last executing test programs:

11.73499189s ago: executing program 4 (id=1126):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006772657461b6dc59f4405a1a68f1eb7000000c00028008000100", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4, @ANYBLOB], 0x44}}, 0x0)
recvfrom$packet(0xffffffffffffffff, &(0x7f0000000540)=""/209, 0xd1, 0x40000140, &(0x7f00000001c0)={0x11, 0x19, r3, 0x1, 0x1}, 0x14)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, 0x0, 0x0)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f0000000080)=0x1f6, 0x4)
sendmmsg$inet(r8, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r9, 0x4c80, 0xffffffffffffffb6)
r10 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000140)={&(0x7f0000000000)=[0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], 0x3, 0x4, 0x5, 0x1})

10.305832719s ago: executing program 3 (id=1131):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x1, @mcast2, 0x4000}, 0x1c)
socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_NF_CALL_IP6TABLES={0x5, 0x25, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
sendmmsg$inet(r1, &(0x7f0000000d80)=[{{&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x4}, 0x10, &(0x7f0000000080)=[{&(0x7f00000002c0)="6b73c78af72e62df1deeb1474195af6dc58028c6f7d402dd68b8a131206280ad2ffe85e46e7fe5812da346a090905d8da886b5107a75f0b043d1caaf37c4ce5b5e479c9a4559e507a1d61db7236d17a52c1d646ecb1dc6c7b6b6bd17cae2e10292fe3cba2b3ea40382d56f995ab01243f804ccbe6b111854e8bb6f46b8bda371fed1de692716cd77536738c60057bf565123e8f2098e95bb45429ac58bf573", 0x9f}], 0x1, &(0x7f0000000600)=[@ip_retopts={{0xd8, 0x0, 0x7, {[@timestamp={0x44, 0x2c, 0x3c, 0x0, 0x3, [0x4, 0x4, 0x5, 0xffffffff, 0x20a4f273, 0xf, 0x8, 0x2, 0xb, 0x9]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x17, 0xe, [@multicast2, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @broadcast]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x31, 0x3, [{0x5, 0x2}, {0x7, 0x7, "6756d472fd"}, {0x6, 0x4, "daa4"}, {0x6, 0x6, "eb498ffd"}, {0x3, 0x4, "e790"}, {0xe257c5300d734705, 0x9, "1fec3b1b44f71a"}, {0x0, 0x9, "9f51133215ec61"}, {0x0, 0x2}]}, @generic={0x44, 0x11, "c84a00c1ecac6533f61cdb6f274215"}, @lsrr={0x83, 0x7, 0x27, [@broadcast]}, @end, @timestamp_prespec={0x44, 0x1c, 0xdc, 0x3, 0x8, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffc00}, {@multicast1, 0x80000001}]}, @ssrr={0x89, 0x17, 0x72, [@private=0xa010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @broadcast, @remote]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @local}}}, @ip_retopts={{0x15c, 0x0, 0x7, {[@ssrr={0x89, 0x1b, 0x75, [@multicast2, @multicast2, @dev={0xac, 0x14, 0x14, 0x24}, @broadcast, @remote, @broadcast]}, @timestamp_addr={0x44, 0x2c, 0xc1, 0x1, 0x7, [{@rand_addr=0x64010100}, {@multicast1, 0x6}, {@local, 0xc}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}, {@empty, 0x9b}]}, @cipso={0x86, 0x35, 0xffffffffffffffff, [{0x0, 0xf, "cc086218e0faf1b8b1b284ee29"}, {0x2, 0x10, "1c0610ca7b35ce9cceb63ff15fd3"}, {0x5, 0xe, "fe2cd95cc2a749b68d8613fa"}, {0x0, 0x2}]}, @timestamp={0x44, 0xc, 0x8c, 0x0, 0x7, [0x7, 0xa2]}, @timestamp={0x44, 0x28, 0x86, 0x0, 0x0, [0x9, 0x3ff, 0xfffffffe, 0x8, 0x6, 0xfffffffc, 0x80000000, 0xffff, 0x8]}, @lsrr={0x83, 0x1b, 0x27, [@dev={0xac, 0x14, 0x14, 0x25}, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @private=0xa010102, @broadcast]}, @timestamp_prespec={0x44, 0x1c, 0x35, 0x3, 0x3, [{@multicast2, 0x2}, {@private=0xa010100, 0xf4}, {@remote}]}, @timestamp_addr={0x44, 0x4c, 0x9b, 0x1, 0x6, [{@rand_addr=0x64010100, 0x9}, {@multicast1, 0x1d4}, {@rand_addr=0x64010102, 0xffff}, {@loopback, 0x8}, {@rand_addr=0x64010101}, {@multicast1, 0xffff0000}, {@rand_addr=0x64010101, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xde2097e}, {@loopback, 0x2}]}, @ssrr={0x89, 0x13, 0xe4, [@multicast1, @private=0xa010101, @private=0xa010100, @loopback]}, @cipso={0x86, 0x6}]}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x16, 0x0, 0x5, [0x3, 0x3, 0x6]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}], 0x2d8}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000380)="c0bcc88ccf7b908839c4583c5fc85f89d2d21f37c0f9e53498c1abea6669e160a0c364c6138e779f4e83628c070fc3d1dee88e62762e03781b06c40cbeb3923dbf43503566ab73a0c99984808a0bf932ebf44222b7da9d7969e049c779e88dbec1589b5c849b3963c6c32e0e2560c5b4a279a4e54ab1f21ee0272b043a1efcf3abe155242257e9225f", 0x89}, {&(0x7f00000000c0)}], 0x2, &(0x7f00000004c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ra={0x94, 0x4}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf}}], 0x48}}, {{&(0x7f0000000200)={0x2, 0x4e23, @broadcast}, 0x10, &(0x7f0000000cc0)=[{&(0x7f0000000540)="9829", 0x2}, {&(0x7f0000000900)="1d294b12e6b526435472fa39e1faad738b169b8edbe8879ff1bba5873d0bfc316ba1a5ae14f845c1a3e7121d058c18c0b4b034807115556abe487402108a716a2fa48b754c416f1a8d5fce2652e8baf2c246de9414068866e69e7ce25a5cd9d5785ced767e69872f3f7c37", 0x6b}, {&(0x7f0000000980)="702ba61c301b2248d6045c8aba728501e32c1899052e491faf0abfc5d001a5089a14d0efe54e78da8e1eabaa805e8ab56abee33f93d426d8488f9db057a310c72cf72c13104d4d2e0c06c4dfd41caa76775ffb54518f83aab00b47fe1db0ef9719f285c514a6c0e1f33f807e7be25776e4d3f7028b9d9871", 0x78}, {&(0x7f0000000a00)="5ce9ed0024a6bfcdf453c2dc836c3b890c47d4ecd67beda8e8d25ed56fdb95f8379e58b3f465e93499a84fb563b151abe6cb36588733d2fa0dd820413afbb3ccac9fee558686c58595d02f10f53ca279533b20e7f0da4ff6e743bd1b639e1fa13bd85d6246287ce4c8b5ec4cc4", 0x6d}, {&(0x7f0000000580)="6041aea91e5965383b806535c8b2ed3f65796ffe91d6c2c974ecf792b8c980a5a5e75526c91d56", 0x27}, {&(0x7f0000000a80)="a8a2d5c72d1a8aa48da3dfeabccc8fb96d42a105c5225792a5c21a78fb9d91abadda48561ea6e46ed99be97dca48b511b20be7d12dc43672028d76310e57ccd6741461bc83a6136337a9b2863b30da3ddff1f9d9b3836205e2bcae4aac2f440965db268c67e049170063e182de06e2f6cebf504b49e4d63c32b57a0c347e8f4cef1f611ea69e50cf75e3113740a14a6277442021cdb4d95fca5ded1261dce07afe74d7bb9b740b0d9037b5808a69dfb2885d37b9218046f513254ea977a037f1", 0xc0}, {&(0x7f0000000b40)="acb13df3718debe368f5999fc6ff2ed33453cfa3d4012076b245a52fda9ca27307a395219922a95792e47bd4ca5b4ebc68a3a9e5edb77afbc342646e2200efd8796d67b8c3ede23e89d207187232bdf84086768f8db517144a1960570506aeb2bc9224f07ee58e7d0c3a417b25bfb362ae3cbc23c7c83675bff627362c901c931711a9fb60827bfea2d72a87e7f8bdea65190d6086e8388ddf9ed4360987ffa10498795464aaea57c21a9b1592823f6944371161a8a1b5cda0651d9ab61da707e0e9f93b794dfae27138478edc991d2b68e386", 0xd3}, {&(0x7f0000000c40)="eb5a703295f3d9e622f42b68cbd2894f6176df9827f1863adf67173c19efed65061b89778df57d4bfa09a2267d6934f637cb0d766cf4face04840e36be84c85d6466d010de6cfe9c6f09682c8b6dfc87f6855fe6de4e7f8fff54c5b3896158f1aadc298df154f40b964970345049d4433d00c149d7359e32f62c", 0x7a}], 0x8, &(0x7f0000000d40)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x73}}], 0x30}}], 0x3, 0x40)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000380)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x4000, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x0, 0x50000000}]}}}}}}}, 0x0)

8.84480972s ago: executing program 4 (id=1136):
syz_open_dev$sg(0x0, 0x1, 0x48802)
fsopen(&(0x7f0000000300)='vfat\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1a, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00', <r4=>0x0})
socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x1c, r7, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x1c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x2}, @NHA_ENCAP={0x14, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_TYPE={0x5, 0x2, 0xdd}}}}, @NHA_OIF={0x8, 0x5, r4}]}, 0x3c}}, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r8, &(0x7f0000001540)=[{0x0}, {&(0x7f0000000240)=""/144, 0x90}], 0x2, 0x400000, 0x0, 0x0)
getpid()
socket$inet6(0xa, 0x1, 0x0)

