avc:  denied  { read write } for  pid=7068 comm="syz-executor" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  200.211023][   T29] audit: type=1400 audit(1733536282.428:1994): avc:  denied  { prog_load } for  pid=8032 comm="syz.6.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  200.238423][   T29] audit: type=1400 audit(1733536282.458:1995): avc:  denied  { execmem } for  pid=8032 comm="syz.6.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  200.298695][   T29] audit: type=1400 audit(1733536282.508:1996): avc:  denied  { read write } for  pid=7068 comm="syz-executor" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  200.408107][   T29] audit: type=1400 audit(1733536282.628:1997): avc:  denied  { create } for  pid=8034 comm="syz.6.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=0
[  200.467536][   T29] audit: type=1400 audit(1733536282.628:1998): avc:  denied  { read } for  pid=8034 comm="syz.6.623" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=0
[  200.510462][   T29] audit: type=1400 audit(1733536282.628:1999): avc:  denied  { prog_load } for  pid=8034 comm="syz.6.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  200.542752][   T29] audit: type=1400 audit(1733536282.628:2000): avc:  denied  { read } for  pid=8034 comm="syz.6.623" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=0
[  201.237435][ T8054] ebt_limit: overflow, try lower: 570423552/2483027968
[  202.372547][ T8094] ebt_limit: overflow, try lower: 570423552/2483027968
[  203.744851][ T8113] sctp: [Deprecated]: syz.6.650 (pid 8113) Use of struct sctp_assoc_value in delayed_ack socket option.
[  203.744851][ T8113] Use struct sctp_sack_info instead
[  205.121071][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  205.121087][   T29] audit: type=1400 audit(1733536287.338:2200): avc:  denied  { read write } for  pid=5816 comm="syz-executor" name="loop0" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  205.213823][   T29] audit: type=1400 audit(1733536287.408:2201): avc:  denied  { prog_load } for  pid=8141 comm="syz.1.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  205.233842][   T29] audit: type=1400 audit(1733536287.408:2202): avc:  denied  { read write } for  pid=7068 comm="syz-executor" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  205.258174][   T29] audit: type=1400 audit(1733536287.458:2203): avc:  denied  { read } for  pid=8145 comm="syz.5.664" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=0
[  205.280863][   T29] audit: type=1400 audit(1733536287.458:2204): avc:  denied  { create } for  pid=8145 comm="syz.5.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  205.349069][   T29] audit: type=1400 audit(1733536287.568:2205): avc:  denied  { prog_load } for  pid=8141 comm="syz.1.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  205.383817][   T29] audit: type=1400 audit(1733536287.568:2206): avc:  denied  { map_create } for  pid=8141 comm="syz.1.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  205.429422][   T29] audit: type=1400 audit(1733536287.568:2207): avc:  denied  { prog_load } for  pid=8141 comm="syz.1.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  205.481824][   T29] audit: type=1400 audit(1733536287.568:2208): avc:  denied  { read } for  pid=8141 comm="syz.1.663" name="renderD128" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=0
[  205.553741][   T29] audit: type=1400 audit(1733536287.598:2209): avc:  denied  { execute } for  pid=8149 comm="syz.6.666" name="file2" dev="tmpfs" ino=384 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=0
[  207.321467][ T8211] ebt_limit: overflow, try lower: 570423552/2483027968
[  208.066212][ T8260] ebt_limit: overflow, try lower: 570423552/2483027968
[  209.307641][ T8293] ebt_limit: overflow, try lower: 570423552/2483027968
[  209.736886][ T8305] CIFS: VFS: Malformed UNC in devname
[  210.124759][   T29] kauditd_printk_skb: 302 callbacks suppressed
[  210.124776][   T29] audit: type=1400 audit(1733536292.348:2512): avc:  denied  { read } for  pid=8315 comm="syz.1.723" dev="nsfs" ino=4026533402 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  210.187658][   T29] audit: type=1400 audit(1733536292.348:2513): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  210.242112][   T29] audit: type=1400 audit(1733536292.378:2514): avc:  denied  { read } for  pid=8315 comm="syz.1.723" dev="nsfs" ino=4026533402 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  210.278077][   T29] audit: type=1400 audit(1733536292.378:2515): avc:  denied  { create } for  pid=8315 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  210.299134][   T29] audit: type=1400 audit(1733536292.378:2516): avc:  denied  { map_create } for  pid=8315 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  210.348754][   T29] audit: type=1400 audit(1733536292.388:2517): avc:  denied  { prog_load } for  pid=8315 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  210.368011][   T29] audit: type=1400 audit(1733536292.388:2518): avc:  denied  { execmem } for  pid=8315 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  210.387353][   T29] audit: type=1400 audit(1733536292.388:2519): avc:  denied  { read } for  pid=8315 comm="syz.1.723" dev="nsfs" ino=4026533402 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  210.409188][   T29] audit: type=1400 audit(1733536292.388:2520): avc:  denied  { map_create } for  pid=8315 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  210.563691][   T29] audit: type=1400 audit(1733536292.388:2521): avc:  denied  { prog_load } for  pid=8315 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  210.641877][ T8325] ebt_limit: overflow, try lower: 570423552/2483027968
[  211.575147][ T5835] Bluetooth: hci2: unexpected event for opcode 0x0413
[  211.836824][ T8356] ptrace attach of "./syz-executor exec"[5816] was attempted by ""[8356]
[  212.201790][ T8365] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  212.236941][ T8367] FAULT_INJECTION: forcing a failure.
