last executing test programs:

4m44.295397571s ago: executing program 2 (id=475):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000280)={0x1d, r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0000000000000000ff0000000000000000d17d000000000000000000000000000000000000000000ffffffff0000000000000000000000000000001200000000000000000000000000080000000000000800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e72300000000000000000000000000079616d3000000001000000000000b40079616d30000000000000000000000000766574b7708ad56f5f7465616d0000000180c2000000000000000000aaaaaaaaaa000000000000000000b0000000b0000000e000000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000a0000000000000000000000415544495400000000000000000100000000000000000000000000000000000008"]}, 0x1d9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000013000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000010000/0x3000)=nil)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x370, 0x180, 0xffffff80, 0x178, 0x0, 0x178, 0x2a0, 0x230, 0x258, 0x2a0, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x138, 0x180, 0x12, {0x959f1400}, [@common=@unspec=@ipvs={{0x48}, {@ipv4=@multicast1}}, @common=@unspec=@limit={{0x48}, {0x0, 0x412}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast1, 'geneve1\x00'}}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth0_to_team\x00', 'hsr0\x00'}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x2}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x49, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x6, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x2000000000000393, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r6}, 0x10)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
r7 = socket$inet6(0xa, 0x80002, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f00000003c0)={@remote, 0x1d, r9})
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000b80)={'batadv_slave_1\x00', <r12=>0x0})
setsockopt$inet6_mreq(r10, 0x29, 0x1b, &(0x7f0000000300)={@remote, r12}, 0x14)
mremap(&(0x7f0000010000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000013000/0x3000)=nil)
recvmmsg(0xffffffffffffffff, &(0x7f0000002340)=[{{0x0, 0x0, &(0x7f0000000640)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0xfea7)

4m41.624552775s ago: executing program 2 (id=484):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000340)=ANY=[@ANYBLOB="640121020001ac1414bb7f7fdd9b"], 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
capset(0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
r6 = socket$nl_route(0x10, 0x3, 0x0)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x12)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @empty=0x1000000}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4008800}, 0x0)
syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a"], 0xd)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

4m38.376476246s ago: executing program 2 (id=490):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0, 0x0)
r0 = syz_usbip_server_init(0x4)
write$usbip_server(r0, &(0x7f0000000280)=@ret_submit={{0x3, 0x1, 0x0, 0x1, 0x4}, 0xfff, 0x12, 0x34, 0x0, 0x1, 0x0, "3a73ee7ec0648bc1ad63266e6303535b8d9c"}, 0x42)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
r3 = dup2(r2, r1)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1bc}, 0x1, 0x0, 0x0, 0x4000}, 0x24040000)
write$binfmt_format(r3, &(0x7f0000000000)='-1\x00', 0x3)
chdir(&(0x7f0000000300)='./file1\x00')
mkdir(&(0x7f0000000200)='./file1\x00', 0x88)

4m35.319868067s ago: executing program 2 (id=500):
socket$nl_netfilter(0x10, 0x3, 0xc)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)='bfs\x00', 0x208000, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000022008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c)
userfaultfd(0x80800)
socket(0x2, 0x2, 0x1)
syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000440)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="44010000210001"], 0x144}}, 0x0)

4m34.324586766s ago: executing program 2 (id=505):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
eventfd2(0x9, 0x80801)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, "0f03c8c7e8da000000000000ffffff017f000000cce67e1d0000e565aa9a9d32c7627ffe7a54cdbd77b3000000000000000000060000000000000000deff00", 0x1a}, 0x60)
getsockopt$nfc_llcp(r0, 0x118, 0x3, &(0x7f0000000140)=""/192, 0x20000057)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d9c826367e94ff87e48b5c84c384e4da2242cd7402f8ed7ca62f2", 0x7d, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$sock_qrtr_TIOCINQ(r4, 0x541b, &(0x7f00000000c0))
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, 0x0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800e000100696d6d656469617465000000280002801c000280180002800900020073797a320000000008000180fffffffc08000140000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x94}}, 0x0)

4m32.982458899s ago: executing program 2 (id=506):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1c02000007ffff", @ANYRES16=r4, @ANYRES64=r2, @ANYRES64=r1, @ANYRESOCT], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
close(0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r6, 0xc0049364, &(0x7f0000000040))
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

4m17.890002568s ago: executing program 32 (id=506):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1c02000007ffff", @ANYRES16=r4, @ANYRES64=r2, @ANYRES64=r1, @ANYRESOCT], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
close(0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r6, 0xc0049364, &(0x7f0000000040))
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

4m14.62858998s ago: executing program 1 (id=568):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x13c, 0x10, 0x413, 0x0, 0x0, {{@in6=@loopback, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e24, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x8}, {0x0, 0x0, 0xcc}, {}, 0x0, 0x0, 0xa, 0x0, 0x1}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x80}}]}, 0x13c}}, 0x0)

4m13.309189775s ago: executing program 1 (id=570):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000340)=ANY=[@ANYBLOB="640121020001ac1414bb7f7fdd9b"], 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
capset(0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
r6 = socket$nl_route(0x10, 0x3, 0x0)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x12)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @empty=0x1000000}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4008800}, 0x0)
syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a"], 0xd)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

4m9.709319206s ago: executing program 1 (id=580):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x1c, r1, 0x5, 0x0, 0x0, {{0x8e}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) (fail_nth: 2)

4m9.289108414s ago: executing program 1 (id=583):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r0], 0x44}}, 0x0)

4m8.641705942s ago: executing program 1 (id=586):
socket$nl_rdma(0x10, 0x3, 0x14)
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(r0, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="82c843e6cd4ad372", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x55, 0x20000010}}], 0x1, 0x3400c084)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8080, 0x81)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x2)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000140)={0x10})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
r2 = socket$inet6(0xa, 0x2, 0x9)
connect$inet6(r2, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x12, r3, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSL2CALL(r4, 0x5411, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={0x0}, 0x18)
truncate(&(0x7f0000000100)='./file2\x00', 0x100000000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58f04"])
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000023c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a00000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r9, 0xe0, &(0x7f0000000480)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r10}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r9, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000002e, 0x8, 0x0, 0x0}}, 0x10)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000c000000ffff0000010000389c1b4ef350357b640e6df97e15940000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r11, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000040)={r12, &(0x7f00000000c0), 0x0}, 0x20)

4m7.491736392s ago: executing program 1 (id=589):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0, @dev}, 0x10)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0xc41})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ppoll(&(0x7f0000000000)=[{r4, 0x4047}], 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580, 0x0, 0x83}, &(0x7f0000000040), &(0x7f0000000280))
sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

3m52.380489611s ago: executing program 33 (id=589):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0, @dev}, 0x10)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0xc41})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ppoll(&(0x7f0000000000)=[{r4, 0x4047}], 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580, 0x0, 0x83}, &(0x7f0000000040), &(0x7f0000000280))
sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

22.582789528s ago: executing program 4 (id=1223):
writev(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000000300)="6bd03b4e5c0d58938a2648a7e1d5ed7648bb1654d43577915a6c1e786208a0e1c52b1c62c4e4cca8e61076fc757c70bedc63ecb87a172d79dbe13299af5c32cd41c1f130c55755a55f45c0764f8921d221a43099ddc32721fb2bf42ed5bf3d2a8e739446831a7323c00581e3d051bee509852fa85bf8f55f2367dc67ee9f358de7058f11e8298a2007e96fabda8c990a4839b5e6d996e57ac4c96ac1488890d72a9dbd8be600eb5f84edf752120f9965200ad7ead0597242db76e8aa04727e66b9414bffe2b809384d41431bf47110ea7af51b33", 0xd4}, {&(0x7f0000000500)="186e1b5c7cb19f2898b834449c520fe6295642939bfbbd8c53ff206a", 0x1c}], 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

17.427804187s ago: executing program 4 (id=1238):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380))
r1 = eventfd2(0x76, 0x1)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r4=>0x0})
r5 = socket(0x11, 0x3, 0x0)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000000)={0x0, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000140)={0x7, "27d85592b6bfee2be57c8a201e5cfcf3939c0b6b101aac05abcc54a7042fafc2"})
r7 = dup(0xffffffffffffffff)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
setsockopt$packet_fanout(r5, 0x107, 0x14, &(0x7f0000000100)={0x2}, 0x4)
sendto$packet(r5, &(0x7f0000000140)="ac", 0x1, 0x0, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r9, 0x541b, 0x1000000000000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000600)=""/175, 0x0})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)

14.083104196s ago: executing program 3 (id=1246):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x840000000002, 0x3, 0xc3)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="fb00000000000000a7"])
r6 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000300)={0x1, 0x0, 0x3, &(0x7f0000000100)={0x0, "fd6d44512b7e1b0420ec2a3ba53b31dd77e7ffffff0300"}})
setsockopt$inet_int(r0, 0x0, 0x16, &(0x7f0000000000)=0x9, 0x4)
r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r7, 0x50009404, &(0x7f0000000140))
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
read$FUSE(r8, &(0x7f0000006380)={0x2020}, 0x2020)

13.78890088s ago: executing program 4 (id=1247):
writev(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000000300)="6bd03b4e5c0d58938a2648a7e1d5ed7648bb1654d43577915a6c1e786208a0e1c52b1c62c4e4cca8e61076fc757c70bedc63ecb87a172d79dbe13299af5c32cd41c1f130c55755a55f45c0764f8921d221a43099ddc32721fb2bf42ed5bf3d2a8e739446831a7323c00581e3d051bee509852fa85bf8f55f2367dc67ee9f358de7058f11e8298a2007e96fabda8c990a4839b5e6d996e57ac4c96ac1488890d72a9dbd8be600eb5f84edf752120f9965200ad7ead0597242db76e8aa04727e66", 0xc0}], 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0xffffffffffffffff}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

12.495929856s ago: executing program 3 (id=1249):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000300)={0x0, 0x1000, 0xfffffffa, 0x4, 0xc, 0x8, 0x2, 0xfffffc00, {0x0, @in={{0x2, 0x4e23, @multicast1}}, 0x6, 0xa, 0x2, 0x10001, 0x4}}, &(0x7f0000000180)=0xb0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB, @ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SET_IO_FLUSHER(0x53564d41, 0x1)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
bind$inet6(r3, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

10.880897196s ago: executing program 3 (id=1254):
r0 = socket$inet6(0xa, 0x3, 0x87)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r4, 0x5609, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000340)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x108)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r6, 0xc008551b, &(0x7f0000000040)=ANY=[])
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000000)={{{@in=@local, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xffff, 0x3}}, {{@in=@loopback, 0x0, 0x6c}, 0xa, @in=@loopback}}, 0xe8)
r7 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r7, &(0x7f0000003ac0)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback, 0x1}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000940)="ffcc481c7f1c9e89", 0x8}], 0x1}}], 0x2, 0x0)

10.588555572s ago: executing program 0 (id=1256):
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
ftruncate(r3, 0xc17a)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB='/'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

10.587881358s ago: executing program 4 (id=1257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x4000010, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x401d031, 0xffffffffffffffff, 0x0)
r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
getsockopt$sock_buf(r3, 0x1, 0xe, 0x0, &(0x7f0000000180))
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r4)
sendmsg$NLBL_CALIPSO_C_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x1c, r5, 0x125, 0xfffffffc, 0x1020, {}, [@NLBL_CALIPSO_A_DOI={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x7f02100df1b156e5}, 0x4000000)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
ioctl$HIDIOCSUSAGES(0xffffffffffffffff, 0x501c4814, 0x0)
setsockopt$inet6_udp_int(r7, 0x11, 0x67, 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x80000008)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
connect$inet6(r7, 0x0, 0x0)
sendmmsg$inet6(r7, 0x0, 0x0, 0x80440c1)
r8 = syz_pidfd_open(r6, 0x0)
process_madvise(r8, 0x0, 0x0, 0x19, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

8.237660113s ago: executing program 0 (id=1258):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f00000000c0)={0x0, 0x40000, 0x0, 0xfffffffc, 0x358}, &(0x7f0000000380)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='{\'\x00', &(0x7f00000001c0)='&}.\'-:{\x00', 0x0)
fchdir(r7)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}]})
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r3, 0x3f70, 0x0, 0x0, 0x0, 0x0)

8.23428991s ago: executing program 4 (id=1259):
r0 = socket$inet(0x2, 0x2, 0x1)
syslog(0x4, &(0x7f0000000180)=""/210, 0xd2)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000440)=0x200, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
unshare(0x22020400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
connect$inet(r1, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900), 0x0, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCDELRT(r5, 0x891b, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
ioprio_set$uid(0x3, 0x0, 0x0)

8.17154441s ago: executing program 6 (id=1260):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x840000000002, 0x3, 0xc3)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="fb00000000000000a7"])
r6 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000300)={0x1, 0x0, 0x3, &(0x7f0000000100)={0x0, "fd6d44512b7e1b0420ec2a3ba53b31dd77e7ffffff0300"}})
setsockopt$inet_int(r0, 0x0, 0x16, &(0x7f0000000000)=0x9, 0x4)
r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r7, 0x50009404, &(0x7f0000000140))
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
read$FUSE(r8, &(0x7f0000006380)={0x2020}, 0x2020)

6.850601566s ago: executing program 3 (id=1261):
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
ioctl$SIOCAX25CTLCON(r1, 0x89e9, &(0x7f0000000000)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, 0x0, 0x0, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]})
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x3a)
ioctl$SIOCAX25ADDUID(r2, 0x89e7, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getpeername$ax25(r2, 0xfffffffffffffffd, &(0x7f0000000080))
setresgid(0xee00, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r4)
sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x3c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_FAMILY={0x6}]}, 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
shutdown(r3, 0x1)

6.788559001s ago: executing program 5 (id=1262):
r0 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='{\'\x00', 0x0, 0x0)

6.028778971s ago: executing program 6 (id=1263):
r0 = socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x2a, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11000000}, 0x0)

5.944679448s ago: executing program 0 (id=1264):
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB="da2261875f58323cf5704ca92bdcc7e39a892ad9ce2e9482b397d74faa777043c79850203e844203a9e2442046a6d5429a7a66ed82d754"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x0, 0x0, @remote}, r4}}, 0x48)
close(r3)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
epoll_create1(0x0)
syz_open_dev$usbmon(&(0x7f0000000440), 0x0, 0x0)
syz_io_uring_setup(0xa7f, &(0x7f0000000000)={0x0, 0xd47d, 0x80, 0x0, 0x14}, &(0x7f0000000640), &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000280))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})

5.7407257s ago: executing program 5 (id=1265):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x0, 0x0, 0x403}})
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000000)={0x10000, 0x0, [0x2, 0x1, 0x8, 0x752, 0x9c01, 0x2, 0x8, 0x3]})
mprotect(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000740)=0xa0000)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@multicast2, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500"}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ff1f4d7ed79c31e2e0f1da00000000230000002000", 0x3e1c}, 0x3c)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000140)=0x7, 0x4)
r5 = dup(r3)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000040)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r3, 0x7cb, &(0x7f0000000100)={&(0x7f0000001100)={{@local}, {@hyper}, 0x400, "a9e982103df53ce6b531b9df69f4a83ca7c6c257ffcec48fdd079a484b999da8d403d2d5ae19962553412682691cb347a8ca3723330043d55bab204ad8910cdf928e51f78c9f8c491e01c0d8e9144bb316d74615369a7a2ddabf419d3e2d65d38103fad0397dadd36dbe6316275a011b5f2870f38d732bfae62c9fdb0041aed9aefade394a2894e979f2fb2cd1316f801727ce4a8cfceb7bb8a9402f66c37d8206f69da312b8c1c5e8e99e2a0b16ba5295795122357d9bb1657833b8ae83ac9256afc32056ee35dba7b44623dfa55250ae9fa1f9a950b930b98a6361f11f0fbd38339dde08ba0f056107fd2dc5bfaa8af65fa3d207f1db778b17d00e0988be71bb3f9e9364b865ea45276dc6c18f32b285f198161939e68f211d940d7f5e225c5e15945f1fd125859f94b08a3e777789fb743af30d11c3c68fae32f3aaf941d7e3b0111f19e1006b1730006b876f66be174f674cfffac793cb0bf7ba79b82cf4be085a4b8d8bd131d54efd9deba758fa848320296b5268c9885bf752a7a5dc6f080e322acf3a9ee33e1895b55a171d8114f15117f84cd13f6069141e9e31332ebd5189fff0a38dd650d179ba03f4754a1fde5f15f7267db4b2dc9a5cf43b6bc13133ec7ee6a6722ff39479a10d2336cb54074b1e00264b3a5f379015bdda214080959d2d1f3d376be2e3a049c86c7235cf1a0440b0c7758d2c08e2a2f00cd408b7fdfb789d77628631f98c4b0ecc1f63b60de931f419e17833d3846aaafa8b59368b6e993a6999f5ea6f75b09e394e2fb1f36c6a7669184f33a93ebda47aa5cfa402e76badd8996a760fb0713fefe693956336604d48dd28c2ff08f9433f390fa7995fa4423be17dc484ea61af21f5d3ba81605a1a511aae387097483689502cfd5658cf430277bc0baedd616f5aed85394031652b120ff98f5f626d4667f7b00f65e8ddb68496ef402041fe33e9e44a050366c0996bd06795926fb7e769c8f64d19ae9892a5faea7216f2c2b6f556cae9a12679f111a1585b936f7ae3bcfde5c633409646950fc42d5b6361462d5a39674fdf2a290ab8ef142312060d46ef792b6dbe17f9728d5e77ca33eeb9ab5e6982091f31f53829c8ff64b13bcfbb5e76137a2e402029f5882c79f66310fd4a3af9d88518e9f39a53804ed066d0adf687634fd27525866f7a5730d6047d4e049b2f48d5ef5d88502482471eb9fafd60a2d234f69b19b232235030c5ca8975f2be003fb079dd28cb029a599169bfd17e53e94fe0802b3fd6ba43e8fad6c0ae124ca1384a66e007c9066b3da2875ab032d1354a604b472b7e27298fcbeadcad250eff76b1e7d77e1861fb38dbbbb75fdea353604ff34c6b9ca6b692305b5e3f634c7a6d431aeafb6f82456a69996793645fd91cccf5b38ff5e070f049c992003e11d6174a38e217d56f2e427901927a5c17"}, 0x418})
close_range(r2, 0xffffffffffffffff, 0x0)
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140))