8.622586638s ago: executing program 3 (id=1137):
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(0xffffffffffffffff, 0x40184152, &(0x7f0000000340)={0x0, &(0x7f00000002c0), 0x401})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = socket$inet6(0xa, 0x80002, 0x88)
sendmmsg$inet(r2, &(0x7f0000000b00), 0x0, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffd38, &(0x7f00000002c0)=0x400200bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
ioctl$int_in(r4, 0x40000000af01, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000440)=0x4000000)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000300))
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = dup(r5)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/65, 0x0})
ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000000)={0x0, r6})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000600)=[{{&(0x7f0000000700)=@pppoe={0x18, 0x0, {0x0, @empty, 'wg0\x00'}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000180)}, {&(0x7f0000000800)="2b1a0a054cb6bb78b609b13ec5b5eb7f0aa9a157b0f8e68107bd6785517543665561b4243d43c7d7953c849f602755bdeea28d4246fc9e1439e3eeb19aca0bee6071466e493f97ccc928c80651841c19f4894b7121b53de9b7dc4bc2ef6d5cc94f6b2274526fe3b41f57602af5ebe0389d341ea636e0a89559460afc9041c2f7ecbfd3ba2501344ad722b384ff0ab39ee2a4306672f89841ce35dee58000000b00000000d4087260dc2b80899b63a8edbf818ce1130ba5c46e4926c703c1e5da11e1b047a3561bcb85cbf094181723061342e2f5a3785b5436", 0xd9}, {&(0x7f00000004c0)="3a7598ea9c2d9bc2b5a89f76461659086242cafe9216564b43e0b7fd48fad1d707735ca334422edc4f74c1ed6153bba517ede2f82f86fcb9e98ac00bc413211a6b69a1bea77621958030a25755b95970466d7ce46ad67d01199af24ef44a98ff89086dfb7746ae3facb9b5b9b188fb0eddabe4ce89bf7ee5727280525f0972b5ade339c4e0691fe3b5d96dd123e5c858b8d2eb5160baabeafe7b283b1afc6d832c1ab104a1e257", 0xa7}], 0x3, 0x0, 0x0, 0x2f00}}, {{&(0x7f0000000240)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000000180), 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="43678115749ecacecafe5833640928966d01863ea6470ba9ec748c0c356fee048c4cb695d54b6c0ddcd3da5750d79d218cfd08221cf61f4a423bb6b2721e33f334765f7216f2fbd3159fe7ea8aeea850aa1d1d1f74c9e451efa443d17dca739dd91609474eb66dfec5e6e1fe5f4125ba25faf90e347c4ccf4a49d1ce024c92f5c3fde650e1b114b4532c28b0e40cdb463fd69721"], 0x2278}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000780)="8902daee15087f558dab84524101f55cf9ee052352e35c7639d53fe3b7cf0e4b1129dd7b2fe4810ba312b05f49259f41b5fe4fca8a43f78bc705dc0af863b6302f0859467449829b94aed06dbe", 0x4d}, {&(0x7f00000034c0)="033b779923ea3b9694cf8a98cd77357602de060f0058d7437d4e4cb6bd40c192ad37ed64ce67b68bc756c703f7ff43ec30f4687840c32a961c6b3ff939eb47a766e266fbd5c8cb7abc8e63232c7a3eb838c2d75c8c45ac9a263c9442e99d8b1731c2175dbbb05bf885ae06dc219c1ae62b4bdb49f03be8b313d7d450156849be7e73cdb1cccdea47cc943d8187efdc5508eca40fd92673a251bfb274bd3181ec856cbd52d5538ef2de54c779a672c26f6169a165d20c7182854e888eb9d07b19bc73a04da21235204a1c61411fe6cc991b780a57c779592f9331db916d9e30a6a0cd42600a37b21a309a76d796488fe1515ae2c81b1a799963c521d5c2ff6cc1c7ee939f5674e62ecd4daac930f6698d8abc7f91eb9f1d7cd5afd6b3700b88991bd1e7095567de10db0681ef711550b5b3a3b5ca707ed35fd4c6f96a7cf292028a66ed4c782ff10c8fb0378e183833abb7b1171ae6b182f57a0ed85cf35fe11d4fb04d37b8e9edf3774408356b530c38603e20e472dfb2ac7022136978f49e8a07faecce83ab9a48dfd20286bcc8864d2ea2ef9826b4fc7a86e070a8315e43068592aa387b35056983ad4d654b120a9ee06a330dfb54d5773b5a900ae967f05f7fcca7930a859ae16b827d91552d1766df9cb4e23b4998aff1b3b2d2cb5db1b7dbed8e155946669e7f79a77e573dce2c0630f035669d1e129b4ba8379c75588d2ca85c1f10d18c72757ac0dace2e4df6c3a1dca8a7d6ca73da519fecca2653627b90e0d1754815575215938d837f579ac3f84d17edd77281238b66ca15115606b3036d3f0e68099b65b0d0f1cd3323c20be4ad6195fbcb85ba601ef6995d9637e62f4b3b05214816c404a7a5d428d6e3fb55c04d8f902c6b42c4fac5752ce6b9704da2ee4c286b790238260a69bbe0cf7e70722d92ad42b7b31fcc3b710470ec30959ec461f12fb908e9049d2270177cc95cee377e28d02ba518ef3602d62a3b60f7c7eebd574d5a264236b2a6044d1bab5b1598cef339aeb840d393fa9eeb96daad4e81af269065442f3439c2a8b3baa480fd673ccce9b75d31ee65b0d9295399c382c589f490fc6762c44eaa5fe4b9f6cd0d2e2c815312c1fd0979ab4a48096964ee7fbbdcf714903b92bfd396bf6fdb85e7a74bce77a9882da6012cb425f7670559574ea0f2a21b9963fd12a4f2a86196cb885a87026c60868693f13af4eab09e8304d67c2a98d365294eed02ea21f366c137da239e1dc69ab818b15dc2f1b5e25f15b46ea10771c3b46bdac5e29a5c2518136c20883f40fca3a2fcfbbe6b356bbceb5d83bad168ebaee474a5af279e48af8476e3e6a9c8e045f7fc038d662c1694a7206b1c486fae4d5b8a0e0f8a7a81dc3ace7003be7d39abaea6448e551598299843693b1980bac68f5b80ec1a38c9457436aca01746b4d7669806af384c4eb8789d41356d64aa963977ba770abeccd07e1a5f6bcb56f76cadb59abe64859e6118b4c762bf943f8f5ea6c2b127a61d4629c9538ce9c7420d5e1d844e9b5c699b40eeb26cf62230acfe3efae12c27583bbff56db28eedc4d1ff726a311f50beb6db5ae7fa77e7216054c23e30b88b8d472bdaa0f004ea7351f475406566b1d338367ff07af13259283c9708f785ea02fa4ded27efc492d88ec97c31cb959dca65267c76bbedef11ed71d620bec950e2cd52e62809743187e148410adc9657e983b5a6befaabae6f86191fd3e689bcec6424384dd65f0c6a73c28870c77fd81c70296339ea06f6a344156987130dc588c5bc468621ef384cf63793cc6d1cafd78ea6666666a9004a51f9d6b08279943b8536a16d6cdb8554e0980fa1f6d80185bb8ed667b9910d8daa13b103b56abf9a37300ced751bff68d289fd92588cd4f49ff6505ab9d018fb7cd007d03ef21b5ad1d70cd869ca2810965cd7684e7aefaa1dc4b485691af1b2127b5f572427ec5eede25daefabc75f09a0b9f0a48991c7a0d0208d1b5803f7c32248a34b040eb987b8405f69a031ed95b54f0bd005f8b435949ede0ca0b5df5d5a16d6fda2d2c6853bfae7ee31c7375a4dfabca0a6e67d4e7a4cf10c1ddda5bd6ce4a2c2bd0fc18205ed844dcc14667873876e1c49c6c1c021992d9544822c0d54e886a0a24a4f030dd49eb782a029a46411128f349798273233f005789dae6306add42f40b645f5b058a4d102e8946414efd6416af9029e3a6a1beb5dc89d3b06aa71f2c705adebf8affda2537cbb93b50574058cb02e9337b994707f5d5c6f72e0aeaac91561a68d5a3f072ff85f06114d6b6088b41d3d36f184245ce74be4a0d174f720d47c02938231f51c0125d60c8151ebbaac64e77a1a9c06e8ffb054f41ce5132eeb763a3d75694ba7cc34dda4fa9d9cf0daa87d9693672edbd34cad7994fd1e927b7c6034eb6a06eb8cf2ff5470c9e8e2bebe244ada7a8f6ca3ed4ca661ddb8395fcaeffc145bf15ab502b4f4b0fb092dda3344f9f4f53350e1b6ea31e406e67ae9e666af041819de720b18a527f5400a8ee0a17ad5305d9673cf00b1c61cff1432c47d55a4b49758910bc2f7275b9d84bf4e81401c384f8be9e10606121e4edd39bf44d1bf3781dc246fd9638db6f9e048dca0722c3e9e11cdb10cfa5d86b4d1e53c8a57901bb373f41ccfe8afa77075b68e5c0cf3b09997249d7e938c458309dc6c70a74dc851dcb2254575aaf0e277492024fff9fddb15f4dbc7112cccb887a45fd7e838f1fdb6ef7ce8e4dd327dd06e35759f4320f65d378401ee220e8cbea677b5ee6419f3c15ceca27ae019e4bd8d2d58bb7d420bb5f6ae1aa559e31c67b89d8c5a15ba1646cbbd8df6a706675a00f09b10893fa4055278350da7fbff07e751eb95596e95754e876c393dc40cdf3f2f8af57d10b8dfbddf553f7c259812c1141c9c52b36224ddde0cfb6e76b3e591713eba46b0d264fe4e68b7a9ea08ad5641447ed46a0453e262548d743e68059ef9e0ee0f548c040831c4b1ea2e69343f5bea7510e3b14e3b62151e0cdcbb4c7a0c7ebe479584512267237dbcdee826cbac4ea4a1c4b3823b98b25e79cdb07c0c6aa6dac329262a69ed2bfff79dc7e8152528c4edac5147d19890dc85225968b63787817cb9614b134eefc98377fb933214c2cfce4a40eebc3da55f49828740cbe3aeb7728876db0d418d83efd74ab9299fb0daed725e0cdbdcaa9bf735adb8dc9017a6f62c93060710b1aaebba3552d03b3e1079d4e7704a302d2fab34fcd9a054f88efc784a78c1fbf101365c56885b9f64666f83fc35c2ad33c5f9651856d0e55ee716e22016021a847ed926a013b0817d4316380b8767a34319a2a317d2d0ab4b496417bae60adc9448945aa941ec0598e4f629330e0f10d6fcb73a38e824e0c6bfb57e8a350d4c13db3b0bf0ee10e7521362eeee255ce55e5ac95a53a7655cfc6adcf150ad63319ec47cb8aafa3b514c661245055a8a3340b9b6e18e00c4c5a755037bbe2ef8de82fe534a043ea5308f179d302d6567e3279f70f3edb2219e11b68067e1658c2ad121a4dc9c63bd4c8afc7fd455290052b72884d25e83e95e8fbad8b88842e8a2edc758bfcd4208a4784098e3d37272eff58edd598a938845da713160221f045c1e4f3e37f3934166435c98e039a7557466e12b2b19d3b5a45ae1b86b39f2e3dd528db905dcd0e45d3f74a12d38ebc390112b853080a1144b91f682ca4d5e0f9cb0eb15a1aaff34cc3094b8098d097d7715d20ca139e87166fb15f5aef8f0dd645043125f5cf9fc318d297317a358131a478251fee1826f4f9198d44543ec73c5acf844d1f7a9f8b9cbc0c4d155430fc7cf0302d4be39e41c3f5bbaae590d8c4ef53ae81025cd6cbf4ab848b4c9f9911dfc9fcb1e967e3b13eed6bd21814fcc9b50d46e691ab95e6032c37b43ea1d0e4e894aff655898de54274e15a5fecf163c52aeb64cba73a912236d673a0059eb897f72f9a21873898035f4fa0a3ef6b162b98906d8eccca84b15a8cb725ede4ca9ab57d1b578cf86e01db5d51fcb46e8d30856c865e43373768f3854067815df8e7959c356cea970fbf4359134333ffc753afcd5ba8350ec526c0bcb6a3a879e3ccc6c20028b5b543d5b2d1d02725ef57e785c3e63298587d5dd5a99f1e4bbae113a49b83aa62def4b28941b932da572979910a8f2029203dc92b7d0dfccbb9fb6ef4f9b5cb4d84534033fd88fc7601fa410536dbc269a4f8d012574fdac682e534bac7510f84aae336ef036c2f9c735b4f9279bbbfca7559d3741b5ab46ee352af61a3ec20080065acb1fb4cbe15d5e9d12f5f39a5f83fa1aba39932af078f256e60990445d8f39506726e9155909386e77d2ccfde0cda418a7d335176fa6d9e8f22a8cf48b0e5ac9f19600ace7eaf92ddb40246e19260c01dc9d9a3a38cba9a00b8d2916e9cd91f33157f0ec5960b8cd55d20980a8c75df94c9d1974b6a62ff2041856505e0ba6b6c39d7bfd794ed3ac8bfa9413a5ccb19789f41d56a9d7c36c5f93774846df39d2c785c5d3f4c898f09ee35f850b9a8b2ecfc9b1447ef14593b32e5139a326eda5d315722e3ddc5840a204f1465bf9a485d8bb39658944d735762cf49794a8013aa306d46dee89cc7ea65dfbc20af48c2b5ce217da2b1ce17d374b268d4e6be6f7360b970987cab3d2233afc267c0939c21b9ff11a0ef1152d9015daa1d443a0297674d7fc288cc7e791ce19c601ca3e8418afeba30eea1724fe42e1537c2bd182ff64f4b6673c322acd509397ade97e8d8d7cd9eac9e6298268caa58d06f77a235ff24388f94ef7fc5ec1d9e38a92dfb5609882014634ea38304f8421f4325783fe3697486b7808d97b0af1432d0656bc5f9f1fcacbc5f88ef46db00cd32cbcdf5d6f03d89d92aacbb317f96b7bba55b90b1b9c3de9c457124a524a1e2e8c967f54610de4847b76808098d8e48a8f7959b1ae7fbcb5cc1914acc2077c91a026ffa2e5bdbbb47eb35f81a4802e2d1c7dde954cf8c9298c9af6c85e98a1effa4fb4bf6875458f9da47a9de03d392f524879af16eb63b517719321ce97a10ec13d4d01f41fb87a2e952570fdc1f14c13d0b15eeb62845456d0039406ef1210affdad844f72e57a449f105c99feedfad1b908d4a5104ba49c572844fc129427a434499d4238cb3828833c785c650510f102245cf32d3401fba5ee05ef063772c3e346ec49adeb0a7ea3521afd3d64ef984aff67235df6ef35510b03f7ff8c5187d04842503c07a5c4f3c3df28cbd922df3e996ce7993c943732b658ec3ee3291dad87010bf7e59ea281acf443e2f2e57c75d31c6dd5c49aa46d7aa8e6f936f021463ce72d9bf8fb9978951f30e5ad495347a0e3b03c678377eb02e308fcc70d56ef45646b10ed91c28d39ea27e3a43c7b190f8e70bcf446c5216798ef19e0500cf81b9f213519300d6823982314e39aa34705f83b59a8fd51641b52759556994d5e73b83359510e10c586619fd8fa06accb5a8fac299df25bb1d65b83174d49e1c8ef146bbea816587e8a6331229e9d61765fd98e5c47cc5d461352530e4948b12a88a934ef45b0d9e347bc2fb507f1a157fbe6d7fcbcc521a391950c40a980c12b3a645be9b53321602e5b979f9d75c0055db52c4b05fdcf475c9e84b5d2c0acf29e9ba060928b9c33817822dfc98608d31e1f930d4e2a88dac1ec7875d7253d007419a3b6313ca38dd8759a2a164d46dd95cc06f867cee4187cf2df4db8d9f622951ff788d9fa3e439e2aec646871530ffa50f0990ab1e8d4c79c34460220c2f", 0x1000}], 0x2, &(0x7f0000000b40)=ANY=[@ANYBLOB="10010000000000000c01000000000000966b9ca1eddfae5592214e5af9fb693c1a2e9fbb5f71e27b0a0e5cfd2a3b263172bf3b0a0fc82eda9179de50a31c8e446518ac2f4e1a93ba6d65fb688bc369f826b7805ffcf63cf87fb9048fad2315fdaae7843f946d6766182c83054544a6d196279640bc9339c90ed774e9b31c5b7ef5edc4b69bd66f16432002b93fa4b7b49d9ffef74a78e519a59a52a7e3bb741a9f55b6b1e59c795c10bcfb90389c6d3d2d15f81b8e4728e218a49707e5a428d694fbf57cd7e17bccddaf5cf29ed557f703c679767aa95769dae81c065168b9e1d9f2ff6080e9e3cb2a7e795cc986098089f9f8ca9242d112ce49c8a59df9d862eda10f658e637ad4395c91b70000000070200000000000000e01000080000000d27fea8f9b8b3c5a6064dd76607c9845dee4155cb4ce909db7296aa282d8a9602b383febc99a109525c805ed19e8e456ad2f1b5c8ae6e33fd55dffb7ff62c1e5d1e7f3ec0790c4397adfaa93b190f7127bb83b35dee7ce496e0a6b3a00000000c0000000000000002900000002000000d97cb8d1abccd6cc75462275f07278548627339de7864f7bfc2b34a9d8342d1343d4438ee6bae1cbdd6c014bcd64d0cd918b809f3310c45b3d064945e12c75cc277fe5b7a9470fea54c6179366925864bf3e5653697547a4349606f7ff21fd37e26aaba90c3712cddc6d6bc0a2960028c5ba37b445c410dfc6d841f467c4ba1790d8a972b4ffd4bbfc944be6cbc45cf5a135596593cf9a4039700b0880582419"], 0x240}}], 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
write$selinux_access(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="69582a664d7215e63a1c8f9abc293f0b0c"], 0x53)