[  212.236941][ T8367] name failslab, interval 1, probability 0, space 0, times 0
[  212.249896][ T8367] CPU: 1 UID: 0 PID: 8367 Comm: syz.2.741 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  212.260475][ T8367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  212.270511][ T8367] Call Trace:
[  212.273779][ T8367]  <TASK>
[  212.276698][ T8367]  dump_stack_lvl+0x16c/0x1f0
[  212.281371][ T8367]  should_fail_ex+0x497/0x5b0
[  212.286033][ T8367]  should_failslab+0xc2/0x120
[  212.290748][ T8367]  __kmalloc_cache_noprof+0x68/0x410
[  212.296012][ T8367]  ? lock_acquire.part.0+0x11b/0x380
[  212.301277][ T8367]  ? find_held_lock+0x2d/0x110
[  212.306038][ T8367]  report_access+0x161/0x740
[  212.310617][ T8367]  ? __pfx_lock_release+0x10/0x10
[  212.315626][ T8367]  ? __pfx_report_access+0x10/0x10
[  212.320722][ T8367]  ? security_capable+0x250/0x260
[  212.325726][ T8367]  yama_ptrace_access_check+0x589/0xd10
[  212.331250][ T8367]  security_ptrace_access_check+0xb2/0x210
[  212.337034][ T8367]  __ptrace_may_access+0x498/0x950
[  212.342125][ T8367]  ptrace_attach+0x21a/0x5f0
[  212.346695][ T8367]  __do_sys_ptrace+0x200/0x220
[  212.351433][ T8367]  do_syscall_64+0xcd/0x250
[  212.355929][ T8367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.361807][ T8367] RIP: 0033:0x7f951857fed9
[  212.366206][ T8367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.385884][ T8367] RSP: 002b:00007f9519434058 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  212.394740][ T8367] RAX: ffffffffffffffda RBX: 00007f9518746080 RCX: 00007f951857fed9
[  212.402735][ T8367] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000010
[  212.410687][ T8367] RBP: 00007f95194340a0 R08: 0000000000000000 R09: 0000000000000000
[  212.418640][ T8367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.426586][ T8367] R13: 0000000000000000 R14: 00007f9518746080 R15: 00007ffed751b978
[  212.434600][ T8367]  </TASK>
[  213.425265][ T8383] FAULT_INJECTION: forcing a failure.