5.282144531s ago: executing program 3 (id=1266):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026f90000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000000048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570d338f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee905000000d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d00000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80146, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000240)={0xf0003, 0x0, [0x680, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2b]})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
signalfd(r3, &(0x7f0000000000)={[0x2821]}, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
madvise(&(0x7f000067b000/0x4000)=nil, 0x4000, 0x0)

5.092976733s ago: executing program 4 (id=1267):
writev(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000000300)="6bd03b4e5c0d58938a2648a7e1d5ed7648bb1654d43577915a6c1e786208a0e1c52b1c62c4e4cca8e61076fc757c70bedc63ecb87a172d79dbe13299af5c32cd41c1f130c55755a55f45c0764f8921d221a43099ddc32721fb2bf42ed5bf3d2a8e739446831a7323c00581e3d051bee509852fa85bf8f55f2367dc67ee9f358de7058f11e8298a2007e96fabda8c990a4839b5e6d996e57ac4c96ac1488890d72a9dbd8be600eb5f84edf752120f9965200ad7ead0597242db76e8aa04727e66b9414bffe2b809384d41431bf47110ea7af51b33", 0xd4}, {&(0x7f0000000500)="186e1b5c7cb19f2898b834449c520fe6295642939bfbbd8c53ff206a", 0x1c}], 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

4.469341469s ago: executing program 6 (id=1268):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x8}, 0x18)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='v7\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$6lowpan_control(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
r5 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='auto_da_alloc', 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x4)
mount$9p_rdma(0x0, &(0x7f0000000500)='./file0\x00', 0x0, 0x200000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x80000000, 0x0)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, 0x0)

4.410246432s ago: executing program 0 (id=1269):
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
ftruncate(r3, 0xc17a)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB='/'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4.248145593s ago: executing program 5 (id=1270):
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf050000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc83df03395287fd51a700ea6553f304000000815dcf00c3eebc52267b042d196bde7c382d21ff79a8583a7482c5994747e19325b1ee980cbd800d845dacbcf5ad8cdbc7abf9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800"], 0x44}}, 0x0)

4.06303735s ago: executing program 0 (id=1271):
r0 = socket$inet(0x2, 0x2, 0x1)
syslog(0x4, &(0x7f0000000180)=""/210, 0xd2)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000440)=0x200, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
unshare(0x22020400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
connect$inet(r1, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900), 0x0, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCDELRT(r5, 0x891b, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r6 = creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
close(r6)

3.320303182s ago: executing program 6 (id=1272):
r0 = socket$inet6(0xa, 0x3, 0x87)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r4, 0x5609, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000340)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x108)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r6, 0xc008551b, &(0x7f0000000040)=ANY=[])
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000000)={{{@in=@local, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xffff, 0x3}}, {{@in=@loopback, 0x0, 0x6c}, 0xa, @in=@loopback}}, 0xe8)
r7 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r7, &(0x7f0000003ac0)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback, 0x1}, 0x1c, &(0x7f0000000740)}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000940)="ffcc481c7f1c9e89", 0x8}], 0x1}}], 0x2, 0x0)

3.27530241s ago: executing program 5 (id=1273):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x840000000002, 0x3, 0xc3)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="fb00000000000000a7"])
r6 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000300)={0x1, 0x0, 0x3, &(0x7f0000000100)={0x0, "fd6d44512b7e1b0420ec2a3ba53b31dd77e7ffffff0300"}})
setsockopt$inet_int(r0, 0x0, 0x16, &(0x7f0000000000)=0x9, 0x4)
r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r7, 0x50009404, &(0x7f0000000140))
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
read$FUSE(r8, &(0x7f0000006380)={0x2020}, 0x2020)

2.146611717s ago: executing program 6 (id=1274):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000300)={0x0, 0x1000, 0xfffffffa, 0x4, 0xc, 0x8, 0x2, 0xfffffc00, {0x0, @in={{0x2, 0x4e23, @multicast1}}, 0x6, 0xa, 0x2, 0x10001, 0x4}}, &(0x7f0000000180)=0xb0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000040a0ed35548f3392e63c25086875a6e5a62e8c514b31f53ddc117c64520080a4e1829f50421b6d239e96023881c216dc512fc8a8606a7253ac4723120cdf7fbabd15249d96ff83c7217dd2e8bfe7d4f664e1f1cd622d2f7ea65d574aeb72edbaa5a30152075103902a811f6d75816a6eb08988402de2ec135ec15b16460940f4b5d828875fee6ce13a5a9eda5bde3ed1f9dc0106f1137e0b2bc1283cc79075d0ad289bbe198cf00a078513bc07ff30d8781efd10283b8599f915bb35e722f0bc777eedb6b526279e3db24efdc036fe3fd2aa52320ccb7017c622b0a5cbbaa088cb89c67faa5d16b89e41256764492c0bbbe808035aa99fc7f4b930ea6461a63ecb78fb8ebf0ab0f5454dcd87d287f4a085523a2d7ce5d417187700000000000000", @ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SET_IO_FLUSHER(0x53564d41, 0x1)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.313176223s ago: executing program 5 (id=1275):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}, {@uuid_off}], [{@func={'func', 0x3d, 'FILE_MMAP'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000000)='./file1\x00', 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')
chroot(&(0x7f0000000040)='./file1\x00')

1.132186706s ago: executing program 0 (id=1276):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
capset(0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @empty=0x1000000}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4008800}, 0x0)
syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a"], 0xd)
openat$snapshot(0xffffff9c, &(0x7f0000000880), 0x20840, 0x0)

1.131589809s ago: executing program 5 (id=1277):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000300)={0x0, 0x1000, 0xfffffffa, 0x4, 0xc, 0x8, 0x2, 0xfffffc00, {0x0, @in={{0x2, 0x4e23, @multicast1}}, 0x6, 0xa, 0x2, 0x10001, 0x4}}, &(0x7f0000000180)=0xb0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000040a0ed35548f3392e63c25086875a6e5a62e8c514b31f53ddc117c64520080a4e1829f50421b6d239e96023881c216dc512fc8a8606a7253ac4723120cdf7fbabd15249d96ff83c7217dd2e8bfe7d4f664e1f1cd622d2f7ea65d574aeb72edbaa5a30152075103902a811f6d75816a6eb08988402de2ec135ec15b16460940f4b5d828875fee6ce13a5a9eda5bde3ed1f9dc0106f1137e0b2bc1283cc79075d0ad289bbe198cf00a078513bc07ff30d8781efd10283b8599f915bb35e722f0bc777eedb6b526279e3db24efdc036fe3fd2aa52320ccb7017c622b0a5cbbaa088cb89c67faa5d16b89e41256764492c0bbbe808035aa99fc7f4b930ea6461a63ecb78fb8ebf0ab0f5454dcd87d287f4a085523a2d7ce5d417187700000000000000", @ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SET_IO_FLUSHER(0x53564d41, 0x1)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.089647101s ago: executing program 3 (id=1278):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d0102030109021200010000000009"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x10, &(0x7f0000000280)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000600)={0x40, 0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2, 0xff, 0x71, 0x20, 0x9c4, 0x11, 0xb01c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x4, 0x10, 0x0, [{{0x9, 0x4, 0x7e, 0x10, 0x2, 0x26, 0xd5, 0x18, 0x8, [], [{{0x9, 0x5, 0x6, 0x2, 0x3ff}}, {{0x9, 0x5, 0x82, 0x2, 0x8}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r1, &(0x7f00000000c0)={0x14, &(0x7f0000000300)=ANY=[@ANYBLOB="40050c0000000c219828108b1acafb01"], 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000380)={0x2c, &(0x7f0000000140)={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 6 (id=1279):
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000500)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="340000001400b5952cbc7000ffdbdf250a0080c8", @ANYRES32=r2, @ANYBLOB="140002000000000000000000000000000000000108000900ffffffff56d83ab5db34ba330dc0e355920b1e6dd740e281d71bb5cfa5388ea6d011a3e09770f30d18ceea32f06f8cfa438e60e82713a0dec04eea65d690866cf444d3fe6110c2ccc9816286bf209ed051d3e405b8184081402ac62415ecebcd45bd221b38a8b5fc796201addad4b9fc35e4247deefbe92efab79214aab508f84c71ed985c6f92972ee5deafeedae2a3c8"], 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x40040)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000a40)=ANY=[], 0x240}, 0x1, 0x0, 0x0, 0x8800}, 0x8044)

kernel console output (not intermixed with test programs):