7.396687656s ago: executing program 4 (id=1138):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x5}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x410000012)
socket(0x1d, 0x3, 0x3a)
connect$llc(r0, &(0x7f0000000040)={0x1a, 0x331, 0x0, 0x0, 0xe, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x10)

7.333500285s ago: executing program 3 (id=1139):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001040)={{0x12, 0x1, 0x0, 0x40, 0x15, 0x42, 0x20, 0x5a9, 0x1550, 0xe4bb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8e, 0xc4, 0x6f}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000300)={'vxcan1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x6a, 0x1, 0x0, 0x0)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000000), 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
syz_io_uring_setup(0x4265, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

6.801976846s ago: executing program 4 (id=1140):
socket(0x10, 0x80000, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000700)={@fallback=r0, 0x32, 0x4bb11a8cf0efaf80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f0000000500)=ANY=[@ANYBLOB="030207"], 0xb, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$kcm(0x2, 0x8, 0x2)
syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
socket$inet(0x2, 0x3, 0x8d)
r3 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x2000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r7=>0x0], &(0x7f0000000280), 0x1, r6})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000040)={0x0, 0x1, &(0x7f00000000c0)=[r6], &(0x7f0000000200), &(0x7f0000000380)=[r7], &(0x7f0000000340)})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000340)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x0, 0x0, '\x00', 0x5, 0xb})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800, 0x94}, 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0)

6.681158533s ago: executing program 1 (id=1141):
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = memfd_secret(0x0)
accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe1, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0003000000700008877fbac0c1416e000030a89079f03b18000440c0511e0845013f2325f000708050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001d00070f000000000000000007000000", @ANYRES32=r6, @ANYBLOB="40002700060010"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000180)={{0x2, 0x4e23, @remote}, {0x0, @multicast}, 0x0, {0x2, 0x4e23, @loopback}, 'wg1\x00'})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)={0x1c, 0x0, 0x1, 0x0, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}]}, 0x1c}, 0x1, 0xffffffff00000003}, 0x0)
sendmsg$key(r3, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={0x0, 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x18, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b70800000000e1ff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000078", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x1e, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff7}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @ldst={0x2, 0x0, 0x6, 0x0, 0x4, 0xffffffffffffffff, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000300)='GPL\x00', 0x1d0, 0x89, &(0x7f00000007c0)=""/137, 0x40f00, 0x1, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f0000000580)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x2, 0x84, 0x101}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000880)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, r2, r2], &(0x7f00000008c0)=[{0x4, 0x3, 0x10, 0xc}, {0x1, 0x4, 0xd, 0xa}, {0x3, 0x3, 0xc, 0x2}, {0x0, 0x5, 0x1, 0x2}, {0x1, 0x4, 0xb, 0xb}, {0x5, 0x2, 0x1, 0x5}], 0x10, 0x8, @void, @value}, 0x94)

6.096077706s ago: executing program 2 (id=1142):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x8040)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.072783118s ago: executing program 1 (id=1143):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000400)=0x7)
r0 = getpid()
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000440)=ANY=[@ANYRES16=r0, @ANYRESOCT=r0, @ANYRES64, @ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES64=r0, @ANYRESOCT=r0, @ANYBLOB="85a81951185709d2725a75ba71b007fe1ad71a971cf94a7b7939fc5c7a986bbd1fe15f5b5e4ea5d25df5e6e3f54faf757d6c5c1744c3c60b94b154b0c351066feaa2d2eb8112d21b", @ANYRESOCT=r0], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x1}, 0x18)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000280)={'batadv_slave_1\x00', &(0x7f0000002fc0)=@ethtool_stats={0x4b, 0x48}})
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x35, 0x0, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r4, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1000000, 0xb400, &(0x7f0000000000))
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000180)='macsec0\x00', 0x10)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x2c, 0x10, 0x1, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r7, 0x8, 0x24a20}, [@IFLA_VFINFO_LIST={0xc, 0x16, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}]}, 0x2c}}, 0x800)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)

6.012076976s ago: executing program 2 (id=1144):
prlimit64(0x0, 0x6, &(0x7f0000000140)={0xa, 0x9}, 0x0)
r0 = getpid()
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setpriority(0x2, r0, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffac, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
write$proc_mixer(r2, 0x0, 0xb8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x2a)
sendto$inet6(r1, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x6, @dev, 0x4}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x0, 0x9}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000005880)={0x1d, r5, 0xffffffffffffffff}, 0x18)
prctl$PR_SET_CHILD_SUBREAPER(0x37, 0x1)
getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'filter\x00', 0x0, [0x80, 0x8, 0x4, 0x7, 0x8]}, &(0x7f00000001c0)=0x54)
connect$can_j1939(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
sendfile(r8, r7, &(0x7f0000000000)=0x9, 0xffb)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRES8=r6, @ANYBLOB="01002abd7000fcdbdf25200000000c00064001000000010000001c002d80080002000100000005000400040000000500010026000000672fe08ec5ce25f968f647c9cb6987f1ee9cc26e79a8bb0e13cc3bc2335cf736d5ffc89688d1d3a2017051309751d2a0a653839e164bc1a97e726cc38ed33d5db9ee4e134c70a3fc12dbb5aec45b74ea3585cab9b90b22466877576015029b5d27308988411a433dbd74bec23c6aeeb45d07b76d60f65b1364fa0dfcc7394a088da42dcee434b2f5416d481ef01f8425ae9c6c59ac51d97acadf"], 0x3c}, 0x1, 0x0, 0x0, 0x24040080}, 0x800)

5.669295537s ago: executing program 4 (id=1145):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, 0x0, 0x0)
fsopen(&(0x7f0000000040)='afs\x00', 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
poll(&(0x7f0000000100)=[{r1, 0x21}, {0xffffffffffffffff, 0x782}], 0x2, 0xa)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x6, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
getsockopt$llc_int(r3, 0x10c, 0x9, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket(0xa, 0x1, 0x0)
socket$kcm(0x10, 0x5, 0x10)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
close_range(r1, 0xffffffffffffffff, 0x8000000)

4.734075499s ago: executing program 1 (id=1146):
r0 = socket(0x10, 0x1, 0x0)
r1 = creat(0x0, 0xa)
syz_open_dev$loop(&(0x7f0000000180), 0x1000000008, 0x122942)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(0x0, 0x9, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(r0, r3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$inet(r4, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r5)
mknodat$loop(r1, &(0x7f0000000100)='./file0\x00', 0x10, 0x1)
ioctl$HIDIOCINITREPORT(r1, 0x4805, 0x0)

4.053537114s ago: executing program 1 (id=1148):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000340)={&(0x7f00000002c0)=[<r1=>0x0], 0x1})
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f00000000c0)={r1, 0x0, 0x0, 0x0, 0xffffffff, 0x4000004, 0x0, 0x9, 0x400, 0x0, 0x0, 0x2})

4.020889645s ago: executing program 0 (id=1149):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = syz_io_uring_setup(0x26c0, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x57, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000000)={0x2c, 0x1, 0x2, "3ad38eff230c00000000202900000004100000410000000000000300", 0x32314752})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write$UHID_CREATE2(r6, &(0x7f0000000200)=ANY=[@ANYBLOB=','], 0x118)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='kmem_cache_free\x00', r8}, 0x10)
syz_emit_ethernet(0x86, &(0x7f0000000500)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "9d42a08597d3b2f44ac89b1b52cc6728d6697d4cebc8f2f062c6f91f224aaacc", "99bd3410936eefeb3ea898dafab974aa", {"96deedc95f5d10a12027128db2e9bdf6", "f838a300b01b0e19ecdf00b20600"}}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0)
syz_socket_connect_nvme_tcp()
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r9=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x3, {0x0, 0x0, 0x74, r9, {}, {0x0, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x41}, 0x0)

3.673530161s ago: executing program 2 (id=1150):
r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
r2 = epoll_create(0x7fff)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000))
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setfsuid(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0a00000003000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000200), &(0x7f0000000080)=0x4)