[  213.425265][ T8383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.438971][ T8383] CPU: 1 UID: 0 PID: 8383 Comm: syz.1.750 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  213.449570][ T8383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  213.459635][ T8383] Call Trace:
[  213.462919][ T8383]  <TASK>
[  213.465851][ T8383]  dump_stack_lvl+0x16c/0x1f0
[  213.470539][ T8383]  should_fail_ex+0x497/0x5b0
[  213.475230][ T8383]  _copy_to_user+0x32/0xd0
[  213.479661][ T8383]  simple_read_from_buffer+0xd0/0x160
[  213.485046][ T8383]  proc_fail_nth_read+0x198/0x270
[  213.490085][ T8383]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.495647][ T8383]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.501209][ T8383]  vfs_read+0x1df/0xbe0
[  213.505368][ T8383]  ? __fget_files+0x1fc/0x3a0
[  213.510069][ T8383]  ? __pfx___mutex_lock+0x10/0x10
[  213.515099][ T8383]  ? __pfx_vfs_read+0x10/0x10
[  213.519769][ T8383]  ? __fget_files+0x206/0x3a0
[  213.524442][ T8383]  ksys_read+0x12b/0x250
[  213.528670][ T8383]  ? __pfx_ksys_read+0x10/0x10
[  213.533430][ T8383]  do_syscall_64+0xcd/0x250
[  213.537927][ T8383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.543817][ T8383] RIP: 0033:0x7ff487d7e8ec
[  213.548218][ T8383] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  213.567823][ T8383] RSP: 002b:00007ff488b34050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  213.576279][ T8383] RAX: ffffffffffffffda RBX: 00007ff487f45fa0 RCX: 00007ff487d7e8ec
[  213.584259][ T8383] RDX: 000000000000000f RSI: 00007ff488b340b0 RDI: 0000000000000004
[  213.592221][ T8383] RBP: 00007ff488b340a0 R08: 0000000000000000 R09: 0000000000000000
[  213.600179][ T8383] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  213.608141][ T8383] R13: 0000000000000000 R14: 00007ff487f45fa0 R15: 00007ffcab6457a8
[  213.616114][ T8383]  </TASK>
[  215.061520][ T8436] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  215.140697][   T29] kauditd_printk_skb: 272 callbacks suppressed
[  215.140713][   T29] audit: type=1400 audit(1733536297.358:2794): avc:  denied  { read write } for  pid=5816 comm="syz-executor" name="loop0" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  215.173518][   T29] audit: type=1400 audit(1733536297.378:2795): avc:  denied  { create } for  pid=8440 comm="syz.0.772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=0
[  215.202038][   T29] audit: type=1400 audit(1733536297.378:2796): avc:  denied  { create } for  pid=8440 comm="syz.0.772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  215.227236][   T29] audit: type=1400 audit(1733536297.378:2797): avc:  denied  { mounton } for  pid=8440 comm="syz.0.772" path="/156/bus" dev="tmpfs" ino=845 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=0
[  215.255781][   T29] audit: type=1400 audit(1733536297.398:2798): avc:  denied  { read } for  pid=8437 comm="syz.6.771" dev="nsfs" ino=4026533392 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  215.282035][   T29] audit: type=1400 audit(1733536297.398:2799): avc:  denied  { create } for  pid=8437 comm="syz.6.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  215.303011][   T29] audit: type=1400 audit(1733536297.418:2800): avc:  denied  { read write } for  pid=5816 comm="syz-executor" name="loop0" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  215.331911][   T29] audit: type=1400 audit(1733536297.448:2801): avc:  denied  { read write } for  pid=8443 comm="syz.0.773" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=0
[  215.359024][   T29] audit: type=1400 audit(1733536297.448:2802): avc:  denied  { create } for  pid=8443 comm="syz.0.773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  215.379941][   T29] audit: type=1400 audit(1733536297.448:2803): avc:  denied  { read write } for  pid=8443 comm="syz.0.773" name="vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=0
[  215.623729][ T5835] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  215.632506][ T5835] Bluetooth: hci2: Injecting HCI hardware error event
[  215.640897][ T5831] Bluetooth: hci2: hardware error 0x00
[  216.191974][ T8484] ebt_limit: overflow, try lower: 570423552/2483027968
[  217.703711][ T5831] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  217.993204][ T8514] ebt_limit: overflow, try lower: 570423552/2483027968
[  219.635853][ T8547] ebt_limit: overflow, try lower: 570423552/2483027968