oint 0xA has invalid wMaxPacketSize 0
[  239.903696][ T8174] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.916976][ T5912] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  239.921627][ T8174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.926428][ T5912] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.946329][ T5912] usb 1-1: Product: syz
[  239.950868][ T5912] usb 1-1: Manufacturer: syz
[  239.955469][ T5912] usb 1-1: SerialNumber: syz
[  239.956080][ T8174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.962863][ T5912] usb 1-1: config 0 descriptor??
[  239.975314][ T8174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.982408][ T5912] iguanair 1-1:0.0: probe with driver iguanair failed with error -12
[  239.985794][ T8174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.003918][ T8174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.014434][ T8174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.025863][ T8174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.036639][ T8174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.046742][ T8174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.057467][ T8174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.067617][ T8174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.078150][ T8174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.089069][ T8174] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.104852][ T8174] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.119187][ T8174] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.129183][ T8174] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.145616][ T8174] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.197763][   T29] audit: type=1400 audit(1732624232.892:481): avc:  denied  { bind } for  pid=8225 comm="syz.0.640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  240.255401][   T29] audit: type=1400 audit(1732624232.942:482): avc:  denied  { audit_read } for  pid=8249 comm="syz.3.646" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  240.328654][   T29] audit: type=1400 audit(1732624232.942:483): avc:  denied  { getopt } for  pid=8249 comm="syz.3.646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  240.349601][   T29] audit: type=1326 audit(1732624233.022:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8249 comm="syz.3.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9bff7e819 code=0x7ffc0000
[  240.377373][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.386387][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.443402][ T4141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.457126][ T4141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.681534][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  240.809345][ T8265] netlink: 'syz.3.647': attribute type 13 has an invalid length.
[  241.321796][ T5835] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  241.440987][ T8265] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  241.447789][ T8265] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  241.950884][ T8271] netlink: 'syz.6.648': attribute type 13 has an invalid length.
[  242.774259][ T5912] usb 1-1: USB disconnect, device number 23
[  242.997938][ T8281] netlink: 16 bytes leftover after parsing attributes in process `syz.5.652'.
[  243.382128][ T8281] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  243.806920][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  243.807124][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  244.702374][ T8296] overlayfs: missing 'lowerdir'
[  245.976138][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  246.388920][ T8326] FAULT_INJECTION: forcing a failure.
[  246.388920][ T8326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.480935][ T8326] CPU: 0 UID: 0 PID: 8326 Comm: syz.5.663 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  246.491227][ T8326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  246.501295][ T8326] Call Trace:
[  246.504577][ T8326]  <TASK>
[  246.507508][ T8326]  dump_stack_lvl+0x16c/0x1f0
[  246.512198][ T8326]  should_fail_ex+0x497/0x5b0
[  246.516894][ T8326]  _copy_from_user+0x2e/0xd0
[  246.521498][ T8326]  map_update_elem+0x744/0x8f0
[  246.526269][ T8326]  ? __pfx_map_update_elem+0x10/0x10
[  246.531540][ T8326]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  246.537419][ T8326]  ? selinux_bpf+0xee/0x130
[  246.541916][ T8326]  __sys_bpf+0x14bb/0x49c0
[  246.546318][ T8326]  ? __pfx_lock_release+0x10/0x10
[  246.551329][ T8326]  ? __pfx___sys_bpf+0x10/0x10
[  246.556078][ T8326]  ? vfs_write+0x306/0x1150
[  246.560564][ T8326]  ? __mutex_unlock_slowpath+0x164/0x690
[  246.566194][ T8326]  ? fput+0x67/0x440
[  246.570074][ T8326]  ? ksys_write+0x1ba/0x250
[  246.574559][ T8326]  ? __pfx_ksys_write+0x10/0x10
[  246.579392][ T8326]  __x64_sys_bpf+0x78/0xc0
[  246.583801][ T8326]  ? lockdep_hardirqs_on+0x7c/0x110
[  246.589006][ T8326]  do_syscall_64+0xcd/0x250
[  246.593499][ T8326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.599380][ T8326] RIP: 0033:0x7f810397e819
[  246.603777][ T8326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.623370][ T8326] RSP: 002b:00007f81017f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  246.631766][ T8326] RAX: ffffffffffffffda RBX: 00007f8103b35fa0 RCX: 00007f810397e819
[  246.639746][ T8326] RDX: 0000000000000020 RSI: 0000000020000780 RDI: 0000000000000002
[  246.647701][ T8326] RBP: 00007f81017f6090 R08: 0000000000000000 R09: 0000000000000000
[  246.655652][ T8326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.663603][ T8326] R13: 0000000000000000 R14: 00007f8103b35fa0 R15: 00007fff9602bcc8
[  246.671564][ T8326]  </TASK>
[  246.674670][    C0] vkms_vblank_simulate: vblank timer overrun
[  246.682426][   T29] kauditd_printk_skb: 20 callbacks suppressed
[  246.682439][   T29] audit: type=1400 audit(1732624239.112:505): avc:  denied  { setopt } for  pid=8309 comm="syz.0.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  246.831757][ T8330] netlink: 'syz.3.665': attribute type 13 has an invalid length.
[  248.010937][ T8330] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  248.017263][ T8330] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  248.341001][  T969] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  249.032176][  T969] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.044280][  T969] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.060368][  T969] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  249.073765][  T969] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.162301][  T969] usb 6-1: config 0 descriptor??
[  249.600868][   T29] audit: type=1400 audit(1732624242.272:506): avc:  denied  { connect } for  pid=8353 comm="syz.6.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  249.923887][   T29] audit: type=1400 audit(1732624242.272:507): avc:  denied  { setopt } for  pid=8353 comm="syz.6.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  250.248649][ T8359] evm: overlay not supported
[  250.287884][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  250.294405][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  250.570381][  T969] hid (null): bogus close delimiter
[  251.030272][  T116] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  251.195078][    T8] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  251.203875][  T969] usb 6-1: language id specifier not provided by device, defaulting to English
[  251.245006][ T8375] netlink: 'syz.3.678': attribute type 4 has an invalid length.
[  251.324322][   T29] audit: type=1800 audit(1732624244.022:508): pid=8375 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.678" name="/" dev="9p" ino=2 res=0 errno=0
[  251.326214][ T8376] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8376 comm=syz.3.678
[  251.344145][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.350908][  T116] usb 5-1: Using ep0 maxpacket: 32
[  251.375045][  T116] usb 5-1: config index 0 descriptor too short (expected 32410, got 154)
[  251.387067][  T116] usb 5-1: config 1 has too many interfaces: 39, using maximum allowed: 32
[  251.399167][  T116] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  251.410581][ T8375] netlink: 36 bytes leftover after parsing attributes in process `syz.3.678'.
[  251.411624][  T116] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 39
[  251.436146][  T116] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  251.440876][    T8] usb 1-1: Using ep0 maxpacket: 16
[  251.461667][    T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.473021][    T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.484206][    T8] usb 1-1: config 0 interface 0 has no altsetting 0
[  251.513384][    T8] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  251.517863][  T116] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.526609][  T969] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0011/input/input25
[  251.543589][  T116] usb 5-1: Product: syz
[  251.547831][  T116] usb 5-1: Manufacturer: syz
[  251.556669][  T116] usb 5-1: SerialNumber: syz
[  251.587641][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.621761][    T8] usb 1-1: config 0 descriptor??
[  251.657553][  T969] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0011/input/input26
[  251.681946][  T969] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0011/input/input27
[  251.698785][  T969] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0011/input/input28
[  251.720327][  T969] uclogic 0003:256C:006D.0011: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.5-1/input0
[  251.741495][  T969] usb 6-1: USB disconnect, device number 2
[  251.775438][  T116] usb 5-1: Audio class v2/v3 interfaces need an interface association
[  251.812670][  T116] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  251.845569][  T116] usb 5-1: USB disconnect, device number 22
[  252.049928][    T8] hid (null): unknown global tag 0xe
[  252.058471][    T8] hid (null): invalid report_size 9273
[  252.070401][ T6584] udevd[6584]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  252.100011][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0012/input/input29
[  252.142446][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0012/input/input30
[  252.198556][    T8] kye 0003:0458:5013.0012: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  252.291398][   T47] usb 1-1: USB disconnect, device number 24
[  252.355633][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  252.655827][ T8392] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  252.702433][ T8392] SELinux: failed to load policy
[  252.872941][  T116] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  253.231392][  T116] usb 5-1: Using ep0 maxpacket: 16
[  253.243384][  T116] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.639952][  T116] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.649763][  T116] usb 5-1: config 0 interface 0 has no altsetting 0
[  253.656613][  T116] usb 5-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  253.666007][  T116] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.677612][  T116] usb 5-1: config 0 descriptor??
[  253.871435][  T969] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  254.030876][  T969] usb 1-1: Using ep0 maxpacket: 8
[  254.039084][  T969] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.066964][  T969] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  254.084576][  T969] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  254.093952][    T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  254.098513][  T116] hid (null): unknown global tag 0xe
[  254.101545][  T969] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.101568][  T969] usb 1-1: Product: syz
[  254.101584][  T969] usb 1-1: Manufacturer: syz
[  254.101599][  T969] usb 1-1: SerialNumber: syz
[  254.161795][  T116] hid (null): invalid report_size 9273
[  254.193014][  T116] input: HID 0458:5013 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5013.0013/input/input31
[  254.242494][   T29] audit: type=1400 audit(1732624246.942:509): avc:  denied  { write } for  pid=8407 comm="syz.6.690" name="mouse0" dev="devtmpfs" ino=1013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  254.253667][    T8] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  254.284740][  T116] input: HID 0458:5013 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5013.0013/input/input32
[  254.305625][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.320474][ T8399] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  254.331946][    T8] usb 6-1: Product: syz
[  254.336363][    T8] usb 6-1: Manufacturer: syz
[  254.341764][    T8] usb 6-1: SerialNumber: syz
[  254.353494][    T8] usb 6-1: config 0 descriptor??
[  254.362472][  T116] kye 0003:0458:5013.0013: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.4-1/input0
[  254.364797][    T8] ch341 6-1:0.0: ch341-uart converter detected
[  254.395518][  T116] usb 5-1: USB disconnect, device number 23
[  254.432563][   T29] audit: type=1400 audit(1732624247.132:510): avc:  denied  { getopt } for  pid=8409 comm="syz.3.689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  254.441804][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  254.680343][   T29] audit: type=1400 audit(1732624247.372:511): avc:  denied  { ioctl } for  pid=8407 comm="syz.6.690" path="/dev/input/mouse0" dev="devtmpfs" ino=1013 ioctlcmd=0x5442 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  254.736675][  T969] cdc_ncm 1-1:1.0: failed GET_NTB_PARAMETERS
[  254.750646][  T969] cdc_ncm 1-1:1.0: bind() failure
[  254.759372][  T969] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  254.766390][  T969] cdc_ncm 1-1:1.1: bind() failure
[  254.986499][    T8] ch341-uart ttyUSB0: failed to read break control: -71
[  255.004360][    T8] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  255.026671][    T8] usb 6-1: USB disconnect, device number 3
[  255.034080][    T8] ch341 6-1:0.0: device disconnected
[  255.188181][  T116] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  255.686720][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  255.693267][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  255.701428][  T116] usb 7-1: Using ep0 maxpacket: 32
[  256.127392][  T116] usb 7-1: config index 0 descriptor too short (expected 32410, got 154)
[  256.136204][  T116] usb 7-1: config 1 has too many interfaces: 39, using maximum allowed: 32
[  256.168844][  T116] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  256.201737][  T116] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 39
[  256.329454][    T8] usb 1-1: USB disconnect, device number 25
[  256.417744][ T8429] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  256.446034][ T8429] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  256.456575][  T116] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  256.511295][ T8436] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  256.521344][ T8436] SELinux: failed to load policy
[  256.614699][  T116] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.911048][  T116] usb 7-1: Product: syz
[  256.915277][  T116] usb 7-1: Manufacturer: syz
[  256.919893][  T116] usb 7-1: SerialNumber: syz
[  256.984414][ T8440] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  256.994622][ T8440] SELinux: failed to load policy
[  257.436993][ T8442] netlink: 'syz.4.698': attribute type 4 has an invalid length.
[  257.644633][ T8445] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8445 comm=syz.4.698
[  257.917819][  T116] usb 7-1: Audio class v2/v3 interfaces need an interface association
[  257.995953][ T8442] netlink: 36 bytes leftover after parsing attributes in process `syz.4.698'.
[  258.218821][  T116] snd-usb-audio 7-1:1.0: probe with driver snd-usb-audio failed with error -22
[  258.414718][  T116] usb 7-1: USB disconnect, device number 2
[  258.448346][ T8455] netlink: 'syz.5.702': attribute type 4 has an invalid length.
[  258.527939][ T8456] netlink: 'syz.5.702': attribute type 8 has an invalid length.
[  258.556232][ T8456] netlink: 8 bytes leftover after parsing attributes in process `syz.5.702'.
[  258.802849][ T8462] VFS: could not find a valid V7 on nullb0.
[  258.810268][ T8462] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  258.831798][ T5826] udevd[5826]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  258.938380][   T29] audit: type=1800 audit(1732624251.632:512): pid=8455 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.702" name="/" dev="9p" ino=2 res=0 errno=0
[  258.958215][    C1] vkms_vblank_simulate: vblank timer overrun
[  259.254249][ T8470] program syz.0.706 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.238523][ T8479] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  260.247635][ T8479] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  260.465439][ T8488] netlink: 48 bytes leftover after parsing attributes in process `syz.0.712'.
[  260.479194][ T8488] 9pnet_fd: Insufficient options for proto=fd
[  260.544030][ T8489] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  260.554273][ T8489] SELinux: failed to load policy
[  260.580795][   T47] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  260.995536][   T47] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  261.048707][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.120236][   T47] usb 6-1: Product: syz
[  261.143805][   T47] usb 6-1: Manufacturer: syz
[  261.166214][   T47] usb 6-1: SerialNumber: syz
[  261.181242][   T47] usb 6-1: config 0 descriptor??
[  261.209273][   T47] ch341 6-1:0.0: ch341-uart converter detected
[  261.531330][ T8498] VFS: could not find a valid V7 on nullb0.
[  261.540215][ T8498] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  262.741280][  T116] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  263.066970][ T8510] netlink: 'syz.3.717': attribute type 13 has an invalid length.
[  263.122860][  T116] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.341500][   T47] usb 6-1: ch341-uart converter now attached to ttyUSB0
[  263.426946][  T116] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.458305][  T116] usb 5-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  263.467928][  T116] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.496913][  T116] usb 5-1: config 0 descriptor??
[  263.721691][  T116] logitech-djreceiver 0003:046D:C534.0014: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.4-1/input0
[  263.919444][  T116] usb 5-1: USB disconnect, device number 24
[  264.495928][ T8514] netlink: 'syz.4.719': attribute type 4 has an invalid length.
[  264.703644][    T8] usb 6-1: USB disconnect, device number 4
[  264.723533][    T8] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  264.745100][    T8] ch341 6-1:0.0: device disconnected
[  264.776254][ T8516] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  264.790519][ T8516] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  264.797162][   T29] audit: type=1400 audit(1732624257.492:513): avc:  denied  { connect } for  pid=8517 comm="syz.0.720" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  265.230973][ T8510] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  265.310834][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  265.748041][ T8510] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  265.852782][ T8522] netlink: 'syz.4.719': attribute type 8 has an invalid length.
[  265.878501][ T8522] netlink: 8 bytes leftover after parsing attributes in process `syz.4.719'.
[  265.910487][ T8524] netlink: 48 bytes leftover after parsing attributes in process `syz.3.723'.
[  265.939658][   T29] audit: type=1800 audit(1732624258.632:514): pid=8514 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.719" name="/" dev="9p" ino=2 res=0 errno=0
[  265.940534][ T8524] 9pnet_fd: Insufficient options for proto=fd