3.660095551s ago: executing program 1 (id=1151):
socket(0x2, 0x80805, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0xa00000000000000, 0x80, 0x0, 0x897)
syz_emit_ethernet(0x36, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r1 = dup(0xffffffffffffffff)
getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad9}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0xdb4, 0x0, 0x2000000, 0x0, 0x0)

3.494596139s ago: executing program 3 (id=1152):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r3, &(0x7f0000000380)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r2, {0x100}}, './file0\x00'})
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x5}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x2400000}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x1}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x59}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7ff}]}, 0x3c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
setresgid(0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000400), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0d05605, &(0x7f0000000440)={0x2, 0x0, 0x0, "5d4a03c0d6b1f7891dd5efb410ad15591ada81da3c2f10483741a6bd19dd2c23"})
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e25, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x200}, 0x1c)

3.433102719s ago: executing program 0 (id=1153):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x3, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000a40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000001000000", @ANYRES32=r6, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x2404c800}, 0x8800)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000100)=@buf={0x1000, &(0x7f0000001900)="9581b25b1d98f07ead0023ce8f637254fe1c8b0fbdadf1e903a0349818cd9b64557f2f65f2c1973995d75e0406a16195ebd2f7812dce8d20beda7c28955a099061b78cc545acef8b94b1e45a38da692691e386d3b7242c5eca8495b45917659d4fa4a67717aeabc495f4d39f52250ca5cafe46426f207eaebf8ad242d99b8a164eb95d1a6e3519972e86e0f7a9942740cb1cd2a3e4fd72e6dc7a89fe88d54ed2d2244df3810fe453b8d2324d559aeb656b17648ac1b519ccf7d7124467ac91e340697e9b575f706775f396c8d264e4bfe868f2e8f2fcc3ca2667cf9d54ffd9ead5e401139d926166da89a9920bd610c3f795a9b4807a6bfa96a7c560d4f368716563ba8793f3a2fef71b09bf3c044d43de273ce1f802735db14850f5f19e706f87091b07229b3ba0993e61338c754b0fb2da5162ac03944437d0c5b3052df0c8f94a3424eda8169dd159294b03a121bc55b348042af7a8ff0bb97c0ab7b0bd42c135afda16f5a484b6ba650115251eba25a811d532a913c444f5b7e5bc4b70abe2f3886e8361d865e637191672361fbcf63b32d908e83bea5f4ee6c4903362612d9a8a8474c6c7497f7f1ead6884dd1009ed31048b24eaec2022397c732015463f8d715960000d8472760fe549dad5f1e5d809ba8b87aae40cfe84782ff4dc0a69636087afc4b321495ff7e2ff4448c5959fad00f398d937ef5d922b00f2559e305b5a15e1b8fcae2de2e2bd1866ce4ff1b88469d696178471ebd9a47b58854629a048ff21ba0dcef4f64152f81661064dac39a41c002565e8f654b5cc8ba07ce44776d439152354a4820bca6799a81987672300d4beb7691edec000041660b73e080e669d1a7656002f870c6e2904bc5e4c446c8707dea725eb537eceb18a7339550d0397cae2a89ba3f9be871de15c7ed975b63c1081973f635faf717cc7807482017885f773d09b44a91f9ffa5af344b46e41a9a02491cd153478c5cd222db4b06448b237e880e0f3c28ba17fc5df4485d0e07adeafcc0f45b9e881d4f124ab42f377f0a51ed86bedf62e0c5734a8263b07458422ab8f9bd35e80b84e171beae3922f10d8eb910a22aae7c6ec58c0b694e51bcbfa84f48640274969aa490eb97054dcc846fe8c7808b3ac085f186dae1b893afce5853436c3939551d10037ea4fc0d7377d67ffee9288608bdc4f97118efbf64ea50fbafb6ae3dfbecf0a0d7d41efb6f377bcaf84289dfc05525a3ede7aea06681178289e512479aade988cc57a536708c3a877e6871edff31ac03c4d8bb7b9072b0f19796056feec77e5daa6b3fe635f53ad53f069af635193381c34bd872b6f2ef77f89184e60cf5d3c1b28f38e85364e25db4c3216499ee38847d5c58596f1c5fc2d7598d97ed7112ba8d3cdf3534253449603285b2c1ea091e85fde1bfb5f2b8f7e2751b286616eb86243b0c07c0c4b6b2a0fb980c605955e20081be81e53fbc40cb4439e1e08db32974e27ee451cd87ef76a952570243e9b2fe6c22adf63732b0b8bfc81e3a0e56a81d10fa338ffaf06ce942ea693da9a9696d79850b36f10b5565d81bd8952e07b7ff26ba4dcaf4a543c9cde27fc468c1efcc601aac64d0afb2e9a5dcd19558b9884df267a0bc175df6c1edfa31c8f0ce5e638ff1e70672e28906e3b3ceb6b9397a584c45ff1ce2b80b39c842bbd9894906c42c9b3d32116bdcc31b06ab37ab14a772542232546e685f8ae1124bc89d3199b686d5f158d15f64bc69fb1e5fb2857c29de2c91c60d36e97d06e56609bb86eaa8249833063c3ea83f963d8cda8e520066b6056a1f2d3fb2bc2d0705181bc61fd16b1f2691d30dc38404331469428c312d16c649a563b7ba50076cf409dcebb761d1f086924cba48d3c237ea64516634772d93a1a84824b96f9812b8d3bd58d90bcd955285aab3ea1a1f2af5ee1f2b5807a69c7608b5ba1bf7907698476aba13113d8876fd7343eda7cc42890a68f9bd86c1ade730c4c9773374e0ad5796ef947a0686176f146a91630b275f5ee9044d035f8d756eecf2e1723f79cc7c7ba2ba9347fbbad96dde57b1d8064e98ca3a20ead3280a64adec641f5cfad6f05d4f029f20f498b36be0e2449d28acf9b225fdf15bbd468d8358cdcd2e57fa400bc65a54d549cd04870ede7f8266d43d88093145d80ace2841117daeca8c62960e10254c3f28bc6d0ea52844311313fafbed78af0a43629b7420c286b568dd0291c7099d8560355605269f03ed9f4a652c9768e4411724abc6861a8b698509c46d7fec2258ed59a46130073e8ab088dfbf337d0417c556173c5d64e5b22b9b4f44013bd9c62881b5b5067550317267160a842ef58021da347552ba970a2344ccf42be819a97f941e638582270b831aabae3efcb5743a06126f7143d44d646509085271b6885ac4666a3268b99e080eea8423a1e14d85c6af8ea1a825a447caa75ab9f680f58f8ceb1460c609fc2e802fb9d59cf506d1b0a01162a2d04edee1adc810898df342c3c9601c6fb180ed0ea389761e969ad456bfbc8238a6c24e405d769edd6de1154cef941de498b565b41daab582797e618d2ad55e2019668cdbb13c9593ff850bac33eae8dd3c81c3c88f880df0d7ba1736429ceea3a5f953a905fc074f8d8c742d60ea6ec5a0b8e65f88267dd69227c2fc86d423fc34459fd89495df04e8233e6729250fd16918d684ddcb853e42a00fdde56d6f667ccd258c3401b1f600f606b426eece368cdee487a633289305bd5b17ec432ce51a49c456c804873aca4ac6cfb0d6599b630f33528434506a18430e638a108639f930265f69949744ef69b47339f37c5974682d5223a10830b82eecc051b48ba43aea9976170f4e5f938b1e40c51aa2c5adf79e3ddab20513e91b68a1a0bc419e9f2b4d698a564409569245adc49e144400ad00d70a879779b095fb79facc083d31938c66015cad44b37e1724e90bb792cd3213769de73a96ffbccb893f9cb8a60b847c13c445d252c621872bbd416b6e361cdd81210f3d5d17984aac6e82581d803d2b7c6d985bba05cae4300b2c0c682d47599ac4720e8e1f3b95d9eb59e79696c1f5d926a4d512b3b2d565d31c0c73441c179ab8db6aa637281aa27abcf9599001d8b8f5162f5afbf306ff892c5a6b7fcac294160b719b429f90ddfc0e3b3f4d9e9a82a685603a2040d4b4189095e67b7b974c59fdc39cc50143e8f89cae035397bcfa564f8921ea37c2fb33d736b2bfce054524560bf3c3dd9130a0366e8703126ca7362d23bb9c43dfdf1bd314fb2ca72a37edbe082556ec68f53c763639e85867b831c48e287f4012d69e5b8202395013bc1fe6f9a24b852ec7364bbe87d1ac23b13eae60c88a427084e95bfc6a36f8932fad3a6478fd9a8836e84f7a0220745d2b07bfecab3e2ce52a408c66e0c2f5f13917131ad53877480f05595c15deba131ac76a160e031ad7d9c4c42714286a9a85513495acdcdae917f2c1bfa27c97b51d96b01af822bb458b9ce972aa12766150ef62fcb172ceef9dd3ad188ea10fa36729f51069be80f6b9f30bef94582423685e2bc3b2da301eba2187f702a3a0f7cb4e1be3d482dbc56ad7b6c33ae2382f532d8ee29eef354faf4e60cc40fc7414dd49bb80c63e8a9d4206f9d1c1864674e0eb96874c0e9aa769ef921d0e2b42f693dc84f2e79f1b6f92e8b8cfba9205ba9b5949f546575c00748b29ffccfcd2d63acb6e368d2d69c5e3d1e9016c8f7fd9fe7343c259d3f2e411412aea9b9574622d85e143cb0b33484cc4fc838abf315b67b29f299d3139a6dfe648c998745f6c0295c457ce434f9c311accfc1957e220b0f201f105cace9417667d7a32a8a47e6edb33876bce5406a6596e2ff5cf4a18d62cc41d32907d67b40de4f702e73df2cee93b2d028c56fefab9d01535c60a9a67e938732f95545ae213daa286664dfd4a0d233e8765af95f1c62e0b3b1ebb3ba0a6b8b22afcad8e4017d110534cbaf114794cd9de81f634d8db98cc3c1bcf083ad8cb56c355df58995032292f6020c91b765bc0b78cd34ecffa85788879b29f50819011b7f8d304583f96cc13524ef000dae26bdf7e1a57444bc1dcbf8b02180a90c7620a6abeaa662a3060147eec27101b96ff5eada3c20ff456260732cfac4fdb8e169ab7643884b30b367be316e98d2c40c798dd5400453b785af2f8980b7be98f6693537206c27cc954cdb57ba36f6f62ca7b584b538d6362e7a12b4bc42b993fac7506468afee5d370406a1c751086096f4b6f7597a84074d5c9f8d87719e204105579d466044415f5e3ffe91561c1ff46763a7d2e1fa64afecae0f0c35e7ea2c00b625ec788b385d077d2c3d8c260b1a0e4e642291b299a8b22d9ae1bd087660e4c9d71840875e4177d4bbf26222fe92515545c995ba54fd67143938917473a0eaae7ab9d6057e1882c29718ded6c7574a493be4ddc1ef2c1ae5b81a22d8fbd715b14cdc995b51802d923afdf61c6119da0850800a1500c01f65af3dd02a6a2e30df9551db1920164415a395378d4ce65a5a61707213d72b5c8819da242c721871ee4edc89b6f3b4557c5ded2c6ea201c940d1965e8bb8e25e44d9f7a16a321bc9e6e3c6ca4b84dfe7d258d695a1ced0ab7b85e835feb796e2f81b58437bfbf96a07506458df10a0d4a1954db1cde39d263a5160570d1303f4dc6209a1773c3050144de84849d107da76f6f5f9e92060e9e6f68f520f6d37b9fb1fba9f5967de441624df636f0209d6250cc7d051ba4688aa39c6c4de88b29dd77d6170f6a9318ca69af3ead3647c63ccf30dd964a85c1745a7d9d639e532ca6e7652224962ea0614211fe65ad2f461e695ca61b7a599c03414996952e81441e982bdab83d1ce4f37fed9150e3892b7217241f435e775a6fd1481508371a99ee03e989e518f6865e88aa7f36b7f996181781ae8d25330105293c32146d4bead059edd9638e4c2a8742a78f90191b92a4c064af95bda2806a42203c50fade45314cd1dd44d82377b22bf0d3465b11e551367b42a078875873f4855b71064bfd05e224d0c4ac44dd25d5bbe8723a260df4c96980097a3e3e5d4ca85be7f774c198e3338af8de3e8b04d4ea67db046723e5ac371c300ef5c943b709f636abc5fa963ad7d65f193bf9e26f09a0b053de7f19b69d47e90ea119433787bee4e82512a73d829f5c390a9123c3120650e96edaff7ab02792e6470386b37b3d27f028421fbc753d2d8178a63984c5421c7935fe9fcdbe5e0a916222394019393690c9fa6f05a04b568d6d22421b7ea86cf9bf36b35f81d6e66a9d9b2a1cc6868e398997f199b9af3e4aa68e15c2f2d1e72c60150e70295f9f852becaf8f5348df9c2b11fd989d77563890a079bf5fd1de626f2f9f6a904aa2034dc92dd9331200c910ea66eee8be19c20f964d51cd20baac5b93b2d4c4ebcae4b8d8da4f4b9493f0600a4b843380333b36dcac99a94d0425e5f1e7264c8d97d5e8f64353683a43546296b5ab206edbefa5a64e5a0c87e740b91013fb05f4a488eb9faef8647a71f0832c353a50b4bbac13a26e21bc1c5c0555dc72069d2121624798f09cb8330d24650e9cfb14b5be00da8865d4b9a23d588d9aa2ec397a48c1fa0359c5f1033a9793137675e4cdb89daa2c8be88ec66f8e56f6b99fe33685ec4ed17cbfa8d246c016662e1881b66d051b0edd4c0b2c23bd7f98014e4fd51997d6a9cf5f5987f068708ead3a5ad18cbc6a1f6c9d20a43c68b79d2911b7e0d5dd930081c1c45808e8fc4d2388e48563a899ac41c"})
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
fsetxattr$security_capability(r0, &(0x7f00000001c0), &(0x7f0000000280)=@v3={0x3000000, [{0x8, 0xb}, {0x1000000, 0x7}]}, 0xf, 0x3)
sendfile(r7, r9, &(0x7f0000000180)=0xfffffffffffffffd, 0x3)
getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000001880), &(0x7f00000018c0)=0x30)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40040c0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$net_dm(0x0, 0xffffffffffffffff)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r11, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={<r12=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000000)={r12, 0xad6}, 0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000600)={r12, @in={{0x2, 0x4e22, @local}}, 0x1, 0x9, 0x9, 0x97, 0xd0, 0x70c, 0xa}, &(0x7f00000006c0)=0x9c)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r10, 0x84, 0x7b, &(0x7f0000000040)={r12, 0x5}, 0x8)