[  220.150276][   T29] kauditd_printk_skb: 341 callbacks suppressed
[  220.150294][   T29] audit: type=1400 audit(1733536302.368:3145): avc:  denied  { read write } for  pid=5816 comm="syz-executor" name="loop0" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  220.217400][   T29] audit: type=1400 audit(1733536302.438:3146): avc:  denied  { create } for  pid=8562 comm="syz.0.821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  220.243305][   T29] audit: type=1400 audit(1733536302.468:3147): avc:  denied  { name_bind } for  pid=8562 comm="syz.0.821" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=0
[  220.411309][   T29] audit: type=1400 audit(1733536302.628:3148): avc:  denied  { map } for  pid=8562 comm="syz.0.821" path="socket:[20809]" dev="sockfs" ino=20809 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=0
[  220.561029][   T29] audit: type=1400 audit(1733536302.778:3149): avc:  denied  { read write } for  pid=7017 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  220.632605][   T29] audit: type=1400 audit(1733536302.848:3150): avc:  denied  { map_create } for  pid=8567 comm="syz.5.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  220.683496][   T29] audit: type=1400 audit(1733536302.868:3151): avc:  denied  { read write } for  pid=5815 comm="syz-executor" name="loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  220.733746][   T29] audit: type=1400 audit(1733536302.868:3152): avc:  denied  { prog_load } for  pid=8567 comm="syz.5.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  220.794007][   T29] audit: type=1400 audit(1733536302.868:3153): avc:  denied  { map_create } for  pid=8567 comm="syz.5.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  220.829268][   T29] audit: type=1400 audit(1733536302.878:3154): avc:  denied  { map_create } for  pid=8567 comm="syz.5.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  221.397240][ T8583] ebt_limit: overflow, try lower: 570423552/2483027968
[  327.123569][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  327.130542][    C0] rcu: 	1-...!: (1 GPs behind) idle=5adc/1/0x4000000000000000 softirq=24261/24262 fqs=0
[  327.141158][    C0] rcu: 	(detected by 0, t=10506 jiffies, g=21117, q=370 ncpus=2)
[  327.148877][    C0] Sending NMI from CPU 0 to CPUs 1:
[  327.148903][    C1] NMI backtrace for cpu 1
[  327.148912][    C1] CPU: 1 UID: 0 PID: 8585 Comm: syz.0.829 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  327.148926][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  327.148934][    C1] RIP: 0010:write_comp_data+0x11/0x90
[  327.148956][    C1] Code: cc cc cc cc 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 d2 49 89 f8 49 89 f1 65 48 8b 15 2f d2 69 7e <65> 8b 05 30 d2 69 7e a9 00 01 ff 00 74 1d f6 c4 01 74 67 a9 00 00
[  327.148968][    C1] RSP: 0018:ffffc90000a18d70 EFLAGS: 00000046
[  327.148980][    C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff8941d8af
[  327.148994][    C1] RDX: ffff888026a0a440 RSI: 0000000000000000 RDI: 0000000000000005
[  327.149002][    C1] RBP: ffff888034a2e010 R08: 0000000000000005 R09: 0000000000000000
[  327.149011][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000002
[  327.149019][    C1] R13: ffff888034a2e000 R14: ffff888064e7a340 R15: ffff888034a2e800
[  327.149029][    C1] FS:  00007febef2186c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  327.149044][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  327.149054][    C1] CR2: 0000000020108000 CR3: 000000007104e000 CR4: 00000000003526f0
[  327.149063][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  327.149071][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  327.149080][    C1] Call Trace:
[  327.149086][    C1]  <NMI>
[  327.149091][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  327.149108][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  327.149122][    C1]  ? nmi_handle+0x1ac/0x5d0
[  327.149138][    C1]  ? write_comp_data+0x11/0x90
[  327.149153][    C1]  ? default_do_nmi+0x6a/0x160
[  327.149167][    C1]  ? exc_nmi+0x170/0x1e0
[  327.149180][    C1]  ? end_repeat_nmi+0xf/0x53
[  327.149201][    C1]  ? advance_sched+0x68f/0xc60
[  327.149215][    C1]  ? write_comp_data+0x11/0x90
[  327.149230][    C1]  ? write_comp_data+0x11/0x90
[  327.149246][    C1]  ? write_comp_data+0x11/0x90
[  327.149261][    C1]  </NMI>
[  327.149265][    C1]  <IRQ>
[  327.149269][    C1]  advance_sched+0x68f/0xc60