[  266.020912][    T8] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  266.028569][  T969] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  266.181031][    T8] usb 1-1: Using ep0 maxpacket: 8
[  266.195035][  T969] usb 7-1: Using ep0 maxpacket: 16
[  266.234017][ T8531] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  266.245253][    T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  266.256548][  T969] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.271887][ T8531] SELinux: failed to load policy
[  266.275308][  T969] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.343645][ T8532] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  266.353677][ T8532] SELinux: failed to load policy
[  266.913490][  T969] usb 7-1: config 0 interface 0 has no altsetting 0
[  266.969097][  T969] usb 7-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  266.978265][  T969] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.991019][  T969] usb 7-1: config 0 descriptor??
[  267.007098][    T8] usb 1-1: New USB device found, idVendor=0b48, idProduct=1006, bcdDevice=c0.0a
[  267.016325][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.036054][    T8] usb 1-1: Product: syz
[  267.040256][    T8] usb 1-1: Manufacturer: syz
[  267.098406][    T8] usb 1-1: SerialNumber: syz
[  267.134722][    T8] usb 1-1: config 0 descriptor??
[  267.177218][    T8] ttusb_dec_send_command: command bulk message failed: error -22
[  267.209356][    T8] ttusb-dec 1-1:0.0: probe with driver ttusb-dec failed with error -22
[  267.364955][ T8540] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  267.375134][ T8540] SELinux: failed to load policy
[  267.439303][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  268.150805][  T969] hid (null): unknown global tag 0xe
[  268.163093][  T969] hid (null): invalid report_size 9273
[  268.192854][ T5834] usb 1-1: USB disconnect, device number 26
[  268.205498][  T969] input: HID 0458:5013 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0458:5013.0015/input/input33
[  268.408255][  T969] input: HID 0458:5013 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0458:5013.0015/input/input34
[  268.422783][  T969] kye 0003:0458:5013.0015: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.6-1/input0
[  268.451826][  T969] usb 7-1: USB disconnect, device number 3
[  268.514010][ T8552] FAULT_INJECTION: forcing a failure.
[  268.514010][ T8552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.527315][ T8552] CPU: 0 UID: 0 PID: 8552 Comm: syz.0.729 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  268.537556][ T8552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  268.547605][ T8552] Call Trace:
[  268.550881][ T8552]  <TASK>
[  268.553805][ T8552]  dump_stack_lvl+0x16c/0x1f0
[  268.558486][ T8552]  should_fail_ex+0x497/0x5b0
[  268.563168][ T8552]  _copy_from_user+0x2e/0xd0
[  268.567771][ T8552]  cec_ioctl+0x6b8/0x2920
[  268.572101][ T8552]  ? __pfx_cec_ioctl+0x10/0x10
[  268.576863][ T8552]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  268.582756][ T8552]  ? do_vfs_ioctl+0x513/0x1990
[  268.587526][ T8552]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  268.592557][ T8552]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  268.599060][ T8552]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  268.605562][ T8552]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  268.612419][ T8552]  ? __pfx_lock_release+0x10/0x10
[  268.617452][ T8552]  ? selinux_file_ioctl+0x180/0x270
[  268.622651][ T8552]  ? selinux_file_ioctl+0xb4/0x270
[  268.627773][ T8552]  ? __pfx_cec_ioctl+0x10/0x10
[  268.632534][ T8552]  __x64_sys_ioctl+0x190/0x200
[  268.637304][ T8552]  do_syscall_64+0xcd/0x250
[  268.641809][ T8552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.647699][ T8552] RIP: 0033:0x7f584d37e819
[  268.652109][ T8552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.671714][ T8552] RSP: 002b:00007f584e220038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.680126][ T8552] RAX: ffffffffffffffda RBX: 00007f584d536160 RCX: 00007f584d37e819
[  268.688093][ T8552] RDX: 0000000020000040 RSI: 0000000040046109 RDI: 0000000000000004
[  268.696058][ T8552] RBP: 00007f584e220090 R08: 0000000000000000 R09: 0000000000000000
[  268.704025][ T8552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.711988][ T8552] R13: 0000000000000001 R14: 00007f584d536160 R15: 00007ffe0d81f518
[  268.719962][ T8552]  </TASK>
[  269.495443][ T8567] netlink: 'syz.0.733': attribute type 13 has an invalid length.
[  270.409559][ T8568] netlink: 8 bytes leftover after parsing attributes in process `syz.4.732'.
[  270.411464][ T8567] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  270.424453][ T8567] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  270.468719][ T8572] netlink: 'syz.3.735': attribute type 4 has an invalid length.
[  270.934955][ T8579] netlink: 'syz.5.737': attribute type 13 has an invalid length.
[  271.104613][ T5912] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  271.173041][ T8573] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8573 comm=syz.3.735
[  271.311045][ T8572] netlink: 36 bytes leftover after parsing attributes in process `syz.3.735'.
[  271.394757][ T5912] usb 7-1: Using ep0 maxpacket: 16
[  271.408638][ T5912] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.451367][ T5912] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.463601][ T5912] usb 7-1: config 0 interface 0 has no altsetting 0
[  271.470518][ T5912] usb 7-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  271.481433][ T5912] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.509340][ T5912] usb 7-1: config 0 descriptor??
[  271.758134][ T8584] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  271.767738][ T8584] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  271.827408][ T8585] netlink: 244 bytes leftover after parsing attributes in process `syz.4.738'.
[  272.375979][ T5912] hid (null): unknown global tag 0xe
[  272.382546][ T5912] hid (null): invalid report_size 9273
[  272.391841][ T5912] input: HID 0458:5013 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0458:5013.0016/input/input35
[  272.423901][ T5912] input: HID 0458:5013 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0458:5013.0016/input/input36
[  272.463829][ T5912] kye 0003:0458:5013.0016: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.6-1/input0
[  272.580826][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  272.586969][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  272.643364][ T5912] usb 7-1: USB disconnect, device number 4
[  272.852765][ T8595] program syz.4.741 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  272.892259][ T8596] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  272.902231][ T8596] SELinux: failed to load policy
[  274.717954][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  275.225454][ T8603] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  277.271171][ T5912] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  277.605757][ T8630] netlink: 'syz.5.751': attribute type 4 has an invalid length.
[  278.611066][ T5912] usb 4-1: Using ep0 maxpacket: 16
[  278.956889][ T8635] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8635 comm=syz.5.751
[  278.970999][ T8635] netlink: 36 bytes leftover after parsing attributes in process `syz.5.751'.
[  278.981737][ T5912] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.280552][ T5912] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  279.290370][ T5912] usb 4-1: config 0 interface 0 has no altsetting 0
[  279.297221][ T5912] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  279.306945][ T5912] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.470924][ T5912] usb 4-1: config 0 descriptor??
[  280.063448][   T29] audit: type=1800 audit(1732624272.762:515): pid=8630 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.751" name="/" dev="9p" ino=2 res=0 errno=0
[  280.302158][ T5912] usbhid 4-1:0.0: can't add hid device: -71
[  280.308182][ T5912] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  281.051702][ T5912] usb 4-1: USB disconnect, device number 12
[  281.512210][ T8656] VFS: could not find a valid V7 on nullb0.
[  281.519778][ T8656] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  282.383470][ T8668] FAULT_INJECTION: forcing a failure.
[  282.383470][ T8668] name failslab, interval 1, probability 0, space 0, times 0
[  282.396300][ T8668] CPU: 0 UID: 0 PID: 8668 Comm: syz.3.759 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  282.406537][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  282.416587][ T8668] Call Trace:
[  282.419860][ T8668]  <TASK>
[  282.422787][ T8668]  dump_stack_lvl+0x16c/0x1f0
[  282.427469][ T8668]  should_fail_ex+0x497/0x5b0
[  282.432150][ T8668]  ? fs_reclaim_acquire+0xae/0x150
[  282.437257][ T8668]  should_failslab+0xc2/0x120
[  282.441941][ T8668]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  282.447747][ T8668]  ? __alloc_skb+0x2b1/0x380
[  282.452354][ T8668]  __alloc_skb+0x2b1/0x380
[  282.456772][ T8668]  ? __pfx___alloc_skb+0x10/0x10
[  282.461714][ T8668]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  282.468042][ T8668]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  282.474725][ T8668]  netlink_alloc_large_skb+0x69/0x130
[  282.480102][ T8668]  netlink_sendmsg+0x689/0xd70
[  282.484903][ T8668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  282.490197][ T8668]  ____sys_sendmsg+0xaaf/0xc90
[  282.494963][ T8668]  ? copy_msghdr_from_user+0x10b/0x160
[  282.500425][ T8668]  ? __pfx_____sys_sendmsg+0x10/0x10
[  282.505722][ T8668]  ___sys_sendmsg+0x135/0x1e0
[  282.510395][ T8668]  ? __pfx____sys_sendmsg+0x10/0x10
[  282.515607][ T8668]  ? __pfx_lock_release+0x10/0x10
[  282.520628][ T8668]  ? trace_lock_acquire+0x146/0x1e0
[  282.525838][ T8668]  ? __fget_files+0x206/0x3a0
[  282.530520][ T8668]  __sys_sendmsg+0x16e/0x220
[  282.535106][ T8668]  ? __pfx___sys_sendmsg+0x10/0x10
[  282.540222][ T8668]  ? __secure_computing+0x273/0x3f0
[  282.545418][ T8668]  do_syscall_64+0xcd/0x250
[  282.549925][ T8668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.555820][ T8668] RIP: 0033:0x7fc9bff7e819
[  282.560233][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.579842][ T8668] RSP: 002b:00007fc9c0cdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  282.588259][ T8668] RAX: ffffffffffffffda RBX: 00007fc9c0136160 RCX: 00007fc9bff7e819
[  282.596237][ T8668] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000009
[  282.604210][ T8668] RBP: 00007fc9c0cdc090 R08: 0000000000000000 R09: 0000000000000000
[  282.612181][ T8668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.620154][ T8668] R13: 0000000000000000 R14: 00007fc9c0136160 R15: 00007ffcd7a04258
[  282.628136][ T8668]  </TASK>
[  282.631229][    C0] vkms_vblank_simulate: vblank timer overrun
[  282.876639][ T5834] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  283.312516][ T5834] usb 1-1: Using ep0 maxpacket: 32
[  283.386144][ T5834] usb 1-1: config 0 has an invalid interface number: 126 but max is 0
[  283.394900][ T5834] usb 1-1: config 0 has no interface number 0
[  283.506012][ T5834] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  283.636709][ T5834] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  283.682998][ T5834] usb 1-1: config 0 interface 126 has no altsetting 0
[  283.713086][ T5834] usb 1-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  283.738694][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.892863][ T5834] usb 1-1: Product: syz
[  283.897086][ T5834] usb 1-1: Manufacturer: syz
[  283.902029][ T5834] usb 1-1: SerialNumber: syz
[  283.918958][ T5834] usb 1-1: config 0 descriptor??
[  283.924823][ T8667] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  283.971367][ T8683] netlink: 56 bytes leftover after parsing attributes in process `syz.5.763'.
[  284.537178][ T8667] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  284.887531][ T8691] FAULT_INJECTION: forcing a failure.
[  284.887531][ T8691] name failslab, interval 1, probability 0, space 0, times 0
[  284.900398][ T8691] CPU: 1 UID: 0 PID: 8691 Comm: syz.5.766 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  284.910728][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  284.920778][ T8691] Call Trace:
[  284.924051][ T8691]  <TASK>
[  284.926977][ T8691]  dump_stack_lvl+0x16c/0x1f0
[  284.931656][ T8691]  should_fail_ex+0x497/0x5b0
[  284.936337][ T8691]  ? fs_reclaim_acquire+0xae/0x150
[  284.941449][ T8691]  should_failslab+0xc2/0x120
[  284.946128][ T8691]  __kmalloc_noprof+0xcb/0x510
[  284.950977][ T8691]  ? d_absolute_path+0x137/0x1b0
[  284.955916][ T8691]  ? rcu_is_watching+0x12/0xc0
[  284.960684][ T8691]  tomoyo_encode2+0x100/0x3e0
[  284.965365][ T8691]  tomoyo_encode+0x29/0x50
[  284.969789][ T8691]  tomoyo_realpath_from_path+0x19d/0x720
[  284.975430][ T8691]  tomoyo_path_number_perm+0x248/0x590
[  284.980888][ T8691]  ? tomoyo_path_number_perm+0x235/0x590
[  284.986520][ T8691]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  284.992525][ T8691]  ? __pfx_lock_release+0x10/0x10
[  284.997548][ T8691]  ? trace_lock_acquire+0x146/0x1e0
[  285.002752][ T8691]  ? lock_acquire+0x2f/0xb0
[  285.007256][ T8691]  ? __fget_files+0x40/0x3a0
[  285.011849][ T8691]  ? __fget_files+0x206/0x3a0
[  285.016527][ T8691]  security_file_ioctl+0x9b/0x240
[  285.021555][ T8691]  __x64_sys_ioctl+0xb7/0x200
[  285.026238][ T8691]  do_syscall_64+0xcd/0x250
[  285.030748][ T8691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.036643][ T8691] RIP: 0033:0x7f810397e819
[  285.041051][ T8691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.060662][ T8691] RSP: 002b:00007f81017b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  285.069076][ T8691] RAX: ffffffffffffffda RBX: 00007f8103b36160 RCX: 00007f810397e819
[  285.077046][ T8691] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007
[  285.085011][ T8691] RBP: 00007f81017b4090 R08: 0000000000000000 R09: 0000000000000000
[  285.092981][ T8691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.100945][ T8691] R13: 0000000000000000 R14: 00007f8103b36160 R15: 00007fff9602bcc8
[  285.108929][ T8691]  </TASK>
[  285.112501][ T8691] ERROR: Out of memory at tomoyo_realpath_from_path.
[  285.156507][ T5834] ir_usb 1-1:0.126: IR Dongle converter detected
[  285.166423][ T5834] usb 1-1: IRDA class descriptor not found, device not bound
[  285.185266][ T5834] usb 1-1: USB disconnect, device number 27
[  285.260973][ T5882] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  285.412623][ T5882] usb 4-1: Using ep0 maxpacket: 16
[  285.501097][ T8696] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  285.864556][ T5882] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  285.875549][ T5882] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  285.885574][ T5882] usb 4-1: config 0 interface 0 has no altsetting 0
[  285.885949][ T8696] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  285.892328][ T5882] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  285.907395][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.929418][ T5882] usb 4-1: config 0 descriptor??
[  286.038551][ T8698] netlink: 'syz.5.767': attribute type 4 has an invalid length.
[  286.065115][   T29] audit: type=1800 audit(1732624278.762:516): pid=8698 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.767" name="/" dev="9p" ino=2 res=0 errno=0
[  286.071887][ T8698] netlink: 'syz.5.767': attribute type 8 has an invalid length.
[  286.093133][ T8698] netlink: 8 bytes leftover after parsing attributes in process `syz.5.767'.
[  286.198689][ T8700] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  286.332587][ T8702] netlink: 'syz.0.769': attribute type 4 has an invalid length.
[  286.345954][ T5882] hid (null): unknown global tag 0xe
[  286.353291][ T5882] hid (null): invalid report_size 9273
[  286.375328][ T5882] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.0017/input/input37
[  286.387374][   T29] audit: type=1800 audit(1732624279.072:517): pid=8702 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.769" name="/" dev="9p" ino=2 res=0 errno=0
[  286.388473][ T8702] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8702 comm=syz.0.769
[  286.425186][ T8702] netlink: 36 bytes leftover after parsing attributes in process `syz.0.769'.
[  286.474236][ T5882] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.0017/input/input38
[  286.534224][ T5882] kye 0003:0458:5013.0017: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.3-1/input0
[  286.565758][ T5882] usb 4-1: USB disconnect, device number 13
[  287.763363][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  287.981211][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  288.026750][   T29] audit: type=1400 audit(1732624280.702:518): avc:  denied  { accept } for  pid=8711 comm="syz.3.773" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  288.041609][ T8716] overlayfs: missing 'workdir'
[  288.463869][ T8726] program syz.5.776 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.665358][ T8728] netlink: 'syz.6.778': attribute type 13 has an invalid length.
[  288.841019][   T47] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  289.172609][ T8728] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  289.178950][ T8728] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  289.372071][   T47] usb 5-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  289.381222][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.391386][   T47] usb 5-1: config 0 descriptor??
[  289.550976][  T116] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  289.962098][  T116] usb 1-1: Using ep0 maxpacket: 32
[  289.970642][  T116] usb 1-1: config 0 has an invalid interface number: 126 but max is 0
[  289.993327][  T116] usb 1-1: config 0 has no interface number 0
[  290.005564][  T116] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  290.021967][  T116] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  290.136916][  T116] usb 1-1: config 0 interface 126 has no altsetting 0
[  290.146295][  T116] usb 1-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  290.155859][  T116] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.163962][  T116] usb 1-1: Product: syz
[  290.168455][  T116] usb 1-1: Manufacturer: syz
[  290.173692][  T116] usb 1-1: SerialNumber: syz
[  290.179054][   T47] hackrf 5-1:0.0: Board ID: 00
[  290.184934][   T47] hackrf 5-1:0.0: Firmware version: 
[  290.191022][  T116] usb 1-1: config 0 descriptor??
[  290.196676][ T8733] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  290.199116][   T47] hackrf 5-1:0.0: Registered as swradio24
[  290.205210][ T8733] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  290.210514][   T47] videodev: could not get a free minor
[  290.223650][   T47] hackrf 5-1:0.0: Failed to register as video device (-23)
[  290.257116][   T47] hackrf 5-1:0.0: probe with driver hackrf failed with error -23
[  290.778085][   T47] usb 5-1: USB disconnect, device number 25
[  290.961605][  T116] ir_usb 1-1:0.126: IR Dongle converter detected
[  290.968221][  T116] usb 1-1: IRDA class descriptor not found, device not bound
[  290.989332][  T116] usb 1-1: USB disconnect, device number 28
[  291.016296][ T8747] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  291.025840][ T8747] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  291.067363][ T8749] netlink: 244 bytes leftover after parsing attributes in process `syz.5.782'.
[  291.200560][ T8751] netlink: 'syz.6.783': attribute type 4 has an invalid length.
[  291.230441][   T29] audit: type=1800 audit(1732624283.922:519): pid=8751 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.783" name="/" dev="9p" ino=2 res=0 errno=0
[  291.252669][ T8751] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8751 comm=syz.6.783
[  291.253209][ T8751] netlink: 36 bytes leftover after parsing attributes in process `syz.6.783'.