2.701472154s ago: executing program 0 (id=1154):
socket$igmp(0x2, 0x3, 0x2)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000004c0)={0x1ff, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_procfs(0x0, 0x0)
pread64(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19)

2.700321038s ago: executing program 2 (id=1155):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40088c0}, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
preadv(r0, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/44, 0x2c}], 0x1, 0x0, 0x0)
writev(r0, &(0x7f0000000580)=[{&(0x7f0000000040)="3766121a4c0dd94459492471470cf0e4b6a67164b11a18aecd7561a7076bccb8bf1bdcca9af66a07880028f637214cb1685cff5d6907113136a378fd8e121f30f50334f38616256d013fa36f83a6036ef8e3d7a15753177406651b", 0x5b}, {&(0x7f00000001c0)="8b863dad2f821be4a357e15ec9668bd0d3c9f4a0a45977d2b8ff7bcd49c565b1e68f8ccf15554a9c3d41bb5b916e17c0569b16d5562f441a217873dcd70af6676ef36609f22346a7d4e878a673c2a0e5e2c056380a0b8f4f719f43b078", 0x5d}, {&(0x7f0000000240)="d630f800c90154ddaf5287d4e74635d5de739b0cb85782c4b39f46b805fcdec866851a48544c6ae9e2be5f926cac9c9868b462296d257b722f6d7761b9710ebb47bcbeca436d787a1c10f363e4982120f88b0faf2ca74f8c111e7df00e57b51d1e8c83617bbe81ce805e03057330e557aa45daaa71694ece62d5fc6fb2257746f43679563ef2", 0x86}, {&(0x7f0000000300)="6f192753b3ad96bfa7a26fa5b08b597d6280b5e98e3128cd141c9691d51a19e40639fa50bfb7423ef7bb5debbae1c80a78021ad602ef3d24dfa1d806c7b00491597ec4fff81e1c9a52edeb7cffcfa284eba8c303bd85c6aaf5f736057a716dc09ff9065adec495a56c84", 0x6a}, {&(0x7f00000000c0)="515c1a29", 0x4}, {&(0x7f0000000600)="a3dbee999508e95243423db32e3a467f2ab92cea11558f46daa31df32270079fbb1a2fb31f04088736bc2150fe6da0c95a67889786dfb8e3d2be3dede0bca85a73c31c99e553907e19dc5bfbc4f16ab8c72ee21f3355b81bfe7ba1ef95dd7235a03e6f24d4429a28263fc4a00b1caabf1e5c838e774a2aadc72044dbbaf9f009d8dba385a26fcea1d8debf06a904111fc524bfa5c022ded3f1b9f57635892645865189f1f60db489f1be649dd6aca527319b220d84bb8efb43f033c7b27b9aa1572a84fafd12982885b14ccf", 0xcc}, {&(0x7f0000000500)="100d243cee8d3ba03570cfc135c8fdf6c18e0a3d4c8f5621de0215f40f852b4c3387648835a3d8ced85d", 0x2a}], 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
io_uring_enter(0xffffffffffffffff, 0x3ecf, 0x20004000, 0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0xa2602, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000000)={0x1, 0x1}, 0x2)
write$USERIO_CMD_REGISTER(r2, &(0x7f0000000100), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r2, &(0x7f0000000140)={0x2, 0xac}, 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r2, &(0x7f0000000040)={0x2, 0x4}, 0x2)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})
r5 = socket$nl_route(0x10, 0x3, 0x0)
syncfs(r5)

2.601659599s ago: executing program 3 (id=1156):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = socket(0x11, 0x800000003, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_GET_HW_INFO(r5, 0x3b8a, &(0x7f00000000c0)={0x28, 0x2, 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r6, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, 0x0, 0x2404c040)
select(0x0, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r8, 0x0, 0x482, &(0x7f0000000040)={0x84, @private=0xa010101, 0x4e23, 0x3, 'sh\x00', 0x1, 0x7, 0x3a}, 0x2c)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r9, 0x0, 0x487, &(0x7f0000000080)={{0x84, @multicast1, 0x4e21, 0x3, 'rr\x00', 0x2, 0x2000, 0x37}, {@multicast1, 0x4e22, 0x4, 0x0, 0x12d5c, 0x12d5b}}, 0x44)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r10=>0x0})
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r10, {}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1], 0x0, [0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x6], [0x0, 0x8, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x2, 0x0, 0xa, 0x0, 0x800, 0x7, {0x5, 0x6, 0x7ff, 0x0, 0x51b5, 0x4, 0x1, 0x7fffffff, 0xf5, 0x6000, 0x9, 0x0, 0x0, 0x6, 0x3e}}}, 0x90)
ioctl$DRM_IOCTL_AGP_ACQUIRE(0xffffffffffffffff, 0x6430)

2.021074816s ago: executing program 1 (id=1157):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000840)=ANY=[@ANYBLOB="400f0100000056ce13183601ed16a7d5e5e000a761bef5ddaa50878c5ea5aaac36b9727e2753f48cf5e840a200f0e88e64b6f0e988de1e7e3e73792d29ee15ebdc93cab5479e944d6677b478ec6fa479dd363e0d1cd53993983658cd4b6e1822dae4ab8ab6575e69ced72013de175266001b7539f47346f8962d4b1e6d5ee261bf5151c7b2b6081ef75fc1bb6de4ae19fa1412fd5300da25d1d124c5e9a5f59dad76c34667c19a323b1faca50cd4c3ce9b9882b61715b4a14d0567b10fddbe8da8b509d99555939dc71d002356cdb204dd57e5990b404c0beaaf66b2fd6a1293e460c4989c397231392a21d3da85518f4e74bf25b53da5a7dc96e5a9f1bc700c534b90"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x30006, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000180)=0x69b, 0x4)
sendmmsg$inet(r5, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000bc0)="23004e4ee760", 0x6}], 0x1}}], 0x1, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'rose0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r7], 0x20}}, 0x0)
ioctl$sock_ax25_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x8, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @null, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r1, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0], <r9=>0x0, 0xed, &(0x7f0000000300)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x4a, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000040)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="001001000000e5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x18, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0})

1.839785393s ago: executing program 0 (id=1158):
syz_open_procfs(0x0, &(0x7f00000000c0)='net/if_inet6\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2d8, 0x2e8, 0x2e8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'ip_vti0\x00', 'macsec0\x00', {0xff}}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x3, 0x2}}, @common=@icmp6={{0x28}, {0xd, "ea9c", 0x1}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0x0, 0xffffff00, 0xff000000], [0xff, 0xff000000, 0x0, 0xff], 'ipvlan1\x00', 'erspan0\x00', {}, {0xff}, 0x2b, 0x5, 0x6}, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}, {{0x2, 0x0, 0x6}}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, &(0x7f00000000c0)="6d5325fa")
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setpriority(0x2, 0x0, 0x7)
setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000001100)=0x4, 0x4)
sendto$inet6(r3, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x6, &(0x7f0000130000/0x800000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x200051, 0x0)
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

1.775629318s ago: executing program 2 (id=1159):
mkdir(0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x0, 0xfffffffd, 0x0, 0x0, 0x0})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x181802, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)

1.149256012s ago: executing program 3 (id=1160):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x0, [0x2, 0x4, 0xfffe, 0x7ff, 0x1951, 0x51d5, 0x7ff, 0x60f4, 0x100, 0x7, 0x8, 0x404, 0x1006, 0x8, 0xfffa, 0x0, 0x1, 0x9, 0x4, 0x71, 0x6, 0x1, 0x7, 0x7fff, 0xfffa, 0x5, 0x5, 0x8000, 0x40, 0xfd7d, 0x80, 0x3b, 0x401, 0xe, 0x7, 0xa, 0xfb, 0x5, 0x7, 0x0, 0x1, 0x9, 0x6, 0x7, 0x10, 0x0, 0x2, 0x5], 0x80000000}})
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x4004743c, 0x20000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0xb00000000000000, 0x0, 0x48)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000980)={0x9, 0x0, [{0x100000, 0xc8, &(0x7f0000000ac0)=""/200}, {0x2, 0x3a, &(0x7f0000000300)=""/58}, {0xeeef0000, 0x6, &(0x7f0000000340)=""/6}, {0xeeee8000, 0x67, &(0x7f0000000600)=""/103}, {0xdddd0000, 0xb9, &(0x7f00000006c0)=""/185}, {0xf000, 0x2f, &(0x7f0000000780)=""/47}, {0x340d0b736a1ec91e, 0x47, &(0x7f00000007c0)=""/71}, {0x0, 0x0, 0x0}, {0x4, 0xdf, &(0x7f0000000880)=""/223}]})
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r3, 0x0, <r4=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r2, 0x3ba0, &(0x7f0000000140)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12f9c5})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})

1.148356786s ago: executing program 4 (id=1161):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x458, 0x4018, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x91}}}}}]}}]}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='contention_begin\x00', r1}, 0x6)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
ioctl$USBDEVFS_IOCTL(r2, 0x80045505, &(0x7f00000000c0)=@usbdevfs_driver={0x1, 0x7f, 0x0})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40c00, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000e80)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000001"], 0x0}, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x2, 0x11)