[  327.149283][    C1]  ? advance_sched+0x679/0xc60
[  327.149300][    C1]  ? __pfx_advance_sched+0x10/0x10
[  327.149313][    C1]  __hrtimer_run_queues+0x20a/0xae0
[  327.149334][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  327.149351][    C1]  ? read_tsc+0x9/0x20
[  327.149370][    C1]  hrtimer_interrupt+0x392/0x8e0
[  327.149392][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  327.149409][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  327.149425][    C1]  </IRQ>
[  327.149429][    C1]  <TASK>
[  327.149433][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  327.149451][    C1] RIP: 0010:finish_task_switch.isra.0+0x220/0xcc0
[  327.149468][    C1] Code: a9 0a 00 00 44 8b 0d 13 67 f6 0e 45 85 c9 0f 85 c0 01 00 00 48 89 df e8 ae f8 ff ff e8 a9 e8 38 00 fb 65 48 8b 1d c0 09 9b 7e <48> 8d bb f8 15 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[  327.149480][    C1] RSP: 0018:ffffc900056f74d0 EFLAGS: 00000202
[  327.149491][    C1] RAX: 0000000000004fdf RBX: ffff888026a0a440 RCX: 1ffffffff20bd819
[  327.149501][    C1] RDX: 0000000000000000 RSI: ffffffff8b6cd840 RDI: ffffffff8bd1b4a0
[  327.149510][    C1] RBP: ffffc900056f7518 R08: 0000000000000001 R09: 0000000000000001
[  327.149519][    C1] R10: ffffffff905f0317 R11: 0000000000000000 R12: ffff8880b873f9e0
[  327.149528][    C1] R13: ffff888063d7c880 R14: 0000000000000000 R15: ffff8880b873ebc0
[  327.149542][    C1]  ? __switch_to+0x749/0x1190
[  327.149561][    C1]  __schedule+0xe60/0x5ad0
[  327.149576][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  327.149590][    C1]  ? __lock_acquire+0x15a9/0x3c40
[  327.149608][    C1]  ? __pfx___schedule+0x10/0x10
[  327.149622][    C1]  ? schedule+0x298/0x350
[  327.149636][    C1]  ? __pfx_lock_release+0x10/0x10
[  327.149652][    C1]  ? lock_acquire+0x2f/0xb0
[  327.149664][    C1]  ? schedule+0x1fd/0x350
[  327.149680][    C1]  schedule+0xe7/0x350
[  327.149693][    C1]  schedule_timeout+0x244/0x280
[  327.149707][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  327.149722][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  327.149738][    C1]  ? prepare_to_wait_exclusive+0xe2/0x2b0
[  327.149755][    C1]  unix_wait_for_peer+0x247/0x280
[  327.149773][    C1]  ? __pfx_unix_wait_for_peer+0x10/0x10
[  327.149789][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  327.149804][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  327.149820][    C1]  ? hook_unix_may_send+0x2aa/0x3a0
[  327.149841][    C1]  unix_dgram_sendmsg+0x180f/0x19e0
[  327.149862][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  327.149885][    C1]  ____sys_sendmsg+0xaaf/0xc90
[  327.149902][    C1]  ? copy_msghdr_from_user+0x10b/0x160
[  327.149915][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  327.149933][    C1]  ? hlock_class+0x4e/0x130
[  327.149950][    C1]  ? __lock_acquire+0x15a9/0x3c40
[  327.149967][    C1]  ___sys_sendmsg+0x135/0x1e0
[  327.149980][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  327.149997][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  327.150011][    C1]  ? handle_mm_fault+0x497/0xaa0
[  327.150035][    C1]  ? __pfx___might_resched+0x10/0x10
[  327.150051][    C1]  ? __might_fault+0xe3/0x190
[  327.150070][    C1]  __sys_sendmmsg+0x201/0x420
[  327.150084][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[  327.150101][    C1]  ? __pfx_do_futex+0x10/0x10
[  327.150119][    C1]  ? xfd_validate_state+0x5d/0x180
[  327.150132][    C1]  ? rcu_is_watching+0x12/0xc0
[  327.150152][    C1]  __x64_sys_sendmmsg+0x9c/0x100
[  327.150165][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  327.150181][    C1]  do_syscall_64+0xcd/0x250
[  327.150198][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.150214][    C1] RIP: 0033:0x7febee37fed9
[  327.150226][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.150238][    C1] RSP: 002b:00007febef218058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  327.150250][    C1] RAX: ffffffffffffffda RBX: 00007febee545fa0 RCX: 00007febee37fed9
[  327.150259][    C1] RDX: 0000000000000318 RSI: 00000000200bd000 RDI: 0000000000000004
[  327.150267][    C1] RBP: 00007febee3f3cc8 R08: 0000000000000000 R09: 0000000000000000
[  327.150276][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.150283][    C1] R13: 0000000000000000 R14: 00007febee545fa0 R15: 00007ffcf56addf8
[  327.150296][    C1]  </TASK>