[  291.270724][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  291.281643][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  291.780998][ T5882] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  292.791702][ T5882] usb 1-1: Using ep0 maxpacket: 16
[  292.842742][ T5882] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.870939][ T8759] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  292.877026][ T8759] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  292.882072][ T5882] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.893322][ T5882] usb 1-1: config 0 interface 0 has no altsetting 0
[  292.899993][ T5882] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  292.908045][ T8763] overlayfs: missing 'workdir'
[  292.909285][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.927491][ T5882] usb 1-1: config 0 descriptor??
[  293.406758][ T5834] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  293.528603][ T8774] program syz.3.790 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  294.057352][ T5882] hid (null): unknown global tag 0xe
[  294.063036][ T5882] hid (null): invalid report_size 9273
[  294.072401][ T5882] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0018/input/input40
[  294.103900][ T5882] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0018/input/input41
[  294.143134][ T5834] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  294.154378][ T5834] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.172384][ T5834] usb 7-1: config 0 descriptor??
[  294.225044][ T5882] kye 0003:0458:5013.0018: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  294.255446][ T5882] usb 1-1: USB disconnect, device number 29
[  294.396615][ T8765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  294.410527][ T8765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  294.513929][ T8781] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  294.524050][ T8781] SELinux: failed to load policy
[  294.854265][ T5834] ath6kl: Failed to submit usb control message: -71
[  294.889283][ T5834] ath6kl: unable to send the bmi data to the device: -71
[  294.898677][ T5834] ath6kl: Unable to send get target info: -71
[  294.911186][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  294.917256][ T5834] ath6kl: Failed to init ath6kl core: -71
[  294.923514][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  294.924368][ T5834] ath6kl_usb 7-1:0.0: probe with driver ath6kl_usb failed with error -71
[  294.975133][ T5834] usb 7-1: USB disconnect, device number 5
[  295.247280][ T8791] netlink: 8 bytes leftover after parsing attributes in process `syz.3.794'.
[  295.329085][  T116] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  295.520913][   T47] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  295.536999][    C1] raw-gadget.1 gadget.0: ignoring, device is not running
[  295.548531][  T116] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.587150][  T116] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.637041][  T116] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  295.646325][  T116] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.656944][  T116] usb 5-1: config 0 descriptor??
[  295.721502][   T47] usb 1-1: device descriptor read/64, error -32
[  295.885621][ T8800] FAULT_INJECTION: forcing a failure.
[  295.885621][ T8800] name failslab, interval 1, probability 0, space 0, times 0
[  295.898519][ T8800] CPU: 0 UID: 0 PID: 8800 Comm: syz.3.798 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  295.908772][ T8800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  295.919090][ T8800] Call Trace:
[  295.922360][ T8800]  <TASK>
[  295.925271][ T8800]  dump_stack_lvl+0x16c/0x1f0
[  295.929954][ T8800]  should_fail_ex+0x497/0x5b0
[  295.934627][ T8800]  ? fs_reclaim_acquire+0xae/0x150
[  295.939724][ T8800]  should_failslab+0xc2/0x120
[  295.944400][ T8800]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  295.950191][ T8800]  ? __alloc_skb+0x2b1/0x380
[  295.954782][ T8800]  __alloc_skb+0x2b1/0x380
[  295.959206][ T8800]  ? __pfx___alloc_skb+0x10/0x10
[  295.964152][ T8800]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  295.970121][ T8800]  netlink_alloc_large_skb+0x69/0x130
[  295.975494][ T8800]  netlink_sendmsg+0x689/0xd70
[  295.980268][ T8800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.985550][ T8800]  ____sys_sendmsg+0xaaf/0xc90
[  295.990295][ T8800]  ? copy_msghdr_from_user+0x10b/0x160
[  295.995734][ T8800]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.001017][ T8800]  ___sys_sendmsg+0x135/0x1e0
[  296.005691][ T8800]  ? __pfx____sys_sendmsg+0x10/0x10
[  296.010905][ T8800]  ? __pfx_lock_release+0x10/0x10
[  296.015922][ T8800]  ? trace_lock_acquire+0x146/0x1e0
[  296.021130][ T8800]  ? __fget_files+0x206/0x3a0
[  296.025804][ T8800]  __sys_sendmsg+0x16e/0x220
[  296.030387][ T8800]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.035495][ T8800]  do_syscall_64+0xcd/0x250
[  296.039993][ T8800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.045867][ T8800] RIP: 0033:0x7fc9bff7e819
[  296.050265][ T8800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.056737][   T47] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  296.069859][ T8800] RSP: 002b:00007fc9c0d1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.069883][ T8800] RAX: ffffffffffffffda RBX: 00007fc9c0135fa0 RCX: 00007fc9bff7e819
[  296.069894][ T8800] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000003
[  296.069905][ T8800] RBP: 00007fc9c0d1e090 R08: 0000000000000000 R09: 0000000000000000
[  296.069916][ T8800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.069927][ T8800] R13: 0000000000000000 R14: 00007fc9c0135fa0 R15: 00007ffcd7a04258
[  296.069948][ T8800]  </TASK>
[  296.285194][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.298762][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.306270][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.314024][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.321456][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.328837][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.336580][  T116] steelseries 0003:1038:1410.0019: unknown main item tag 0x0
[  296.344327][  T116] steelseries 0003:1038:1410.0019: missing HID_OUTPUT_REPORT 0
[  296.416499][   T29] audit: type=1400 audit(1732624289.112:520): avc:  denied  { write } for  pid=8782 comm="syz.4.793" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  296.439466][    C1] vkms_vblank_simulate: vblank timer overrun
[  296.537292][ T5834] usb 5-1: USB disconnect, device number 26
[  296.911195][   T47] usb 1-1: Using ep0 maxpacket: 32
[  296.951049][ T8816] VFS: could not find a valid V7 on nullb0.
[  296.964838][ T8816] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  297.054785][   T47] usb 1-1: config index 0 descriptor too short (expected 32410, got 154)
[  297.300770][   T47] usb 1-1: config 1 has too many interfaces: 39, using maximum allowed: 32
[  297.429091][   T47] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  297.439238][   T47] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 39
[  297.451076][   T47] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  297.460303][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.473280][   T47] usb 1-1: Product: syz
[  297.477463][   T47] usb 1-1: Manufacturer: syz
[  297.482411][   T47] usb 1-1: SerialNumber: syz
[  297.754308][ T8828] netlink: 'syz.5.803': attribute type 13 has an invalid length.
[  298.565107][   T47] usb 1-1: Audio class v2/v3 interfaces need an interface association
[  298.590362][   T47] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  298.605107][   T47] usb 1-1: USB disconnect, device number 31
[  298.665585][ T5826] udevd[5826]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  299.625888][ T8828] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  299.805138][ T8828] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  299.992414][ T8841] netlink: 140 bytes leftover after parsing attributes in process `syz.5.808'.
[  300.011540][ T8841] netlink: 140 bytes leftover after parsing attributes in process `syz.5.808'.
[  300.121050][   T47] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  300.313090][   T47] usb 7-1: Using ep0 maxpacket: 16
[  300.321847][   T47] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.337332][   T47] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.506678][   T47] usb 7-1: config 0 interface 0 has no altsetting 0
[  300.519707][   T47] usb 7-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  300.553900][   T47] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.565500][   T47] usb 7-1: config 0 descriptor??
[  300.571429][   T47] usb 7-1: can't set config #0, error -71
[  300.580606][   T47] usb 7-1: USB disconnect, device number 6
[  300.680822][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  301.862438][ T8868] VFS: could not find a valid V7 on nullb0.
[  301.869715][ T8868] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  301.872299][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  302.847571][ T8867] FAULT_INJECTION: forcing a failure.
[  302.847571][ T8867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.862712][ T8879] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  302.911074][ T8867] CPU: 0 UID: 0 PID: 8867 Comm: syz.5.816 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  302.921352][ T8867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  302.931395][ T8867] Call Trace:
[  302.934660][ T8867]  <TASK>
[  302.937574][ T8867]  dump_stack_lvl+0x16c/0x1f0
[  302.942240][ T8867]  should_fail_ex+0x497/0x5b0
[  302.946908][ T8867]  _copy_to_user+0x32/0xd0
[  302.951310][ T8867]  simple_read_from_buffer+0xd0/0x160
[  302.956670][ T8867]  proc_fail_nth_read+0x198/0x270
[  302.961683][ T8867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  302.967217][ T8867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  302.972751][ T8867]  vfs_read+0x1df/0xbe0
[  302.976888][ T8867]  ? __fget_files+0x1fc/0x3a0
[  302.981545][ T8867]  ? __pfx___mutex_lock+0x10/0x10
[  302.986554][ T8867]  ? __pfx_vfs_read+0x10/0x10
[  302.991219][ T8867]  ? __fget_files+0x206/0x3a0
[  302.995882][ T8867]  ksys_read+0x12b/0x250
[  303.000104][ T8867]  ? __pfx_ksys_read+0x10/0x10
[  303.004857][ T8867]  do_syscall_64+0xcd/0x250
[  303.009345][ T8867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.015224][ T8867] RIP: 0033:0x7f810397d25c
[  303.019623][ T8867] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  303.039214][ T8867] RSP: 002b:00007f81017f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  303.047609][ T8867] RAX: ffffffffffffffda RBX: 00007f8103b35fa0 RCX: 00007f810397d25c
[  303.055563][ T8867] RDX: 000000000000000f RSI: 00007f81017f60a0 RDI: 0000000000000004
[  303.063515][ T8867] RBP: 00007f81017f6090 R08: 0000000000000000 R09: 0000000000000000
[  303.071466][ T8867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.079417][ T8867] R13: 0000000000000000 R14: 00007f8103b35fa0 R15: 00007fff9602bcc8
[  303.087380][ T8867]  </TASK>
[  303.383770][ T8888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.820'.
[  304.323471][ T5882] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  304.337588][ T8902] vxcan1: entered promiscuous mode
[  304.347040][ T8902] vxcan1: left promiscuous mode
[  304.354640][ T8902] netlink: 16 bytes leftover after parsing attributes in process `syz.4.826'.
[  304.618924][ T8905] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  304.628949][ T8905] SELinux: failed to load policy
[  305.662238][ T5882] usb 4-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  305.671394][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.695011][ T5882] usb 4-1: config 0 descriptor??
[  306.577510][ T5882] hackrf 4-1:0.0: Board ID: 00
[  306.582542][ T5882] hackrf 4-1:0.0: Firmware version: 
[  306.590207][ T5882] hackrf 4-1:0.0: Registered as swradio24
[  306.601089][ T5882] videodev: could not get a free minor
[  306.612803][ T5882] hackrf 4-1:0.0: Failed to register as video device (-23)
[  306.622561][ T5882] hackrf 4-1:0.0: probe with driver hackrf failed with error -23
[  307.427329][  T116] usb 4-1: USB disconnect, device number 14
[  307.525721][   T29] audit: type=1400 audit(1732624300.212:521): avc:  denied  { append } for  pid=8932 comm="syz.5.834" name="001" dev="devtmpfs" ino=747 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  308.328768][ T8949] 9pnet_fd: Insufficient options for proto=fd
[  308.416903][ T8955] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  308.427058][ T8955] SELinux: failed to load policy
[  310.836076][   T29] audit: type=1400 audit(1732624303.292:522): avc:  denied  { listen } for  pid=8961 comm="syz.6.844" lport=56746 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  310.890784][    T8] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  310.938584][   T29] audit: type=1400 audit(1732624303.292:523): avc:  denied  { accept } for  pid=8961 comm="syz.6.844" lport=56746 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  311.166086][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  311.176318][    T8] usb 4-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice= 0.40
[  311.185546][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.193978][    T8] usb 4-1: Product: syz
[  311.198181][    T8] usb 4-1: Manufacturer: syz
[  311.695541][    T8] usb 4-1: SerialNumber: syz
[  311.743998][ T8984] FAULT_INJECTION: forcing a failure.
[  311.743998][ T8984] name failslab, interval 1, probability 0, space 0, times 0
[  311.757210][ T8984] CPU: 0 UID: 0 PID: 8984 Comm: syz.6.848 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  311.767440][ T8984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  311.777486][ T8984] Call Trace:
[  311.780752][ T8984]  <TASK>
[  311.783671][ T8984]  dump_stack_lvl+0x16c/0x1f0
[  311.788336][ T8984]  should_fail_ex+0x497/0x5b0
[  311.793004][ T8984]  should_failslab+0xc2/0x120
[  311.797669][ T8984]  __kmalloc_noprof+0xcb/0x510
[  311.802424][ T8984]  io_cqring_event_overflow+0xcb/0x6f0
[  311.807871][ T8984]  io_req_cqe_overflow+0x101/0x1e0
[  311.812966][ T8984]  __io_submit_flush_completions+0x8d9/0x1c00
[  311.819025][ T8984]  io_submit_sqes+0xa21/0x25e0
[  311.823785][ T8984]  __do_sys_io_uring_enter+0xd2d/0x1530
[  311.829323][ T8984]  ? __fget_files+0x206/0x3a0
[  311.833982][ T8984]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  311.839953][ T8984]  ? fput+0x67/0x440
[  311.843835][ T8984]  ? ksys_write+0x1ba/0x250
[  311.848320][ T8984]  ? __pfx_ksys_write+0x10/0x10
[  311.853159][ T8984]  do_syscall_64+0xcd/0x250
[  311.857649][ T8984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.863526][ T8984] RIP: 0033:0x7f846cf7e819
[  311.867922][ T8984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.887512][ T8984] RSP: 002b:00007f846dca8038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  311.895911][ T8984] RAX: ffffffffffffffda RBX: 00007f846d135fa0 RCX: 00007f846cf7e819
[  311.903865][ T8984] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000003
[  311.911816][ T8984] RBP: 00007f846dca8090 R08: 0000000000000000 R09: 0000000000000000
[  311.919765][ T8984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.927719][ T8984] R13: 0000000000000000 R14: 00007f846d135fa0 R15: 00007fffc54a1218
[  311.935681][ T8984]  </TASK>
[  312.051096][    T8] ldusb 4-1:3.0: Interrupt in endpoint not found
[  312.074016][   T29] audit: type=1400 audit(1732624304.772:524): avc:  denied  { bind } for  pid=8985 comm="syz.5.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  312.141285][   T29] audit: type=1400 audit(1732624304.772:525): avc:  denied  { name_bind } for  pid=8985 comm="syz.5.850" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  312.262799][   T29] audit: type=1400 audit(1732624304.772:526): avc:  denied  { node_bind } for  pid=8985 comm="syz.5.850" saddr=127.0.0.1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  312.312414][    T8] usb 4-1: USB disconnect, device number 15
[  312.508656][ T8992] netlink: 8 bytes leftover after parsing attributes in process `syz.4.849'.
[  313.801882][  T116] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  314.146973][  T116] usb 6-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  314.157528][  T116] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.248851][  T116] usb 6-1: config 0 descriptor??
[  314.500792][   T29] audit: type=1400 audit(1732624307.192:527): avc:  denied  { mount } for  pid=9002 comm="syz.3.855" name="/" dev="ramfs" ino=22221 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  314.565234][   T29] audit: type=1400 audit(1732624307.262:528): avc:  denied  { unmount } for  pid=9002 comm="syz.3.855" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  314.568267][ T9004] Process accounting resumed
[  314.616449][ T9014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.854'.
[  314.661670][  T116] hackrf 6-1:0.0: Board ID: 00
[  314.666446][  T116] hackrf 6-1:0.0: Firmware version: 
[  314.672794][  T116] hackrf 6-1:0.0: Registered as swradio24
[  314.678519][  T116] videodev: could not get a free minor
[  314.691300][  T116] hackrf 6-1:0.0: Failed to register as video device (-23)
[  314.725733][  T116] hackrf 6-1:0.0: probe with driver hackrf failed with error -23
[  314.786955][ T9018] netlink: 16 bytes leftover after parsing attributes in process `syz.0.858'.
[  314.809694][ T9017] netlink: 12 bytes leftover after parsing attributes in process `syz.6.853'.
[  314.881144][  T116] usb 6-1: USB disconnect, device number 5
[  315.242655][   T29] audit: type=1400 audit(1732624307.932:529): avc:  denied  { ioctl } for  pid=9025 comm="syz.4.861" path="socket:[22233]" dev="sockfs" ino=22233 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  315.267268][    C1] vkms_vblank_simulate: vblank timer overrun
[  316.058791][ T9033] 9pnet_fd: Insufficient options for proto=fd
[  316.314671][ T9039] netlink: 'syz.4.862': attribute type 13 has an invalid length.
[  316.834911][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  316.841333][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  318.831098][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  318.840340][ T9039] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  318.903052][ T9039] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  319.330968][  T116] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  319.338722][   T47] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  319.346666][ T5912] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  319.501814][  T116] usb 4-1: Using ep0 maxpacket: 8
[  319.542810][ T5912] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.589104][  T116] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  319.605967][ T5912] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.626701][  T116] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  319.739280][ T5912] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  319.954434][  T116] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  319.975390][ T5912] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.987358][  T116] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.003621][ T5912] usb 6-1: config 0 descriptor??
[  320.012319][  T116] usb 4-1: Product: syz
[  320.016464][  T116] usb 4-1: Manufacturer: syz
[  320.024354][ T5912] usb 6-1: can't set config #0, error -71
[  320.030066][  T116] usb 4-1: SerialNumber: syz
[  320.037617][ T5912] usb 6-1: USB disconnect, device number 6
[  320.048799][  T116] usb 4-1: config 0 descriptor??
[  320.169002][ T9067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  320.308934][ T9054] befs: (nbd3): No write support. Marking filesystem read-only
[  320.325163][ T9054] syz.3.870: attempt to access beyond end of device
[  320.325163][ T9054] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0
[  320.417597][ T5912] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  320.931239][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  321.330285][  T116] usb 4-1: USB disconnect, device number 16