1.089414276s ago: executing program 2 (id=1162):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
prlimit64(0x0, 0xa, &(0x7f0000000140)={0x100, 0x2}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x40004007)
r0 = getpid()
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000001080)=@file={0xfffffffffffffffd, './file0\x00'}, 0x6e)
socket(0x15, 0x5, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c8000007f539b8c5343c6ccad2a7a167e6dc802d17fd36fd93e0e44391511458bf88e05575355583b075cf5d70a57a5a37d8f874a6eebddf2616422828009e80b4d6f0897ccbd9101f95a13f56c6bbaaa832054e8eceabeeb463bebe1fae04463448441983b6d08fc62a7056ddb416468198c2f01a1a146aabeb463f003117a238a169f0f6e0917dd4bfc1a64677dc5646e98f68c945f06a62c9f9d0949ebeb2dcb8a10720a1764fca90a46158991112e0db39acf46f547e1d4f92835d28302ea9770924a277240fb3fd4fd4e3fe48f7f087e286e239dbfcd19a77334f259707b2952ffd565d9a91e7c718eb33dd9460797d4629e255cfba21e8063a076c2a2c761c4783b4bd1beeac0669e0457eef32956665f22be61c8ae8ec53386c7dcdcff9401c7aaa32c3f0d793274c5211f572a1efd60cbc6d71b836f4a1a85dff6e883ac2758f560da8155297d5fc8e6624259fd62e68445354fdbe467a4bf6a1ce3b6a13b0963e07e404c288ae8b3b96abb96fe99a873bbb87fa4d34e134adef9da0a310af0be64c6e8c94df084a747c9df32a4c2d689c9b91d376e5d046b68b980ef5b9576d110ad85563c65f0528f6690947b1e3ae72b946c9a462cb30326a8058ae5cd8c59001d13658257cb7ae5b264d34754636f06c1271a8889fedacc304ec4ec5dd20e74356810719078afe793288b691bd4a77072f15dbd53a6b3076a59c343534e953353193eec81a1b92803b7260868d1e81fbdb7c14bd43a6105cc603d95c96dfe20d2763b3f7894364be763cedcebccfdbe0a22f700c45039903b781f34dd038a60fb092aab95a90b1400c3b010cce7b3fe67f30af739ceb954e628bd3a2de24a2fd18883a2b104df29708b518ea40c893750477e5a7cc3fdc50ee6a41503f10bc913f386f1c9251da284ad5789c8456faa32b94a3d707314b13fd52c91ad5aa3375acb1691725270d71364040fb08e53bbdf98cb921847fb42c3d9e518cca676542480cf40bb9a8e449b102f1714df2e0a56c7c219f657ce8c5fe5eef9e653c1781e9e7306a2ee56588194bd5dd2ea665d8adb84b01e99c29bd2b0e415799deebee56f9a580379205428885786ee12959a7b34fe2804b7743c2afe4e969aa3096a50b8e7a649126a55953b78abbe37818bd09f9fe2a2bd969fbc529d11ccb122c76718af789f879e02d6430fe3a77b38d76c9d27bb1f361fcdc6c8357498f83395ad42b361853e1698481f8f139940a0abe8800758e637dcabf6701f53565ebfa5665dc0a0df31e51d2c2905a185dfb7d2e49752c11c4f05148b18597ed2cda63a2b97d2c78d396986f399d29f7821afd87736af7e3631cc8dcada153f19246ed20c2bc1567acc01560e6ac88ec140622ed3c9541d640679881e95412a07d333e4e31005b2aeadaf986b928ab1d0601d8a95560cc00b0e471fd960f042d4b3fb13d2d107faa07119293c673c025060b9732b7f15c71b06afd869b37e25033722b2bdd0c755e37fad36910e4592fa09a9ca917b31619523de9aa45a27c68dbcabb6e3e111205b52a539b847cba8f67421a5c8b4d6031f428ef85ca98653224cbe8bf09b89a95cc86e2384ecc09e567107e14d7e9e97abf633d30885a548718761732213bf8ffd2c73b40fc55cfb20440cb9d86d6e950108d220853b6de2a51030b2dc1f32e86a176305e84b29166696bc0e3d368f0c86369e4fafa0c3f071b24171610ad96083055b3d191c58c94b926bcf197a763e1a6891003cb28fcc7fcd0976225acb2d4281a90e25661f197f777d76ae3d4d7635c35edf6d8824281c73a77845abe78f228be56a83ed70b0d1287fcaacae732032abb3ed03118008a8c6c4edf3facfd161995b3ae888ca92f43141797a8ffabdada20c0d1c8ff82bf6bb71b8690471d45ffb7c603f51b80ab0e41a368278913fba1dfe77faac5d4546d5330715631cd97c4fa6a780b4206475c7e729c0eeb38e60d0f49911c3836b416feb689a3524d7ba064bd91e7131538003033212b206623d93bc2016acd729bc531b73c277d5fe1c9f1bb863952f155dddf79d4003ca521e89e529de2dcfb20e9a2c6950f0a8144aaccee66f3ec46d41126e39f16853cf986fb151bd287faf180b47d22cda2b557fff75cd394254159c279ffe0d752bd77c579634167ee4f1d725b1a90e70f4dabf9f4a42793027ac59bc5c2eaee52a2db0ef09a034992c89d53ffa7be66df4edfc43f1b247db9051491af598a7580823d7db2169c039b2c266382634997032a95b4d3a679fa741c88c1436070e65d48ce2970b45c13fa48cbeabf7fd179a6341a0d3472aef26aeada5f0485e863b2a27e01c18005b0ed923aba87a950a9834970e0e07959757668d74eb2a7cd3db96ba0b9890e0233647bf003bb9f72323d251c4d2cd6467d245dd9dde08e428a87af540ab977851f9e851520c69e838d9bd271a8cad6a16aecc1633168b79e7ff88440a7e7fc76c047745e4a285804da0e850ec1c13b1170a23aff324b5203f8b6f3c6e42100b0897250925dcda7c0d406d95eedf6d7e8f4f855b989333eedf9d8d8b014deef9f34d30a96eab2dbd298855ad330c2c22bc9d62682c30ff13f66cac0f569d543e64c798101e528117f372755aa580e946dfef532249d3aec461e6f6786caa2ca7ffb3cf5e4c238c8bb2f5e4f708d8019f3331e075b53e76a49b8acaa5ed64b04a4c6f3f57746ade4c49560c9bc13b5700992591dd54fd11f514f545e2490a1b24259f835d38f6a3837155bfe6a577f8d041db30f8932a624c7fb4639c7fb34ab800c5179ca2c0e51e474571f734e753282c726e6e1939363ad6ec582df81f15cf2daa0a0d762e7f25af0cd7324a46579e489d580758f7e4a832441325e4984c3a6dfe33d0031e9887a815898bdb79fa839027bc82d71d7a2a8fd7928c2fd4093b9c4f0193e5c50c94df87a1c827d0244e28c7aa71bbdcd51f158d47ee0ce46dd94b3c4c7a6374131bfe11c21c0edc5a8d70c8ed3437be409e9d2f49f1b24bc50fc5c4e12a57fb8cbd3566b1a617a6fc95e81760290a98422b70dd2395d6127836385fcbb5b5bfaa6d128068b6f9ef270815ecc078626a0385a45189e476e2a5173a5be7f8058b21bb6557aea13f7371aacb67580f717efdb1f945e2a28db0cdba0fe667ffa49b1779e6d2f6046fc6ee29eebf62cd8cfb1f7b49716d52035cf7be2705960a0693de30c30b83663c0fa4ad2694278ee8a09b52f145b6d2daeb267ac4804c683302ff07dc14a5d7f8a20ca40cb3cbc1be0c02b120130ada2762e24c7d88790e9f4105a2f43d0ebd08dd3e2fda586544ba613ee48467cbbc46a7a79042a01d8f24415d22c00dde240a20a574e37edc4faf289442a76d5e206e2ed75324a5c20311123a5deefac538c11fba444f5b1079cd8bea6c4ac2e1c2f406a0ffd318b0cec438457bb3c67a56a1f23534d39ab7f7f6b4c390d9be9fcf444e1d9bdfbdfceecae381f6f829bc3f75503975068d7e31dba44f93a26bd01b5b5c2b616e9ab59432fdfaa0b7de4ceb7a8f4ff0fbe06c1d2e2b4fa304b188d37920112a991e06d7386b4768d1460d3e8d5a5d90d3c8d2faf72888f33618fdcc704733da4ca9e160759c341ca8b13c6c4ac3bb78560578ef82a55f6ebc3fa1258b436a1d7924407e82a31a49f6a21a3fc17a9b1ecedbf68247c57bdc9f5c6b06cc1e9c5bc9e465db632986edf15baa15f29e35e03daaa7668708e99f76e323c2cc465b0373175edf5e37a03c6830e929aa68a2778ad128a9209b3cba358176e50cda4b568350eef63eca10c9e3fc8b19932844c9c77d9a7c9ba9576af8fba4874b0fdb806110152b6c19d0c1b29bda9e9baedb9e54bcf2249d1b821f16421b6e7b3a6fff49e7b7c63d585184fa5411e7b247f20388ceb3c02c75296b8ddb74130df2c58840b7a611dcc88852337d6872c290383707598669413be0ebca5b3a7421227197ecbbb0d87628e3fe4ae4ba2d4fe1e1ff3194b952ef634e2d628b53ca1d187dcb5ebdf51d8a9a2f4631b24410ec797d48ccdbe1cd79a22e53bb63f42d9cb928b21464e5fd1616064ee822b2970660cbb2eff1635e8c0e8c8823b83e75012908fa608a02da797610b5a41cbb2c64d8fa67b74ee91cdb60f8d05f630b008c8ca52ffff3efb7ea263e20f7343e7fb23b0a25bee895a9676dbe9521bfa8c1b14ab89769d50cbecdf8cc2768d72faea7f084cf0f3d5fb454006c782f00cc38cd7302003416c01336d7696109db8aec7e358ebf4a6a61855217b4ac47ec2705ee6347c52c399d880871e0dd31f83216153327991308afacd6a0696210c33cbcc0e02c07f4f438515cc322e905769aafd45aa788255afd8c8cc5bc865a1af005796b535099f738ec50ea13f5fbaf76de496d0979abcadb1338ca3d23f7ca95bd40fd941666d3b32a28b11b0fa9c8a28177ea49fc7af75fed259f093c57d5ff22de3a4b086cd151d8eab02b353960148938cc916f0fe969858fd8d4dcf54542467fdee6638c07bd7bbff5aaff7279a2cc7b17ab640bf686277d65f2dd8d523afa8e5e96d40a14c3f8c2fe5bbff0cbc5ab6ff72ae642014b83c7b798330a9c99ebf4f30407e65e1cbdec043cc4b9182a66917fea8cd16cbfe0af4391aee270c087b6c98c12003960904f62d1a8a8c305ba2e332d0f42b6a639215fdce9c8d67f8d25e0c398b938341bb6a7621bfdfb61c86b9c7e80b4f728d57ceed2493b10d505ea3449f17fed212ae4de4ab6ea7c02b25d7b6edc2f4dc765517a5591d17fc274c11ee55a2141eca7ebc12c7091603d585d7934ab6ffd4cf45619acd56ae43cc3b3f98226b83bcfd616199d541102034f14c0397cad1634314c38dd8dc09d2a2191b687f02cf4f6f42faf2f168f39662ebfed27b34f7dc5272dee49666376973f85a3d9cfc8f1e3ac4d83b4eaf03ff9416b5a0186c57d6340075f768f683f40d6d478f19b6044ebb509d87d3c5fb5c90eb4ef6acb46cf6ae81ee4d49c27b428b6f3469fea80c114aa16eca498e310f082c2c0ef4afa95d2c80e0e0803585194b704e6da86e45f657431ed7745b0e885277daabfc2c608ec881c132f912cba343f4b6d9cb297750a6fbce64fec24b5fd533b78e3845bd1627332998a82a30181f11595308b05ccd5cfd74247879a1385d7b7f8a7f862d0feb34845234d33ce1cfe38797129afa85e99c78902a25bf594011e6b81a781a5b84cabc29fe77f01178caa6810d373d5f2851b603ed92d377b738eab2023bb08183fbe6cc316d124f6272c54038e86f297fde838edf32f06081f19cf9054b728ef194b56b00cb0ff62c78ba6527e6827464e002284bfef7cb8799365d7f174d9da6b9ddeb56281920c38ddab42e6c3044b2aedc9d45705ca70a3de9ebaabd106e8920019ba21eb1e0b8ed16994f95fce9ea5b659be08df1dfd04ae3fdd1c982fd33d2bca2081d25ad47a2a71b29610e2c6d88c58d7d8a95710c5af35ea7e1f4765a8e34e85325cf53db41cc78ae3cdbc61b1e614323355a8cbb02432948341bbf5f72fa42c005e1990bbc87b81512096eca56aba612138a596889ab6fa3610d88dcb8899c23dc330fb7e35585cf184b2c09d2ae6898a6381b364f8193440113b3b540f61020048efbc3c8263f55175a7a00400dadd54871e7d441060ff637bc3f6fe17851e48d75bc9bc08abf64880870ef522d8bad11ec43e7797c522ff849c589286dda0455d09ae4a301b6604f67bce0a0abcf534abf7c0cc25f55e8264982b6909372037cdacf9f647b85e839dc4a33615b"], 0x1004)
r2 = openat(0xffffffffffffffff, 0x0, 0x1618c2, 0x42)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x2, 0x10122, 0x4})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000040)={0x2, r5, 0x2d, 0x2000002, 0x40c, 0x8, 0x1})
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f0000000040))
r7 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r2, 0x0, 0xf0)
r9 = openat$cgroup_ro(r8, &(0x7f0000000140)='cpuacct.stat\x00', 0x300, 0x0)
read$FUSE(r9, &(0x7f000001aa80)={0x2020}, 0x2020)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000001100)={0x0, 0x18, 0xfa00, {0x5, 0x0, 0x0, 0xa}}, 0x20)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r9, 0xc0884113, &(0x7f0000000240)={0x1, 0xfffffffc, 0x9, 0x87, 0x0, 0x1, 0x9, 0x7ffeffff, 0x0, 0xfffffffffffffffe})