[  327.150898][    C0] rcu: rcu_preempt kthread starved for 10506 jiffies! g21117 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  327.776419][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  327.786379][    C0] rcu: RCU grace-period kthread stack dump:
[  327.792257][    C0] task:rcu_preempt     state:R  running task     stack:27488 pid:17    tgid:17    ppid:2      flags:0x00004000
[  327.804009][    C0] Call Trace:
[  327.807371][    C0]  <TASK>
[  327.810301][    C0]  __schedule+0xe58/0x5ad0
[  327.814723][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  327.819931][    C0]  ? __pfx___schedule+0x10/0x10
[  327.824781][    C0]  ? schedule+0x298/0x350
[  327.829107][    C0]  ? __pfx_lock_release+0x10/0x10
[  327.834128][    C0]  ? lock_acquire+0x2f/0xb0
[  327.838626][    C0]  ? schedule+0x1fd/0x350
[  327.842958][    C0]  schedule+0xe7/0x350
[  327.847068][    C0]  schedule_timeout+0x124/0x280
[  327.851915][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  327.857283][    C0]  ? __pfx_process_timeout+0x10/0x10
[  327.862578][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  327.868381][    C0]  ? prepare_to_swait_event+0xf3/0x470
[  327.873863][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[  327.878659][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  327.883976][    C0]  ? rcu_gp_init+0xc82/0x1630
[  327.888665][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  327.893869][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  327.899679][    C0]  rcu_gp_kthread+0x271/0x380
[  327.904357][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  327.909553][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  327.914754][    C0]  ? __kthread_parkme+0x148/0x220
[  327.919785][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  327.924981][    C0]  kthread+0x2c1/0x3a0
[  327.929050][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  327.934246][    C0]  ? __pfx_kthread+0x10/0x10
[  327.938837][    C0]  ret_from_fork+0x45/0x80
[  327.943250][    C0]  ? __pfx_kthread+0x10/0x10
[  327.947839][    C0]  ret_from_fork_asm+0x1a/0x30
[  327.952618][    C0]  </TASK>
[  327.955817][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  327.962134][    C0] CPU: 0 UID: 0 PID: 8586 Comm: syz.0.829 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  327.972716][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  327.982797][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x18/0x70
[  327.988968][    C0] Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 b4 d2 69 7e 65 8b 05 b5 d2 69 7e a9 00 01 ff 00 <48> 8b 34 24 74 1d f6 c4 01 74 43 a9 00 00 0f 00 75 3c a9 00 00 f0
[  328.008575][    C0] RSP: 0018:ffffc900054173f8 EFLAGS: 00000246
[  328.014639][    C0] RAX: 0000000000000003 RBX: ffff8880b8744a40 RCX: ffffffff818df8bc
[  328.022714][    C0] RDX: ffff888063d7c880 RSI: 0000000000000000 RDI: 0000000000000005
[  328.030689][    C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  328.038661][    C0] R10: 0000000000000001 R11: 0000000000000003 R12: ffffed10170e8949
[  328.046627][    C0] R13: 0000000000000001 R14: ffff8880b8744a48 R15: ffff8880b863fe40
[  328.054592][    C0] FS:  00007febef1f76c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  328.063518][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  328.070097][    C0] CR2: 0000000020108030 CR3: 000000007104e000 CR4: 00000000003526f0
[  328.078064][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  328.086027][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  328.093998][    C0] Call Trace:
[  328.097272][    C0]  <IRQ>
[  328.100113][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[  328.106447][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  328.111652][    C0]  ? rcu_sched_clock_irq+0x247a/0x3310
[  328.117121][    C0]  ? timekeeping_advance+0x70a/0xa60
[  328.122404][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  328.128040][    C0]  ? __asan_memcpy+0x3c/0x60
[  328.132637][    C0]  ? cgroup_rstat_updated+0x2a/0xb20
[  328.137932][    C0]  ? rcu_is_watching+0x12/0xc0
[  328.142702][    C0]  ? update_process_times+0x178/0x2d0
[  328.148077][    C0]  ? __pfx_update_process_times+0x10/0x10
[  328.153800][    C0]  ? update_wall_time+0x1c/0x40
[  328.158651][    C0]  ? tick_nohz_handler+0x376/0x530
[  328.163767][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  328.169225][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