[  321.387297][ T5912] usb 6-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  321.409638][ T5912] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.438378][ T5912] usb 6-1: config 0 descriptor??
[  321.666242][ T9093] netlink: 'syz.0.879': attribute type 13 has an invalid length.
[  322.067376][ T9095] Illegal XDP return value 4294967274 on prog  (id 227) dev N/A, expect packet loss!
[  322.324214][ T5912] hackrf 6-1:0.0: Board ID: 00
[  322.329332][ T5912] hackrf 6-1:0.0: Firmware version: 
[  322.336169][ T5912] hackrf 6-1:0.0: Registered as swradio24
[  322.341941][ T5912] videodev: could not get a free minor
[  322.347386][ T5912] hackrf 6-1:0.0: Failed to register as video device (-23)
[  322.361659][ T5912] hackrf 6-1:0.0: probe with driver hackrf failed with error -23
[  322.824300][ T5912] usb 6-1: USB disconnect, device number 7
[  323.547200][ T9113] netlink: 4 bytes leftover after parsing attributes in process `syz.5.884'.
[  323.790771][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  323.790949][ T9093] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  324.450430][ T9093] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  324.597291][ T9110] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  325.055942][ T9124] netlink: 'syz.4.885': attribute type 13 has an invalid length.
[  325.905810][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  326.096555][ T9136] netlink: 244 bytes leftover after parsing attributes in process `syz.6.888'.
[  326.108881][ T9135] 9pnet_fd: Insufficient options for proto=fd
[  326.127319][ T9132] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  326.137183][ T9132] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  326.208048][ T9138] 9pnet_fd: Insufficient options for proto=fd
[  327.526436][ T9124] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  327.532641][ T9124] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  328.346158][ T9159] netlink: 'syz.5.897': attribute type 13 has an invalid length.
[  328.441210][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  330.179219][ T9174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.901'.
[  330.468605][ T9159] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  330.474870][ T9159] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  331.034379][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  331.792670][ T9189] 9pnet_fd: Insufficient options for proto=fd
[  332.455344][ T9198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.902'.
[  332.510742][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  332.558292][ T9204] warning: `syz.5.909' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  332.671066][ T9206] netlink: 'syz.6.908': attribute type 13 has an invalid length.
[  334.894312][ T9221] program syz.5.913 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  335.018384][ T9223] fuse: Bad value for 'fd'
[  335.161647][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  335.230983][ T9206] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  335.293122][ T9206] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  335.381412][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  336.055762][ T9232] netlink: 'syz.6.914': attribute type 13 has an invalid length.
[  336.214981][ T9234] netlink: 8 bytes leftover after parsing attributes in process `syz.4.916'.
[  337.202136][   T29] audit: type=1400 audit(1732624329.892:530): avc:  denied  { name_bind } for  pid=9239 comm="syz.4.918" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  337.252051][   T29] audit: type=1400 audit(1732624329.952:531): avc:  denied  { ioctl } for  pid=9239 comm="syz.4.918" path="socket:[23560]" dev="sockfs" ino=23560 ioctlcmd=0x6615 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  337.328616][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  338.523307][ T9232] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  338.530430][ T9232] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  338.896204][ T9240] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  339.071339][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  339.242734][ T9265] program syz.6.923 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  339.983515][ T9269] netlink: 'syz.4.925': attribute type 4 has an invalid length.
[  340.967691][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  341.311757][ T9273] vxcan1: entered promiscuous mode
[  341.319186][ T9276] netlink: 'syz.5.926': attribute type 13 has an invalid length.
[  341.614003][ T9285] program syz.6.928 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  341.742774][ T9287] fuse: Bad value for 'fd'
[  343.000482][ T9277] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  343.007033][ T9277] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  343.271410][   T29] audit: type=1400 audit(1732624335.972:532): avc:  denied  { execute } for  pid=9294 comm="syz.5.932" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  343.376757][    T8] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  343.630872][    T8] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  343.656660][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  343.662834][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  343.673962][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  343.684412][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  343.697890][    T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  343.707039][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.717584][    T8] usb 4-1: config 0 descriptor??
[  344.641123][  T116] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  344.960715][  T116] usb 5-1: Using ep0 maxpacket: 32
[  344.988564][ T9295] Process accounting resumed
[  345.252570][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  345.297192][    T8] usbhid 4-1:0.0: can't add hid device: -71
[  345.768978][    T8] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  345.778512][    T8] usb 4-1: USB disconnect, device number 17
[  345.850285][  T116] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=4d.52
[  345.873138][  T116] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.898821][   T29] audit: type=1400 audit(1732624338.592:533): avc:  denied  { mounton } for  pid=9321 comm="syz.6.941" path="/proc/208/task" dev="proc" ino=22808 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  345.899591][  T116] usb 5-1: Product: syz
[  345.934773][  T116] usb 5-1: Manufacturer: syz
[  345.939691][  T116] usb 5-1: SerialNumber: syz
[  345.983951][ T9331] program syz.3.940 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  346.051696][  T116] usb 5-1: config 0 descriptor??
[  346.088893][  T116] usb_ehset_test 5-1:0.0: probe with driver usb_ehset_test failed with error -32
[  346.145107][ T5912] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  346.321281][ T5912] usb 6-1: Using ep0 maxpacket: 32
[  346.349262][ T5912] usb 6-1: config 0 has an invalid interface number: 182 but max is 0
[  346.426588][ T5912] usb 6-1: config 0 has no interface number 0
[  346.469626][ T5912] usb 6-1: config 0 interface 182 has no altsetting 0
[  346.479091][ T5912] usb 6-1: New USB device found, idVendor=07cf, idProduct=1001, bcdDevice=8d.fa
[  346.489963][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.498399][ T5912] usb 6-1: Product: syz
[  346.503421][ T5912] usb 6-1: Manufacturer: syz
[  346.508116][ T5912] usb 6-1: SerialNumber: syz
[  346.521906][ T5912] usb 6-1: config 0 descriptor??
[  346.533971][ T5912] usb-storage 6-1:0.182: USB Mass Storage device detected
[  346.560834][ T5912] usb-storage 6-1:0.182: Quirks match for vid 07cf pid 1001: a
[  346.576416][  T116] usb 5-1: USB disconnect, device number 27
[  346.749443][ T5882] usb 6-1: USB disconnect, device number 8
[  347.037779][ T9340] netlink: 'syz.6.943': attribute type 13 has an invalid length.
[  347.171190][ T9340] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  347.183403][ T9340] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  347.539189][ T9344] tmpfs: Bad value for 'mpol'
[  348.316653][ T9362] netlink: 12 bytes leftover after parsing attributes in process `syz.5.946'.
[  348.903088][ T9367] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  348.913471][ T9367] SELinux: failed to load policy
[  349.170231][ T9358] Process accounting resumed
[  349.231287][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  349.231355][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  349.251132][ T5882] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  349.402543][ T5882] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  349.456966][ T5882] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  349.476126][ T5882] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  349.574490][ T9380] binder: 9375:9380 ioctl 4020aed2 200000c0 returned -22
[  349.597298][   T29] audit: type=1400 audit(1732624342.252:534): avc:  denied  { write } for  pid=9375 comm="syz.0.953" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  349.987103][ T5882] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  350.047996][ T5882] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  350.057168][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.243456][ T5882] usb 4-1: config 0 descriptor??
[  350.333757][ T9388] program syz.0.955 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  354.891715][ T9421] 9pnet_fd: Insufficient options for proto=fd
[  354.904720][ T9421] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  354.916745][ T9421] batman_adv: batadv0: Adding interface: ip6gretap1
[  354.923528][ T9421] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.949083][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.955759][ T9421] batman_adv: batadv0: Interface activated: ip6gretap1
[  355.001011][ T9420] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  355.011066][ T9420] SELinux: failed to load policy
[  355.437755][ T9427] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  355.447734][ T9427] SELinux: failed to load policy
[  356.342624][ T9429] vxcan1: entered promiscuous mode
[  357.275889][ T5882] usbhid 4-1:0.0: can't add hid device: -71
[  357.282369][ T5882] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  357.295420][ T5882] usb 4-1: USB disconnect, device number 18
[  357.500447][ T9444] program syz.6.969 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  358.154079][ T5882] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  358.510866][ T5882] usb 4-1: Using ep0 maxpacket: 16
[  358.517166][ T5882] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.528959][ T5882] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.200935][ T5882] usb 4-1: config 0 interface 0 has no altsetting 0
[  359.233685][ T5882] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  359.243108][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.294287][ T5882] usb 4-1: config 0 descriptor??
[  360.241653][ T9466] overlay: filesystem on ./bus is read-only
[  360.274406][   T29] audit: type=1400 audit(1732624352.932:535): avc:  denied  { mount } for  pid=9461 comm="syz.0.975" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  360.377191][   T29] audit: type=1400 audit(1732624352.942:536): avc:  denied  { mounton } for  pid=9461 comm="syz.0.975" path="/bus" dev="sysfs" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  360.445777][ T5882] hid (null): unknown global tag 0xe
[  360.451280][ T5882] hid (null): invalid report_size 9273
[  360.831782][ T5882] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.001A/input/input42
[  360.851999][ T5882] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.001A/input/input43
[  360.905872][ T5882] kye 0003:0458:5013.001A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.3-1/input0
[  360.948079][ T5882] usb 4-1: USB disconnect, device number 19
[  362.098922][ T9473] netlink: 'syz.0.977': attribute type 13 has an invalid length.
[  362.765438][ T9484] vxcan1: entered promiscuous mode
[  362.775561][ T9484] vxcan1: left promiscuous mode
[  362.784410][ T9484] netlink: 16 bytes leftover after parsing attributes in process `syz.6.979'.
[  363.979479][ T9479] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  363.985800][ T9479] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  365.146913][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  365.746092][ T9499] vxcan1: left promiscuous mode
[  365.857483][ T9499] netlink: 16 bytes leftover after parsing attributes in process `syz.0.983'.
[  366.158876][ T9511] program syz.3.985 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  366.760337][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  367.440773][  T116] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  367.841976][  T116] usb 1-1: device descriptor read/64, error -71
[  368.294599][ T9529] 9pnet_fd: Insufficient options for proto=fd
[  368.432413][  T116] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  368.646065][  T116] usb 1-1: device descriptor read/64, error -71
[  368.693138][ T9534] VFS: could not find a valid V7 on nullb0.
[  368.701735][ T9534] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  368.772208][  T116] usb usb1-port1: attempt power cycle
[  368.876441][ T9543] netlink: 'syz.4.993': attribute type 13 has an invalid length.
[  369.121451][ T9543] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  369.128069][ T9543] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  369.159982][  T116] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  369.214714][  T116] usb 1-1: device descriptor read/8, error -71
[  369.503860][  T116] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  369.552033][  T116] usb 1-1: device descriptor read/8, error -71
[  369.685871][  T116] usb usb1-port1: unable to enumerate USB device
[  371.242786][   T54] Bluetooth: hci6: command 0x040f tx timeout
[  371.245780][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  371.332676][ T9571] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1001'.
[  372.998401][ T9586] VFS: could not find a valid V7 on nullb0.
[  372.999538][ T9586] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  376.244316][ T9614] netlink: 'syz.3.1014': attribute type 4 has an invalid length.
[  376.674109][ T9614] netlink: 'syz.3.1014': attribute type 8 has an invalid length.
[  376.686823][ T9614] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1014'.
[  377.037933][ T9630] netlink: 'syz.0.1017': attribute type 13 has an invalid length.
[  377.886304][ T9630] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  377.894200][ T9630] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  378.135685][   T29] audit: type=1326 audit(1732624370.832:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  378.168711][   T29] audit: type=1326 audit(1732624370.832:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  378.170719][   T29] audit: type=1326 audit(1732624370.842:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  378.285191][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  378.367544][    C0] vkms_vblank_simulate: vblank timer overrun
[  378.376402][   T29] audit: type=1326 audit(1732624370.982:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  378.376642][   T29] audit: type=1326 audit(1732624371.002:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  378.460690][   T29] audit: type=1326 audit(1732624371.152:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  378.471589][    C0] vkms_vblank_simulate: vblank timer overrun
[  378.523971][    C0] vkms_vblank_simulate: vblank timer overrun
[  378.903848][ T9621] Process accounting resumed
[  378.930955][   T29] audit: type=1326 audit(1732624371.622:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  379.085210][   T29] audit: type=1326 audit(1732624371.622:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  379.117103][ T9646] VFS: could not find a valid V7 on nullb0.
[  379.124490][ T9646] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  379.128858][   T29] audit: type=1326 audit(1732624371.662:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  379.155637][    C0] vkms_vblank_simulate: vblank timer overrun
[  379.447367][   T29] audit: type=1326 audit(1732624371.782:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9635 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x7ffc0000
[  380.003208][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  380.009300][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  382.388083][ T9685] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  382.398042][ T9685] SELinux: failed to load policy
[  382.460157][ T9679] FAULT_INJECTION: forcing a failure.
[  382.460157][ T9679] name failslab, interval 1, probability 0, space 0, times 0
[  382.473181][ T9679] CPU: 1 UID: 0 PID: 9679 Comm: syz.4.1032 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  382.483512][ T9679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  382.493551][ T9679] Call Trace:
[  382.496811][ T9679]  <TASK>
[  382.499733][ T9679]  dump_stack_lvl+0x16c/0x1f0
[  382.504394][ T9679]  should_fail_ex+0x497/0x5b0
[  382.509052][ T9679]  should_failslab+0xc2/0x120
[  382.513709][ T9679]  __kmalloc_noprof+0xcb/0x510
[  382.518464][ T9679]  io_cqring_event_overflow+0xcb/0x6f0
[  382.523910][ T9679]  io_req_cqe_overflow+0x101/0x1e0
[  382.529006][ T9679]  __io_submit_flush_completions+0x8d9/0x1c00
[  382.535064][ T9679]  io_submit_sqes+0xa21/0x25e0
[  382.539820][ T9679]  __do_sys_io_uring_enter+0xd2d/0x1530
[  382.545353][ T9679]  ? __fget_files+0x206/0x3a0
[  382.550010][ T9679]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  382.555971][ T9679]  ? fput+0x67/0x440
[  382.559845][ T9679]  ? ksys_write+0x1ba/0x250
[  382.564327][ T9679]  ? __pfx_ksys_write+0x10/0x10
[  382.569156][ T9679]  do_syscall_64+0xcd/0x250
[  382.573641][ T9679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.579513][ T9679] RIP: 0033:0x7fe3a837e819
[  382.583907][ T9679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.603502][ T9679] RSP: 002b:00007fe3a91d9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  382.611895][ T9679] RAX: ffffffffffffffda RBX: 00007fe3a8535fa0 RCX: 00007fe3a837e819
[  382.619856][ T9679] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000003
[  382.627834][ T9679] RBP: 00007fe3a91d9090 R08: 0000000000000000 R09: 0000000000000000
[  382.635782][ T9679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.643729][ T9679] R13: 0000000000000000 R14: 00007fe3a8535fa0 R15: 00007ffca6fd7418
[  382.651703][ T9679]  </TASK>
[  382.731952][ T9692] VFS: could not find a valid V7 on nullb0.
[  382.739554][ T9692] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  382.864928][ T9698] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  383.751714][ T9707] FAULT_INJECTION: forcing a failure.
[  383.751714][ T9707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.764914][ T9707] CPU: 1 UID: 0 PID: 9707 Comm: syz.5.1040 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  383.775289][ T9707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  383.785348][ T9707] Call Trace:
[  383.788609][ T9707]  <TASK>
[  383.791532][ T9707]  dump_stack_lvl+0x16c/0x1f0
[  383.796199][ T9707]  should_fail_ex+0x497/0x5b0
[  383.800869][ T9707]  _copy_from_user+0x2e/0xd0
[  383.805451][ T9707]  memdup_user+0x71/0xd0
[  383.809678][ T9707]  strndup_user+0x78/0xe0
[  383.813992][ T9707]  __x64_sys_mount+0x138/0x320
[  383.818743][ T9707]  ? __pfx___x64_sys_mount+0x10/0x10
[  383.824021][ T9707]  do_syscall_64+0xcd/0x250
[  383.828513][ T9707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.834396][ T9707] RIP: 0033:0x7f810397e819
[  383.838798][ T9707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.858387][ T9707] RSP: 002b:00007f81017b4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  383.866783][ T9707] RAX: ffffffffffffffda RBX: 00007f8103b36160 RCX: 00007f810397e819