579.775525ms ago: executing program 0 (id=1163):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x4004743c, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000100)=ANY=[])
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000980)={0x6, 0x0, [{0x100000, 0x0, 0x0}, {0x2, 0x3a, &(0x7f0000000300)=""/58}, {0xeeee8000, 0x67, &(0x7f0000000600)=""/103}, {0xf000, 0x2f, &(0x7f0000000780)=""/47}, {0x0, 0x0, 0x0}, {0x4, 0xdf, &(0x7f0000000880)=""/223}]})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})

0s ago: executing program 0 (id=1164):
r0 = semget$private(0x0, 0x4000000009, 0x0)
semop(r0, &(0x7f0000000900)=[{0x0, 0xfffb}], 0x1)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x800000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0xd}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000f00), 0x600, 0x0)
ioctl$sock_SIOCINQ(r2, 0x7040, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x7fff}]}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmmsg$inet(r4, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}], 0x1, 0xc044)
write$binfmt_misc(r4, &(0x7f0000000300), 0xfdef)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c)
sendto$inet6(r5, &(0x7f00000000c0)="8c", 0x1, 0x1000, 0x0, 0x0)
shutdown(r5, 0x1)

kernel console output (not intermixed with test programs):

7930][ T5821] usb 3-1: USB disconnect, device number 12
[  224.778211][ T8105] 8021q: adding VLAN 0 to HW filter on device bond2
[  224.792869][ T8105] bond1: (slave bond2): making interface the new active one
[  224.802021][ T8105] bond1: (slave bond2): Enslaving as an active interface with an up link
[  225.189419][ T8130] netlink: 2716 bytes leftover after parsing attributes in process `syz.2.586'.
[  225.894742][ T8134] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  225.994217][ T8134] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  226.459375][    T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  226.639555][    T9] usb 2-1: Using ep0 maxpacket: 16
[  226.666497][    T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  226.724826][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  226.894360][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  226.927928][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.948082][    T9] usb 2-1: Product: syz
[  226.963081][    T9] usb 2-1: Manufacturer: syz
[  227.079327][    T9] usb 2-1: SerialNumber: syz
[  227.182484][ T8157] netlink: 2716 bytes leftover after parsing attributes in process `syz.3.590'.
[  227.768847][    T9] usb 2-1: config 0 descriptor??
[  227.780983][    T9] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  227.852600][    T9] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  229.162892][    T9] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  229.169728][    T9] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  229.529420][ T5821] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  229.819347][ T5821] usb 4-1: Using ep0 maxpacket: 8
[  229.825766][ T5821] usb 4-1: config 6 has an invalid interface number: 2 but max is 0
[  229.833904][ T5821] usb 4-1: config 6 has no interface number 0
[  229.840076][ T5821] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  229.849765][ T5821] usb 4-1: config 6 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  230.263293][ T5821] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  230.303581][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.379300][    T9] em28xx 2-1:0.0: AC97 command still being executed: not handled properly!
[  230.386389][ T5821] usb 4-1: Product: syz
[  230.387962][    T9] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[  230.414139][ T5821] usb 4-1: Manufacturer: syz
[  230.414736][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  230.444471][ T5821] usb 4-1: SerialNumber: syz
[  230.458117][ T5821] hso 4-1:6.2: Failed to find INT IN ep
[  230.490514][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  230.497133][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  230.504342][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  230.513587][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  230.529838][    T9] usb 2-1: USB disconnect, device number 14
[  230.755828][ T5821] usb 4-1: USB disconnect, device number 23
[  232.556294][   T29] audit: type=1400 audit(1734977619.715:385): avc:  denied  { append } for  pid=8220 comm="syz.0.601" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  233.239441][   T51] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  233.400902][   T51] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  233.420417][   T51] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  233.514003][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  233.590961][   T51] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  233.661315][ T8245] netlink: 2716 bytes leftover after parsing attributes in process `syz.1.606'.
[  234.167010][   T51] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  234.176288][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.189381][   T51] usb 4-1: Product: syz
[  234.193563][   T51] usb 4-1: Manufacturer: syz
[  234.198154][   T51] usb 4-1: SerialNumber: syz
[  234.204411][   T51] usb 4-1: config 0 descriptor??
[  234.211583][   T51] garmin_gps 4-1:0.0: Garmin GPS usb/tty converter detected
[  234.221354][   T51] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  234.232037][   T51] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  234.299313][ T5821] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  234.692560][    T9] usb 4-1: USB disconnect, device number 24
[  234.705175][    T9] garmin_gps 4-1:0.0: device disconnected
[  234.740621][ T5821] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.752222][ T5821] usb 1-1: config 0 has no interfaces?
[  234.757711][ T5821] usb 1-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  234.819635][ T5821] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.837591][   T29] audit: type=1400 audit(1734977622.045:386): avc:  denied  { mounton } for  pid=8250 comm="syz.4.609" path="/proc/402/task" dev="proc" ino=16203 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  234.866112][ T5821] usb 1-1: config 0 descriptor??
[  235.071909][   T29] audit: type=1400 audit(1734977622.265:387): avc:  denied  { write } for  pid=8265 comm="syz.1.611" name="ns" dev="proc" ino=16216 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  236.211124][ T8278] input: syz0 as /devices/virtual/input/input10
[  236.217764][ T8278] input: failed to attach handler leds to device input10, error: -6
[  236.244423][   T29] audit: type=1400 audit(1734977623.365:388): avc:  denied  { read write } for  pid=8276 comm="syz.3.612" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  236.267936][    C1] vkms_vblank_simulate: vblank timer overrun
[  236.275450][   T29] audit: type=1400 audit(1734977623.365:389): avc:  denied  { open } for  pid=8276 comm="syz.3.612" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  236.399364][   T29] audit: type=1400 audit(1734977623.385:390): avc:  denied  { ioctl } for  pid=8276 comm="syz.3.612" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  236.686073][    T9] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  236.824533][   T29] audit: type=1400 audit(1734977624.035:391): avc:  denied  { bind } for  pid=8288 comm="syz.2.615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  236.873283][   T29] audit: type=1400 audit(1734977624.065:392): avc:  denied  { name_bind } for  pid=8288 comm="syz.2.615" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  236.950596][    T9] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  237.030423][    T9] usb 2-1: config 0 has no interface number 0
[  237.036607][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  237.047612][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  237.059375][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  237.070633][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  237.080538][    T9] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  237.130338][   T29] audit: type=1400 audit(1734977624.075:393): avc:  denied  { node_bind } for  pid=8288 comm="syz.2.615" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  237.167199][   T29] audit: type=1400 audit(1734977624.235:394): avc:  denied  { write } for  pid=8288 comm="syz.2.615" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  237.220820][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  237.257488][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.283158][    T9] usb 2-1: config 0 descriptor??
[  237.341822][    T9] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  237.453364][  T970] usb 1-1: USB disconnect, device number 8
[  237.556621][ T8282] ldusb 2-1:0.55: Couldn't submit interrupt_in_urb -90
[  237.569048][ T8282] syzkaller1: entered promiscuous mode
[  237.576051][ T8282] syzkaller1: entered allmulticast mode
[  237.587162][   T81] syzkaller1: tun_net_xmit 48
[  237.591340][    T9] usb 2-1: USB disconnect, device number 15
[  237.599812][    T9] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  237.769326][ T5864] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  237.850009][  T970] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  237.919362][ T5864] usb 5-1: Using ep0 maxpacket: 8
[  237.955923][ T5864] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  237.965166][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.979310][ T5864] usb 5-1: Product: syz
[  237.983485][ T5864] usb 5-1: Manufacturer: syz
[  237.993048][ T5864] usb 5-1: SerialNumber: syz
[  238.000752][ T5864] usb 5-1: config 0 descriptor??
[  238.009559][ T5864] gspca_main: se401-2.14.0 probing 047d:5003
[  238.019373][  T970] usb 1-1: Using ep0 maxpacket: 32
[  238.029183][  T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.060174][  T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.133310][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  238.133361][   T29] audit: type=1400 audit(1734977625.335:396): avc:  denied  { ioctl } for  pid=8276 comm="syz.3.612" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x940e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  238.168373][  T970] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  238.458807][ T8300] capability: warning: `syz.4.616' uses deprecated v2 capabilities in a way that may be insecure
[  238.639377][   T29] audit: type=1400 audit(1734977625.335:397): avc:  denied  { read } for  pid=8276 comm="syz.3.612" path="socket:[17532]" dev="sockfs" ino=17532 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  238.662918][  T970] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  238.677821][  T970] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.742905][  T970] usb 1-1: config 0 descriptor??
[  238.783063][ T8317] FAULT_INJECTION: forcing a failure.
[  238.783063][ T8317] name failslab, interval 1, probability 0, space 0, times 0
[  238.806041][ T8317] CPU: 0 UID: 0 PID: 8317 Comm: syz.1.620 Not tainted 6.13.0-rc4-syzkaller #0
[  238.814919][ T8317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  238.824976][ T8317] Call Trace:
[  238.828252][ T8317]  <TASK>
[  238.831185][ T8317]  dump_stack_lvl+0x16c/0x1f0
[  238.835877][ T8317]  should_fail_ex+0x497/0x5b0
[  238.840571][ T8317]  ? fs_reclaim_acquire+0xae/0x150
[  238.845685][ T8317]  should_failslab+0xc2/0x120
[  238.850368][ T8317]  __kmalloc_noprof+0xcb/0x510
[  238.855142][ T8317]  tomoyo_realpath_from_path+0xb9/0x720
[  238.860706][ T8317]  tomoyo_mount_acl+0x66d/0x880
[  238.865559][ T8317]  ? hlock_class+0x4e/0x130
[  238.870059][ T8317]  ? __lock_acquire+0x15a9/0x3c40
[  238.875076][ T8317]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  238.880442][ T8317]  ? __pfx___lock_acquire+0x10/0x10
[  238.885627][ T8317]  ? stack_trace_save+0x95/0xd0
[  238.890472][ T8317]  ? __pfx_lock_release+0x10/0x10
[  238.895494][ T8317]  ? trace_lock_acquire+0x14e/0x1f0
[  238.900691][ T8317]  ? tomoyo_mount_permission+0x149/0x420