[  328.174605][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  328.180320][    C0]  ? read_tsc+0x9/0x20
[  328.184397][    C0]  ? hrtimer_interrupt+0x392/0x8e0
[  328.189518][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  328.195673][    C0]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  328.201479][    C0]  </IRQ>
[  328.204400][    C0]  <TASK>
[  328.207324][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  328.213484][    C0]  ? smp_call_function_many_cond+0x47c/0x1300
[  328.219551][    C0]  ? __sanitizer_cov_trace_pc+0x18/0x70
[  328.225098][    C0]  smp_call_function_many_cond+0x456/0x1300
[  328.230999][    C0]  ? __pfx_flush_tlb_func+0x10/0x10
[  328.236204][    C0]  ? __pfx_flush_tlb_func+0x10/0x10
[  328.241400][    C0]  ? __pfx_tlb_is_not_lazy+0x10/0x10
[  328.246685][    C0]  on_each_cpu_cond_mask+0x40/0x90
[  328.252145][    C0]  flush_tlb_mm_range+0x289/0x330
[  328.257170][    C0]  ? __pfx_pte_mkwrite+0x10/0x10
[  328.262113][    C0]  ptep_clear_flush+0x136/0x180
[  328.266969][    C0]  do_wp_page+0x1971/0x47c0
[  328.271478][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.277107][    C0]  ? __pfx_do_wp_page+0x10/0x10
[  328.281955][    C0]  ? rcu_is_watching+0x12/0xc0
[  328.286728][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  328.292101][    C0]  ? lock_acquire+0x2f/0xb0
[  328.296597][    C0]  ? __handle_mm_fault+0xdfa/0x2a40
[  328.301808][    C0]  __handle_mm_fault+0x1ade/0x2a40
[  328.306928][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[  328.312383][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.318030][    C0]  ? find_vma+0xc0/0x140
[  328.322266][    C0]  ? __pfx_find_vma+0x10/0x10
[  328.326940][    C0]  handle_mm_fault+0x3fa/0xaa0
[  328.331708][    C0]  do_user_addr_fault+0x7a3/0x13f0
[  328.336820][    C0]  exc_page_fault+0x5c/0xc0
[  328.341320][    C0]  asm_exc_page_fault+0x26/0x30
[  328.346173][    C0] RIP: 0010:__put_user_nocheck_4+0x7/0x20
[  328.351890][    C0] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00
[  328.371490][    C0] RSP: 0018:ffffc900054179f8 EFLAGS: 00050246
[  328.377549][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020108030
[  328.385513][    C0] RDX: 0000000000080000 RSI: ffffffff88ffbd74 RDI: 0000000000000005
[  328.393479][    C0] RBP: ffffc90005417d98 R08: 0000000000000005 R09: 0000000000000000
[  328.401447][    C0] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000000
[  328.409418][    C0] R13: 0000000020108000 R14: ffffc90005417ddc R15: 0000000000000002
[  328.417387][    C0]  ? ____sys_recvmsg+0x2e4/0x6b0
[  328.422330][    C0]  ____sys_recvmsg+0x2ef/0x6b0
[  328.427101][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  328.432433][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  328.437625][    C0]  ? __pfx___schedule+0x10/0x10
[  328.442564][    C0]  ___sys_recvmsg+0x115/0x1a0
[  328.447236][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  328.452444][    C0]  ? find_held_lock+0x2d/0x110
[  328.457221][    C0]  ? __pfx___might_resched+0x10/0x10
[  328.462505][    C0]  ? __might_fault+0xe3/0x190
[  328.467186][    C0]  do_recvmmsg+0x2f8/0x740
[  328.471601][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  328.476535][    C0]  ? do_user_addr_fault+0xdc7/0x13f0
[  328.481822][    C0]  ? reacquire_held_locks+0x20b/0x4c0
[  328.487220][    C0]  ? do_user_addr_fault+0xe50/0x13f0
[  328.492520][    C0]  ? __pfx_lock_release+0x10/0x10
[  328.497548][    C0]  __x64_sys_recvmmsg+0x239/0x290
[  328.502571][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  328.508114][    C0]  ? do_user_addr_fault+0x83d/0x13f0
[  328.513502][    C0]  do_syscall_64+0xcd/0x250
[  328.518030][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.523922][    C0] RIP: 0033:0x7febee37fed9
[  328.528418][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.548021][    C0] RSP: 002b:00007febef1f7058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  328.556432][    C0] RAX: ffffffffffffffda RBX: 00007febee546080 RCX: 00007febee37fed9
[  328.564396][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  328.572388][    C0] RBP: 00007febee3f3cc8 R08: 0000000000000000 R09: 0000000000000000
[  328.580353][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  328.588333][    C0] R13: 0000000000000001 R14: 00007febee546080 R15: 00007ffcf56addf8
[  328.596337][    C0]  </TASK>