[  383.874736][ T9707] RDX: 0000000020000080 RSI: 0000000020000300 RDI: 0000000000000000
[  383.882690][ T9707] RBP: 00007f81017b4090 R08: 0000000020000700 R09: 0000000000000000
[  383.890646][ T9707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.898603][ T9707] R13: 0000000000000000 R14: 00007f8103b36160 R15: 00007fff9602bcc8
[  383.906566][ T9707]  </TASK>
[  385.003793][ T9718] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1041'.
[  385.358790][ T9720] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1042'.
[  387.219521][   T29] kauditd_printk_skb: 42 callbacks suppressed
[  387.219539][   T29] audit: type=1400 audit(1732624379.122:589): avc:  denied  { read } for  pid=9725 comm="syz.6.1045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  387.355632][ T9736] netlink: 'syz.4.1047': attribute type 13 has an invalid length.
[  387.450991][ T5882] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  388.302663][ T9736] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  388.308767][ T9736] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  388.322678][ T5882] usb 1-1: Using ep0 maxpacket: 16
[  389.512112][ T5882] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.654537][ T5882] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  389.664902][ T5882] usb 1-1: config 0 interface 0 has no altsetting 0
[  389.680775][ T5882] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  389.689853][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.702238][ T5882] usb 1-1: config 0 descriptor??
[  389.712286][ T5882] usb 1-1: can't set config #0, error -71
[  389.743238][ T5882] usb 1-1: USB disconnect, device number 37
[  390.479788][ T9764] netlink: 'syz.0.1054': attribute type 13 has an invalid length.
[  390.504757][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  390.511285][ T9568] Bluetooth: hci5: command 0x0c1a tx timeout
[  391.335749][ T9775] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1056'.
[  391.903163][ T9780] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  391.913510][ T9780] SELinux: failed to load policy
[  392.293747][ T9788] vxcan1: entered promiscuous mode
[  392.304825][ T9788] vxcan1: left promiscuous mode
[  392.316458][ T9788] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1060'.
[  393.069981][ T9764] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  393.076482][ T9764] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  393.125705][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  393.333014][ T9792] FAULT_INJECTION: forcing a failure.
[  393.333014][ T9792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.346608][ T9792] CPU: 1 UID: 0 PID: 9792 Comm: syz.5.1063 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  393.356949][ T9792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  393.367015][ T9792] Call Trace:
[  393.370295][ T9792]  <TASK>
[  393.373231][ T9792]  dump_stack_lvl+0x16c/0x1f0
[  393.377924][ T9792]  should_fail_ex+0x497/0x5b0
[  393.382621][ T9792]  _copy_from_user+0x2e/0xd0
[  393.387229][ T9792]  copy_msghdr_from_user+0x99/0x160
[  393.392447][ T9792]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  393.398283][ T9792]  ___sys_sendmsg+0xff/0x1e0
[  393.402881][ T9792]  ? __pfx____sys_sendmsg+0x10/0x10
[  393.408084][ T9792]  ? __pfx_lock_release+0x10/0x10
[  393.413097][ T9792]  ? trace_lock_acquire+0x146/0x1e0
[  393.418297][ T9792]  ? __fget_files+0x206/0x3a0
[  393.422976][ T9792]  __sys_sendmsg+0x16e/0x220
[  393.427557][ T9792]  ? __pfx___sys_sendmsg+0x10/0x10
[  393.432665][ T9792]  do_syscall_64+0xcd/0x250
[  393.437156][ T9792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.443034][ T9792] RIP: 0033:0x7f810397e819
[  393.447434][ T9792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.467044][ T9792] RSP: 002b:00007f81017f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  393.475450][ T9792] RAX: ffffffffffffffda RBX: 00007f8103b35fa0 RCX: 00007f810397e819
[  393.483408][ T9792] RDX: 0000000020000010 RSI: 00000000200001c0 RDI: 0000000000000003
[  393.491366][ T9792] RBP: 00007f81017f6090 R08: 0000000000000000 R09: 0000000000000000
[  393.499322][ T9792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.507279][ T9792] R13: 0000000000000000 R14: 00007f8103b35fa0 R15: 00007fff9602bcc8
[  393.515241][ T9792]  </TASK>
[  393.637038][   T29] audit: type=1400 audit(1732624386.332:590): avc:  denied  { write } for  pid=9794 comm="syz.0.1061" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  393.722621][ T9808] program syz.5.1067 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  393.740346][ T9808] fuse: Bad value for 'fd'
[  393.771128][    T8] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  394.658531][    T8] usb 5-1: Using ep0 maxpacket: 16
[  394.796543][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  394.807494][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  394.817451][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  394.824119][    T8] usb 5-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  394.833315][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.844120][    T8] usb 5-1: config 0 descriptor??
[  395.099494][ T9820] FAULT_INJECTION: forcing a failure.
[  395.099494][ T9820] name failslab, interval 1, probability 0, space 0, times 0
[  395.112291][ T9820] CPU: 1 UID: 0 PID: 9820 Comm: syz.0.1070 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  395.122622][ T9820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  395.132691][ T9820] Call Trace:
[  395.135974][ T9820]  <TASK>
[  395.138908][ T9820]  dump_stack_lvl+0x16c/0x1f0
[  395.143601][ T9820]  should_fail_ex+0x497/0x5b0
[  395.148290][ T9820]  ? fs_reclaim_acquire+0xae/0x150
[  395.153423][ T9820]  should_failslab+0xc2/0x120
[  395.158113][ T9820]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  395.163927][ T9820]  ? __alloc_skb+0x2b1/0x380
[  395.168534][ T9820]  __alloc_skb+0x2b1/0x380
[  395.172963][ T9820]  ? __pfx___alloc_skb+0x10/0x10
[  395.177920][ T9820]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  395.183909][ T9820]  netlink_alloc_large_skb+0x69/0x130
[  395.189298][ T9820]  netlink_sendmsg+0x689/0xd70
[  395.194078][ T9820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  395.199386][ T9820]  ____sys_sendmsg+0xaaf/0xc90
[  395.204156][ T9820]  ? copy_msghdr_from_user+0x10b/0x160
[  395.209628][ T9820]  ? __pfx_____sys_sendmsg+0x10/0x10
[  395.214932][ T9820]  ___sys_sendmsg+0x135/0x1e0
[  395.219617][ T9820]  ? __pfx____sys_sendmsg+0x10/0x10
[  395.224844][ T9820]  ? __fget_files+0x206/0x3a0
[  395.229528][ T9820]  __sys_sendmsg+0x16e/0x220
[  395.234115][ T9820]  ? __pfx___sys_sendmsg+0x10/0x10
[  395.239239][ T9820]  do_syscall_64+0xcd/0x250
[  395.243743][ T9820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.249638][ T9820] RIP: 0033:0x7f584d37e819
[  395.254204][ T9820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.273821][ T9820] RSP: 002b:00007f584e220038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  395.282236][ T9820] RAX: ffffffffffffffda RBX: 00007f584d536160 RCX: 00007f584d37e819
[  395.290207][ T9820] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005
[  395.298176][ T9820] RBP: 00007f584e220090 R08: 0000000000000000 R09: 0000000000000000
[  395.306147][ T9820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.314113][ T9820] R13: 0000000000000000 R14: 00007f584d536160 R15: 00007ffe0d81f518
[  395.322092][ T9820]  </TASK>
[  395.370846][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  395.685441][ T9827] vxcan1: entered promiscuous mode
[  395.697918][ T9827] vxcan1: left promiscuous mode
[  395.706386][ T9827] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1073'.
[  395.842158][    T8] hid (null): unknown global tag 0xe
[  395.851132][    T8] hid (null): invalid report_size 9273
[  395.897536][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5013.001B/input/input44
[  396.105539][ T9833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1072'.
[  396.152755][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5013.001B/input/input45
[  396.236055][    T8] kye 0003:0458:5013.001B: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.4-1/input0
[  396.258042][ T9830] netlink: 'syz.0.1074': attribute type 13 has an invalid length.
[  396.259230][    T8] usb 5-1: USB disconnect, device number 28
[  396.272446][ T9837] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  396.282368][ T9837] SELinux: failed to load policy
[  396.311576][ T9830] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  396.317644][ T9830] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  396.931804][ T9845] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1076'.
[  398.177520][ T9842] Process accounting resumed
[  398.367483][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  398.375407][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  398.679494][ T9866] program syz.4.1081 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  399.035350][ T9865] tipc: Enabled bearer <eth:vlan0>, priority 10
[  399.045754][ T9865] tipc: Resetting bearer <eth:vlan0>
[  399.285664][ T9865] tipc: Disabling bearer <eth:vlan0>
[  400.065679][ T9876] netlink: 'syz.5.1085': attribute type 13 has an invalid length.
[  400.132984][ T9861] tty tty26: ldisc open failed (-12), clearing slot 25
[  400.140886][ T9864] tty tty1: ldisc open failed (-12), clearing slot 0
[  400.338536][ T9885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9885 comm=syz.3.1088
[  400.402240][ T9883] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  400.412677][ T9883] SELinux: failed to load policy
[  400.719392][ T9893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1089'.
[  402.110894][ T9877] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  402.117378][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  402.228366][ T9902] netlink: 'syz.0.1091': attribute type 13 has an invalid length.
[  402.437145][ T9877] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  402.761849][ T9902] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  402.768283][ T9902] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  403.587331][ T5882] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  404.856063][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  404.862192][ T9568] Bluetooth: hci5: command 0x0c1a tx timeout
[  404.901195][ T9924] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1093'.
[  405.311598][ T9923] syz.6.1098 uses old SIOCAX25GETINFO
[  405.335021][   T29] audit: type=1400 audit(1732624398.032:591): avc:  denied  { bind } for  pid=9922 comm="syz.6.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  406.063697][ T9945] program syz.5.1104 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  407.097064][ T9956] netlink: 'syz.3.1105': attribute type 13 has an invalid length.
[  407.580884][ T9956] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  407.586992][ T9956] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  407.661764][    T8] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  407.877324][ T9961] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1108'.
[  408.251127][    T8] usb 1-1: Using ep0 maxpacket: 16
[  408.257662][    T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.269151][    T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.280406][    T8] usb 1-1: config 0 interface 0 has no altsetting 0
[  408.290906][    T8] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  408.301248][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.312331][    T8] usb 1-1: config 0 descriptor??
[  408.547206][ T9966] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1109'.
[  408.628984][   T29] audit: type=1326 audit(1732624401.312:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9962 comm="syz.5.1109" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f810397e819 code=0x0
[  408.960081][    T8] hid (null): unknown global tag 0xe
[  408.973490][    T8] hid (null): invalid report_size 9273
[  408.992781][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.001C/input/input46
[  409.239033][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.001C/input/input47
[  409.421076][    T8] kye 0003:0458:5013.001C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  409.485323][    T8] usb 1-1: USB disconnect, device number 38
[  409.680762][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  409.687007][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  410.293269][ T9983] openvswitch: netlink: Duplicate key (type 32).
[  410.478611][ T9991] program syz.0.1115 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  410.496695][ T9991] fuse: Bad value for 'fd'
[  412.509028][T10001] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1119'.
[  414.327953][T10006] Process accounting resumed
[  414.428700][T10022] netlink: 'syz.3.1125': attribute type 4 has an invalid length.
[  415.140885][T10020] netlink: 'syz.3.1125': attribute type 8 has an invalid length.
[  415.468475][T10020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1125'.
[  415.892466][T10038] infiniband syz1: set active
[  415.897417][T10038] infiniband syz1: added bond_slave_1
[  415.916203][T10038] syz1: rxe_create_cq: returned err = -12
[  415.928745][T10038] infiniband syz1: Couldn't create ib_mad CQ
[  415.936412][T10038] infiniband syz1: Couldn't open port 1
[  415.985092][T10038] RDS/IB: syz1: added
[  415.997058][T10038] smc: adding ib device syz1 with port count 1
[  416.007204][T10038] smc:    ib device syz1 port 1 has pnetid 
[  417.124343][T10058] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1136'.
[  417.982828][   T29] audit: type=1400 audit(1732624410.682:593): avc:  denied  { accept } for  pid=10055 comm="syz.3.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  418.341899][T10070] xt_connbytes: Forcing CT accounting to be enabled
[  418.368111][T10070] Cannot find add_set index 0 as target
[  418.716165][T10082] netlink: 'syz.6.1142': attribute type 13 has an invalid length.
[  419.191190][T10082] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  419.197279][T10082] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  420.141709][T10088] netlink: 'syz.4.1145': attribute type 13 has an invalid length.
[  421.245221][ T9568] Bluetooth: hci6: command 0x040f tx timeout
[  421.250796][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  424.276099][   T29] audit: type=1400 audit(1732624416.972:594): avc:  denied  { read write } for  pid=10134 comm="syz.5.1157" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  424.300695][   T29] audit: type=1400 audit(1732624416.972:595): avc:  denied  { open } for  pid=10134 comm="syz.5.1157" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  424.324130][   T29] audit: type=1400 audit(1732624417.002:596): avc:  denied  { append } for  pid=10134 comm="syz.5.1157" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  424.432406][   T29] audit: type=1400 audit(1732624417.002:597): avc:  denied  { map } for  pid=10134 comm="syz.5.1157" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  425.134836][   T29] audit: type=1400 audit(1732624417.832:598): avc:  denied  { write } for  pid=10141 comm="syz.5.1160" path="socket:[25389]" dev="sockfs" ino=25389 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  426.927497][T10147] Process accounting resumed
[  427.040865][ T5882] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  427.147492][T10180] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  427.189967][T10179] nft_compat: unsupported protocol 5
[  427.216516][ T5882] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  427.262876][ T5882] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  427.293504][ T5882] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  427.303418][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.864775][ T5882] usb 5-1: Product: syz
[  427.868984][ T5882] usb 5-1: Manufacturer: syz
[  427.873652][ T5882] usb 5-1: SerialNumber: syz
[  427.881771][ T5882] usb 5-1: config 0 descriptor??
[  428.111372][T10188] program syz.3.1174 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  428.590220][   T29] audit: type=1400 audit(1732624421.242:599): avc:  denied  { append } for  pid=10191 comm="syz.6.1176" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  428.613126][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.954759][T10198] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1175'.
[  429.517538][   T29] audit: type=1326 audit(1732624422.202:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10163 comm="syz.4.1166" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x0
[  430.697935][  T116] usb 5-1: USB disconnect, device number 30
[  431.306732][T10223] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1183'.
[  431.445372][T10238] netlink: 'syz.6.1185': attribute type 13 has an invalid length.
[  431.561250][T10238] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  431.567923][T10238] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  431.966010][T10240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1186'.
[  431.983625][T10240] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1186'.
[  433.248310][T10259] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  433.527276][T10265] program syz.5.1192 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  433.542089][T10265] fuse: Bad value for 'fd'
[  433.910864][ T5882] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  433.955545][ T9568] Bluetooth: hci5: command 0x0c1a tx timeout
[  433.962232][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  434.110066][T10268] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  434.162446][ T5882] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  434.180300][ T5882] usb 1-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x52, changing to 0x2
[  434.254805][ T5882] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 203
[  434.285206][ T5882] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  434.298643][ T5882] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  434.308368][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.375599][T10274] program syz.3.1195 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  434.391633][T10274] fuse: Bad value for 'fd'
[  434.806585][T10276] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1196'.
[  434.819545][T10241] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.919365][   T29] audit: type=1326 audit(1732624427.512:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10275 comm="syz.4.1196" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3a837e819 code=0x0
[  435.438813][   T29] audit: type=1400 audit(1732624428.132:602): avc:  denied  { read write } for  pid=10280 comm="syz.5.1197" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  435.476268][ T5912] hid-generic 0000:0D17:0000.001D: unknown main item tag 0x0
[  435.489512][ T5882] ath6kl: Failed to submit usb control message: -71
[  435.496515][ T5882] ath6kl: unable to send the bmi data to the device: -71
[  435.501129][ T5912] hid-generic 0000:0D17:0000.001D: unknown main item tag 0x0
[  435.510867][ T5882] ath6kl: Unable to send get target info: -71
[  435.519520][ T5882] ath6kl: Failed to init ath6kl core: -71
[  435.537230][ T5912] hid-generic 0000:0D17:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  435.541419][   T29] audit: type=1400 audit(1732624428.162:603): avc:  denied  { open } for  pid=10280 comm="syz.5.1197" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  435.580191][ T5882] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -71
[  435.607514][ T5882] usb 1-1: USB disconnect, device number 39
[  435.984139][T10296] FAULT_INJECTION: forcing a failure.
[  435.984139][T10296] name failslab, interval 1, probability 0, space 0, times 0
[  436.034892][ T5835] Bluetooth: hci6: command 0x040f tx timeout
[  436.134103][T10296] CPU: 1 UID: 0 PID: 10296 Comm: syz.0.1202 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  436.144545][T10296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  436.154579][T10296] Call Trace:
[  436.157835][T10296]  <TASK>
[  436.160743][T10296]  dump_stack_lvl+0x16c/0x1f0
[  436.165399][T10296]  should_fail_ex+0x497/0x5b0
[  436.170060][T10296]  ? fs_reclaim_acquire+0xae/0x150
[  436.175157][T10296]  should_failslab+0xc2/0x120
[  436.179817][T10296]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  436.185614][T10296]  ? __alloc_skb+0x2b1/0x380
[  436.190185][T10296]  __alloc_skb+0x2b1/0x380
[  436.194580][T10296]  ? __pfx___alloc_skb+0x10/0x10
[  436.199499][T10296]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  436.205456][T10296]  netlink_alloc_large_skb+0x69/0x130
[  436.210804][T10296]  netlink_sendmsg+0x689/0xd70
[  436.215543][T10296]  ? __pfx_netlink_sendmsg+0x10/0x10
[  436.220804][T10296]  ? bpf_lsm_socket_sendmsg+0x4/0x10
[  436.226082][T10296]  ____sys_sendmsg+0xaaf/0xc90
[  436.230829][T10296]  ? copy_msghdr_from_user+0x10b/0x160
[  436.236294][T10296]  ? __pfx_____sys_sendmsg+0x10/0x10
[  436.241561][T10296]  ___sys_sendmsg+0x135/0x1e0
[  436.246220][T10296]  ? __pfx____sys_sendmsg+0x10/0x10
[  436.251400][T10296]  ? __pfx_lock_release+0x10/0x10
[  436.256399][T10296]  ? trace_lock_acquire+0x146/0x1e0
[  436.261577][T10296]  ? __fget_files+0x206/0x3a0
[  436.266230][T10296]  __sys_sendmsg+0x16e/0x220
[  436.270801][T10296]  ? __pfx___sys_sendmsg+0x10/0x10
[  436.275905][T10296]  do_syscall_64+0xcd/0x250
[  436.280386][T10296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.286254][T10296] RIP: 0033:0x7f584d37e819
[  436.290652][T10296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.310242][T10296] RSP: 002b:00007f584e262038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  436.318638][T10296] RAX: ffffffffffffffda RBX: 00007f584d535fa0 RCX: 00007f584d37e819
[  436.326583][T10296] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005
[  436.334539][T10296] RBP: 00007f584e262090 R08: 0000000000000000 R09: 0000000000000000
[  436.342484][T10296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.350441][T10296] R13: 0000000000000000 R14: 00007f584d535fa0 R15: 00007ffe0d81f518
[  436.358393][T10296]  </TASK>
[  436.520795][T10300] program syz.4.1203 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  436.961710][ T5879] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  437.285502][ T5879] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  437.302349][T10310] FAULT_INJECTION: forcing a failure.
[  437.302349][T10310] name failslab, interval 1, probability 0, space 0, times 0
[  437.315075][T10310] CPU: 1 UID: 0 PID: 10310 Comm: syz.0.1205 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  437.325487][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  437.335537][T10310] Call Trace:
[  437.338807][T10310]  <TASK>
[  437.341734][T10310]  dump_stack_lvl+0x16c/0x1f0
[  437.346417][T10310]  should_fail_ex+0x497/0x5b0
[  437.351096][T10310]  ? fs_reclaim_acquire+0xae/0x150
[  437.356203][T10310]  should_failslab+0xc2/0x120
[  437.360878][T10310]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  437.366252][T10310]  ? security_inode_alloc+0x3b/0x2b0
[  437.371540][T10310]  security_inode_alloc+0x3b/0x2b0
[  437.376652][T10310]  inode_init_always_gfp+0xce4/0x1030
[  437.382033][T10310]  alloc_inode+0x82/0x230
[  437.386360][T10310]  path_from_stashed+0x55f/0xec0
[  437.391297][T10310]  ? __pfx_path_from_stashed+0x10/0x10
[  437.396761][T10310]  pidfs_alloc_file+0xff/0x1f0
[  437.401528][T10310]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  437.406911][T10310]  pidfd_prepare+0xa8/0x150
[  437.411420][T10310]  __x64_sys_pidfd_open+0x106/0x1a0
[  437.416619][T10310]  ? __pfx___x64_sys_pidfd_open+0x10/0x10
[  437.422342][T10310]  do_syscall_64+0xcd/0x250
[  437.426888][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.432809][T10310] RIP: 0033:0x7f584d37e819
[  437.437227][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.456839][T10310] RSP: 002b:00007f584e220028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  437.465252][T10310] RAX: ffffffffffffffda RBX: 00007f584d536160 RCX: 00007f584d37e819
[  437.473218][T10310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000349
[  437.481182][T10310] RBP: 00007f584e220090 R08: 0000000000000000 R09: 0000000000000000
[  437.489150][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.497112][T10310] R13: 0000000000000000 R14: 00007f584d536160 R15: 00007ffe0d81f518
[  437.505083][T10310]  </TASK>
[  437.518472][ T5879] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  437.567095][ T5879] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  437.590028][ T5879] usb 7-1: SerialNumber: syz
[  437.776897][ T5879] usb 7-1: bad CDC descriptors
[  438.638162][ T5912] usb 7-1: USB disconnect, device number 7
[  438.910543][   T29] audit: type=1400 audit(1732624431.602:604): avc:  denied  { accept } for  pid=10322 comm="syz.0.1210" lport=50957 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  440.048081][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  441.388444][T10357] program syz.6.1214 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  441.994265][T10358] 9pnet_fd: Insufficient options for proto=fd
[  442.962166][T10372] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1221'.
[  443.569271][T10368] vxcan1: entered promiscuous mode
[  443.575105][T10370] vxcan1: left promiscuous mode
[  443.755766][ T5835] Bluetooth: hci6: unexpected event for opcode 0x0402
[  443.769701][T10381] input: syz0 as /devices/virtual/input/input48
[  444.996872][T10362] Process accounting resumed
[  446.858019][T10411] FAULT_INJECTION: forcing a failure.
[  446.858019][T10411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  446.926755][T10411] CPU: 0 UID: 0 PID: 10411 Comm: syz.0.1230 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  446.937177][T10411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  446.947208][T10411] Call Trace:
[  446.950461][T10411]  <TASK>
[  446.953369][T10411]  dump_stack_lvl+0x16c/0x1f0
[  446.958025][T10411]  should_fail_ex+0x497/0x5b0
[  446.962685][T10411]  _copy_from_user+0x2e/0xd0
[  446.967252][T10411]  copy_msghdr_from_user+0x99/0x160
[  446.972431][T10411]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  446.978218][T10411]  ___sys_sendmsg+0xff/0x1e0
[  446.982796][T10411]  ? __pfx____sys_sendmsg+0x10/0x10
[  446.988012][T10411]  ? __pfx_lock_release+0x10/0x10
[  446.993037][T10411]  ? trace_lock_acquire+0x146/0x1e0
[  446.998248][T10411]  ? __fget_files+0x206/0x3a0
[  447.002938][T10411]  __sys_sendmsg+0x16e/0x220
[  447.007541][T10411]  ? __pfx___sys_sendmsg+0x10/0x10
[  447.012674][T10411]  do_syscall_64+0xcd/0x250
[  447.017188][T10411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.023093][T10411] RIP: 0033:0x7f584d37e819
[  447.027512][T10411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  447.047122][T10411] RSP: 002b:00007f584e262038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  447.055512][T10411] RAX: ffffffffffffffda RBX: 00007f584d535fa0 RCX: 00007f584d37e819
[  447.063469][T10411] RDX: 0000000020000010 RSI: 00000000200001c0 RDI: 0000000000000003
[  447.071420][T10411] RBP: 00007f584e262090 R08: 0000000000000000 R09: 0000000000000000
[  447.079364][T10411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  447.087316][T10411] R13: 0000000000000000 R14: 00007f584d535fa0 R15: 00007ffe0d81f518
[  447.095270][T10411]  </TASK>
[  447.098393][    C0] vkms_vblank_simulate: vblank timer overrun
[  447.691128][T10421] program syz.0.1232 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  448.082158][ T5835] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  448.091537][ T5835] Bluetooth: hci6: Injecting HCI hardware error event
[  448.099353][ T5835] Bluetooth: hci6: hardware error 0x00
[  448.943012][T10431] 9pnet_fd: Insufficient options for proto=fd
[  449.058276][T10436] infiniband syz1: set active
[  449.760942][ T5882] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  449.930260][ T5882] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  450.000520][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.154584][ T5882] usb 5-1: Product: syz
[  450.158891][ T5882] usb 5-1: Manufacturer: syz
[  450.192655][ T5835] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  450.199303][ T5882] usb 5-1: SerialNumber: syz
[  450.224233][ T5882] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  450.245484][    T8] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  450.658556][ T5912] usb 5-1: USB disconnect, device number 31
[  450.971270][T10455] netlink: 'syz.6.1242': attribute type 13 has an invalid length.
[  451.420407][    T8] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  451.427490][    T8] ath9k_htc: Failed to initialize the device
[  451.440971][ T5912] usb 5-1: ath9k_htc: USB layer deinitialized
[  451.868122][T10460] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1241'.
[  451.930978][T10455] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  452.204410][T10464] FAULT_INJECTION: forcing a failure.
[  452.204410][T10464] name failslab, interval 1, probability 0, space 0, times 0
[  452.224948][T10464] CPU: 1 UID: 0 PID: 10464 Comm: syz.0.1245 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  452.235397][T10464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  452.245452][T10464] Call Trace:
[  452.248729][T10464]  <TASK>
[  452.251657][T10464]  dump_stack_lvl+0x16c/0x1f0
[  452.256348][T10464]  should_fail_ex+0x497/0x5b0
[  452.261034][T10464]  ? fs_reclaim_acquire+0xae/0x150
[  452.266155][T10464]  should_failslab+0xc2/0x120
[  452.270841][T10464]  __kmalloc_noprof+0xcb/0x510
[  452.275608][T10464]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  452.281256][T10464]  tomoyo_realpath_from_path+0xb9/0x720
[  452.286810][T10464]  ? tomoyo_path_number_perm+0x235/0x590
[  452.292451][T10464]  ? tomoyo_path_number_perm+0x235/0x590
[  452.298093][T10464]  tomoyo_path_number_perm+0x248/0x590
[  452.303557][T10464]  ? tomoyo_path_number_perm+0x235/0x590
[  452.309193][T10464]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  452.315197][T10464]  ? __pfx_lock_release+0x10/0x10
[  452.320220][T10464]  ? trace_lock_acquire+0x146/0x1e0
[  452.325431][T10464]  ? lock_acquire+0x2f/0xb0
[  452.329936][T10464]  ? __fget_files+0x40/0x3a0
[  452.334531][T10464]  ? __fget_files+0x206/0x3a0
[  452.339211][T10464]  security_file_ioctl+0x9b/0x240
[  452.344241][T10464]  __x64_sys_ioctl+0xb7/0x200
[  452.348925][T10464]  do_syscall_64+0xcd/0x250
[  452.353434][T10464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.359327][T10464] RIP: 0033:0x7f584d37e819
[  452.363740][T10464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.383357][T10464] RSP: 002b:00007f584e262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  452.391780][T10464] RAX: ffffffffffffffda RBX: 00007f584d535fa0 RCX: 00007f584d37e819
[  452.399751][T10464] RDX: 0000000020000240 RSI: 00000000c04064a0 RDI: 0000000000000004
[  452.407724][T10464] RBP: 00007f584e262090 R08: 0000000000000000 R09: 0000000000000000
[  452.415700][T10464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.423670][T10464] R13: 0000000000000000 R14: 00007f584d535fa0 R15: 00007ffe0d81f518
[  452.431661][T10464]  </TASK>
[  452.481124][T10464] ERROR: Out of memory at tomoyo_realpath_from_path.
[  452.545922][T10472] program syz.3.1246 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  454.110833][T10485] netlink: 'syz.6.1251': attribute type 13 has an invalid length.
[  454.561569][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  454.591056][T10485] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  456.678223][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[  457.515839][T10508] lo speed is unknown, defaulting to 1000
[  457.522138][T10508] lo speed is unknown, defaulting to 1000
[  457.529374][T10508] lo speed is unknown, defaulting to 1000
[  457.542519][T10508] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  457.560082][T10508] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  457.714110][T10508] lo speed is unknown, defaulting to 1000
[  457.714884][T10508] lo speed is unknown, defaulting to 1000
[  457.715588][T10508] lo speed is unknown, defaulting to 1000
[  457.716281][T10508] lo speed is unknown, defaulting to 1000
[  458.070706][T10508] lo speed is unknown, defaulting to 1000
[  458.115312][T10508] lo speed is unknown, defaulting to 1000
[  458.122122][T10508] lo speed is unknown, defaulting to 1000
[  458.438774][T10520] program syz.6.1260 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  458.548363][T10521] fuse: Bad value for 'group_id'
[  458.553397][T10521] fuse: Bad value for 'group_id'
[  459.533856][T10526] overlay: filesystem on ./bus is read-only
[  461.136211][T10513] Process accounting resumed
[  462.095699][T10551] VFS: could not find a valid V7 on nullb0.
[  462.103191][T10551] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  462.397045][T10559] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1270'.
[  463.056069][T10546] mmap: syz.3.1266 (10546) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  463.974816][T10573] program syz.5.1273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  464.047566][T10573] fuse: Bad value for 'group_id'
[  464.052645][T10573] fuse: Bad value for 'group_id'
[  465.004719][T10582] overlay: Unknown parameter 'func'
[  465.023665][T10558] Process accounting resumed
[  465.419681][T10590] netlink: 'syz.0.1276': attribute type 13 has an invalid length.
[  466.297371][T10595] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  466.300738][    T8] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  466.310144][T10595] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[  466.310161][T10595] CPU: 1 UID: 0 PID: 10595 Comm: syz.6.1279 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  466.337341][T10595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  466.347397][T10595] RIP: 0010:__lock_acquire+0xe4/0x3c40
[  466.352865][T10595] Code: 08 84 d2 0f 85 15 14 00 00 44 8b 0d ca 98 f5 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 07 7f 93 0f 84
[  466.372475][T10595] RSP: 0018:ffffc90003fcf268 EFLAGS: 00010006
[  466.378535][T10595] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  466.386504][T10595] RDX: 0000000000000006 RSI: 1ffff920007f9e5f RDI: 0000000000000030
[  466.394497][T10595] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  466.402471][T10595] R10: ffffffff90608e17 R11: 0000000000000001 R12: 0000000000000030
[  466.410511][T10595] R13: ffff888026c1c880 R14: 0000000000000000 R15: 0000000000000000
[  466.418602][T10595] FS:  00007f846dca86c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  466.427537][T10595] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  466.434112][T10595] CR2: 000000110c3435ab CR3: 00000000567d0000 CR4: 00000000003526f0
[  466.442066][T10595] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  466.450025][T10595] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  466.457986][T10595] Call Trace:
[  466.461248][T10595]  <TASK>
[  466.464163][T10595]  ? die_addr+0x3b/0xa0
[  466.468306][T10595]  ? exc_general_protection+0x155/0x230
[  466.473840][T10595]  ? asm_exc_general_protection+0x26/0x30
[  466.479552][T10595]  ? __lock_acquire+0xe4/0x3c40
[  466.484405][T10595]  ? netlink_broadcast_filtered+0x47a/0xef0
[  466.490289][T10595]  ? find_held_lock+0x2d/0x110
[  466.495038][T10595]  ? __pfx___lock_acquire+0x10/0x10
[  466.500216][T10595]  ? addrconf_get_prefix_route+0x5d8/0x980
[  466.506007][T10595]  ? __pfx_lock_release+0x10/0x10
[  466.511012][T10595]  lock_acquire.part.0+0x11b/0x380
[  466.516104][T10595]  ? modify_prefix_route+0x30b/0x8b0
[  466.521375][T10595]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  466.526985][T10595]  ? rcu_is_watching+0x12/0xc0
[  466.531732][T10595]  ? trace_lock_acquire+0x146/0x1e0
[  466.536914][T10595]  ? modify_prefix_route+0x30b/0x8b0
[  466.542182][T10595]  ? lock_acquire+0x2f/0xb0
[  466.546663][T10595]  ? modify_prefix_route+0x30b/0x8b0
[  466.551934][T10595]  _raw_spin_lock_bh+0x33/0x40
[  466.556675][T10595]  ? modify_prefix_route+0x30b/0x8b0
[  466.561947][T10595]  modify_prefix_route+0x30b/0x8b0
[  466.567042][T10595]  inet6_rtm_newaddr+0x12c7/0x1ab0
[  466.572134][T10595]  ? __pfx_inet6_rtm_newaddr+0x10/0x10
[  466.577575][T10595]  ? __mutex_lock+0x1cc/0xa60
[  466.582233][T10595]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  466.588459][T10595]  ? __pfx___mutex_lock+0x10/0x10
[  466.593484][T10595]  ? __pfx_inet6_rtm_newaddr+0x10/0x10
[  466.598923][T10595]  rtnetlink_rcv_msg+0x3c7/0xea0
[  466.603848][T10595]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.609293][T10595]  netlink_rcv_skb+0x16b/0x440
[  466.614042][T10595]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.619484][T10595]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  466.624756][T10595]  ? netlink_deliver_tap+0x1ae/0xd30
[  466.630022][T10595]  netlink_unicast+0x53c/0x7f0
[  466.634770][T10595]  ? __pfx_netlink_unicast+0x10/0x10
[  466.640043][T10595]  netlink_sendmsg+0x8b8/0xd70
[  466.644793][T10595]  ? __pfx_netlink_sendmsg+0x10/0x10
[  466.650063][T10595]  ____sys_sendmsg+0xaaf/0xc90
[  466.654808][T10595]  ? copy_msghdr_from_user+0x10b/0x160
[  466.660252][T10595]  ? __pfx_____sys_sendmsg+0x10/0x10
[  466.665521][T10595]  ___sys_sendmsg+0x135/0x1e0
[  466.670176][T10595]  ? __pfx____sys_sendmsg+0x10/0x10
[  466.675362][T10595]  ? __pfx_lock_release+0x10/0x10
[  466.680364][T10595]  ? trace_lock_acquire+0x146/0x1e0
[  466.685549][T10595]  ? __fget_files+0x206/0x3a0
[  466.690208][T10595]  __sys_sendmsg+0x16e/0x220
[  466.694774][T10595]  ? __pfx___sys_sendmsg+0x10/0x10
[  466.699860][T10595]  ? __x64_sys_futex+0x1e1/0x4c0
[  466.704874][T10595]  do_syscall_64+0xcd/0x250
[  466.709359][T10595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.715237][T10595] RIP: 0033:0x7f846cf7e819
[  466.719630][T10595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.739217][T10595] RSP: 002b:00007f846dca8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  466.747609][T10595] RAX: ffffffffffffffda RBX: 00007f846d135fa0 RCX: 00007f846cf7e819
[  466.755559][T10595] RDX: 0000000000008044 RSI: 0000000020000840 RDI: 0000000000000003
[  466.763510][T10595] RBP: 00007f846cff175e R08: 0000000000000000 R09: 0000000000000000
[  466.771461][T10595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.779410][T10595] R13: 0000000000000000 R14: 00007f846d135fa0 R15: 00007fffc54a1218
[  466.787364][T10595]  </TASK>
[  466.790360][T10595] Modules linked in:
[  466.794237][T10595] ---[ end trace 0000000000000000 ]---
[  466.799664][T10595] RIP: 0010:__lock_acquire+0xe4/0x3c40
[  466.805105][T10595] Code: 08 84 d2 0f 85 15 14 00 00 44 8b 0d ca 98 f5 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 07 7f 93 0f 84
[  466.824692][T10595] RSP: 0018:ffffc90003fcf268 EFLAGS: 00010006
[  466.830735][T10595] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  466.838684][T10595] RDX: 0000000000000006 RSI: 1ffff920007f9e5f RDI: 0000000000000030
[  466.846648][T10595] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  466.854595][T10595] R10: ffffffff90608e17 R11: 0000000000000001 R12: 0000000000000030
[  466.862542][T10595] R13: ffff888026c1c880 R14: 0000000000000000 R15: 0000000000000000
[  466.870491][T10595] FS:  00007f846dca86c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  466.879401][T10595] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  466.885963][T10595] CR2: 000000110c3435ab CR3: 00000000567d0000 CR4: 00000000003526f0
[  466.893914][T10595] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  466.901868][T10595] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  466.909821][T10595] Kernel panic - not syncing: Fatal exception in interrupt
[  466.917179][T10595] Kernel Offset: disabled
[  466.921478][T10595] Rebooting in 86400 seconds..