[  238.906320][ T8317]  ? lock_acquire+0x2f/0xb0
[  238.910809][ T8317]  ? tomoyo_mount_permission+0x149/0x420
[  238.916431][ T8317]  tomoyo_mount_permission+0x16e/0x420
[  238.923699][ T8317]  ? tomoyo_mount_permission+0x149/0x420
[  238.929321][ T8317]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  238.935299][ T8317]  ? get_current_fs_domain+0x184/0x1f0
[  238.940752][ T8317]  security_sb_mount+0x9b/0x260
[  238.945597][ T8317]  path_mount+0x129/0x1f20
[  238.950005][ T8317]  ? kmem_cache_free+0x152/0x4c0
[  238.954931][ T8317]  ? __pfx_path_mount+0x10/0x10
[  238.959775][ T8317]  ? putname+0x13c/0x180
[  238.964009][ T8317]  __x64_sys_mount+0x294/0x320
[  238.968764][ T8317]  ? __pfx___x64_sys_mount+0x10/0x10
[  238.974043][ T8317]  do_syscall_64+0xcd/0x250
[  238.978541][ T8317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.984426][ T8317] RIP: 0033:0x7fd44e385d29
[  238.988827][ T8317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.008422][ T8317] RSP: 002b:00007fd44f0e4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  239.016821][ T8317] RAX: ffffffffffffffda RBX: 00007fd44e575fa0 RCX: 00007fd44e385d29
[  239.024783][ T8317] RDX: 0000000020000380 RSI: 00000000200000c0 RDI: 0000000020000000
[  239.032738][ T8317] RBP: 00007fd44f0e4090 R08: 0000000000000000 R09: 0000000000000000
[  239.040696][ T8317] R10: 000000000000848e R11: 0000000000000246 R12: 0000000000000002
[  239.048654][ T8317] R13: 0000000000000000 R14: 00007fd44e575fa0 R15: 00007ffdd3399ff8
[  239.056622][ T8317]  </TASK>
[  239.069439][ T8317] ERROR: Out of memory at tomoyo_realpath_from_path.
[  239.095905][ T5864] input: se401 as /devices/platform/dummy_hcd.4/usb5/5-1/input/input11
[  239.248095][   T29] audit: type=1400 audit(1734977626.455:398): avc:  denied  { create } for  pid=8320 comm="syz.1.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  239.304295][ T8298] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.312996][ T8298] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.328733][ T5864] usb 5-1: USB disconnect, device number 16
[  239.349328][    T9] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  239.459630][   T29] audit: type=1400 audit(1734977626.665:399): avc:  denied  { mount } for  pid=8325 comm="syz.2.623" name="/" dev="pstore" ino=3704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  239.468006][ T8326] netlink: 71 bytes leftover after parsing attributes in process `syz.2.623'.
[  239.509745][    T9] usb 4-1: Using ep0 maxpacket: 32
[  239.529113][    T9] usb 4-1: config 1 interface 0 altsetting 219 bulk endpoint 0x82 has invalid maxpacket 1023
[  239.549303][    T9] usb 4-1: config 1 interface 0 altsetting 219 bulk endpoint 0x3 has invalid maxpacket 16
[  239.559474][  T970] usbhid 1-1:0.0: can't add hid device: -71
[  239.565437][  T970] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  239.579985][    T9] usb 4-1: config 1 interface 0 altsetting 219 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  239.593170][    T9] usb 4-1: config 1 interface 0 has no altsetting 0
[  239.602807][  T970] usb 1-1: USB disconnect, device number 9
[  239.622820][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  239.633080][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.641653][    T9] usb 4-1: Product: Ñ™
[  239.646013][    T9] usb 4-1: Manufacturer: �
[  239.650676][    T9] usb 4-1: SerialNumber: М
[  239.658549][ T8319] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  239.678117][ T8319] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  240.159098][    T9] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  240.188550][    T9] usb 4-1: USB disconnect, device number 25
[  240.199183][ T8337] fuse: Unknown parameter ''
[  240.256401][ T8339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.626'.
[  240.739016][ T8346] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  240.745809][ T8346] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  240.754123][ T8346] vhci_hcd vhci_hcd.0: Device attached
[  240.960819][ T5860] vhci_hcd: vhci_device speed not set
[  241.170097][ T5860] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  241.208329][   T29] audit: type=1400 audit(1734977628.415:400): avc:  denied  { bind } for  pid=8352 comm="syz.2.631" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  241.234480][   T29] audit: type=1400 audit(1734977628.415:401): avc:  denied  { node_bind } for  pid=8352 comm="syz.2.631" saddr=224.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  241.799731][   T29] audit: type=1400 audit(1734977628.415:402): avc:  denied  { create } for  pid=8352 comm="syz.2.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  241.849319][    T9] usb 4-1: new low-speed USB device number 26 using dummy_hcd
[  242.589314][    T9] usb 4-1: device descriptor read/64, error -71
[  242.831330][    T9] usb 4-1: new low-speed USB device number 27 using dummy_hcd
[  242.974459][    T9] usb 4-1: device descriptor read/64, error -71
[  243.084276][   T29] audit: type=1400 audit(1734977630.285:403): avc:  denied  { create } for  pid=8373 comm="syz.1.637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  243.259678][    T9] usb usb4-port1: attempt power cycle
[  243.295698][ T8347] vhci_hcd: connection reset by peer
[  243.308683][   T81] vhci_hcd: stop threads
[  243.313766][   T81] vhci_hcd: release socket
[  243.325596][   T81] vhci_hcd: disconnect device
[  243.341312][   T29] audit: type=1400 audit(1734977630.555:404): avc:  denied  { unmount } for  pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  243.361475][ T5821] usb 2-1: new low-speed USB device number 16 using dummy_hcd
[  243.449301][    T8] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  243.498084][ T8380] netlink: 'syz.3.638': attribute type 4 has an invalid length.
[  243.508084][   T29] audit: type=1400 audit(1734977630.725:405): avc:  denied  { write } for  pid=8379 comm="syz.3.638" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  243.508504][ T8380] netlink: 25 bytes leftover after parsing attributes in process `syz.3.638'.
[  243.549518][ T5821] usb 2-1: Invalid ep0 maxpacket: 32
[  243.649980][    T8] usb 1-1: Using ep0 maxpacket: 8
[  243.680644][ T5821] usb 2-1: new low-speed USB device number 17 using dummy_hcd
[  243.681668][    T8] usb 1-1: config 0 has no interfaces?
[  244.029073][   T29] audit: type=1400 audit(1734977630.975:406): avc:  denied  { remount } for  pid=8381 comm="syz.3.639" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  244.047940][    T8] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  244.059147][    T8] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  244.072029][    T8] usb 1-1: Product: syz
[  244.075297][ T5821] usb 2-1: Invalid ep0 maxpacket: 32
[  244.076187][    T8] usb 1-1: Manufacturer: syz
[  244.087248][    T8] usb 1-1: SerialNumber: syz
[  244.096650][ T5821] usb usb2-port1: attempt power cycle
[  244.109990][    T8] usb 1-1: config 0 descriptor??
[  244.531003][ T8392] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  244.557275][ T8392] CIFS mount error: No usable UNC path provided in device string!
[  244.557275][ T8392] 
[  244.567567][ T8392] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  244.591081][ T8392] netlink: 40 bytes leftover after parsing attributes in process `syz.4.642'.
[  244.941755][ T5821] usb 2-1: new low-speed USB device number 18 using dummy_hcd
[  244.979693][ T5821] usb 2-1: Invalid ep0 maxpacket: 32
[  245.078529][   T29] audit: type=1400 audit(1734977632.285:407): avc:  denied  { ioctl } for  pid=8368 comm="syz.0.636" path="socket:[17712]" dev="sockfs" ino=17712 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  245.097053][    T9] usb 1-1: USB disconnect, device number 10
[  245.109328][ T5821] usb 2-1: new low-speed USB device number 19 using dummy_hcd
[  245.129689][ T5821] usb 2-1: Invalid ep0 maxpacket: 32
[  245.135967][ T5821] usb usb2-port1: unable to enumerate USB device
[  245.313682][   T29] audit: type=1400 audit(1734977632.525:408): avc:  denied  { append } for  pid=8395 comm="syz.2.643" name="dlm-control" dev="devtmpfs" ino=94 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  245.337678][ T8396] netlink: 'syz.2.643': attribute type 9 has an invalid length.
[  245.346309][ T8396] netlink: 'syz.2.643': attribute type 7 has an invalid length.
[  245.354331][ T8396] netlink: 'syz.2.643': attribute type 8 has an invalid length.
[  245.708898][ T8399] netlink: 256 bytes leftover after parsing attributes in process `syz.4.644'.
[  245.735008][   T29] audit: type=1400 audit(1734977632.945:409): avc:  denied  { write } for  pid=8398 comm="syz.4.644" path="socket:[18509]" dev="sockfs" ino=18509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  246.530631][ T5860] vhci_hcd: vhci_device speed not set
[  246.611635][ T8409] mkiss: ax0: crc mode is auto.
[  246.667963][   T29] audit: type=1400 audit(1734977633.875:410): avc:  denied  { setopt } for  pid=8408 comm="syz.1.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  247.109986][ T8409] netlink: 20 bytes leftover after parsing attributes in process `syz.1.648'.
[  247.144514][   T29] audit: type=1400 audit(1734977633.965:411): avc:  denied  { write } for  pid=8410 comm="syz.4.649" path="socket:[18527]" dev="sockfs" ino=18527 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  248.309365][ T8432] vlan0: entered promiscuous mode
[  248.328218][ T8432] team0: Port device vlan0 added
[  249.107339][ T5860] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  249.145997][ T5823] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  249.154513][  T970] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  249.171438][ T8442] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.173140][ T5823] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  249.299331][ T5860] usb 3-1: Using ep0 maxpacket: 8
[  249.309345][  T970] usb 2-1: Using ep0 maxpacket: 8
[  249.318906][ T5860] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  249.323723][  T970] usb 2-1: config index 0 descriptor too short (expected 74, got 45)
[  249.328499][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.336603][  T970] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  249.345942][ T5860] usb 3-1: config 0 descriptor??
[  249.360381][  T970] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  249.373303][  T970] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  249.383299][  T970] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  249.389341][   T25] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  249.396326][  T970] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  249.413012][  T970] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.549330][   T25] usb 1-1: Using ep0 maxpacket: 32
[  249.555973][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.569946][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.579904][   T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  249.592735][   T25] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  249.601835][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.610414][ T5860] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  249.620458][ T5860] asix 3-1:0.0: probe with driver asix failed with error -32
[  249.629115][  T970] usb 2-1: usb_control_msg returned -32
[  249.631480][   T25] usb 1-1: config 0 descriptor??
[  249.645571][  T970] usbtmc 2-1:16.0: can't read capabilities
[  249.660778][  T970] usb 2-1: USB disconnect, device number 20
[  250.136320][ T8447] nvme_fabrics: missing parameter 'transport=%s'
[  250.143271][ T8447] nvme_fabrics: missing parameter 'nqn=%s'
[  250.201814][ T8450] nvme_fabrics: missing parameter 'transport=%s'
[  250.208300][ T8450] nvme_fabrics: missing parameter 'nqn=%s'
[  250.615305][   T25] usbhid 1-1:0.0: can't add hid device: -71
[  250.622907][   T25] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  250.634213][ T8461] bridge2: entered promiscuous mode
[  250.654189][   T25] usb 1-1: USB disconnect, device number 11
[  250.668430][ T8461] bridge2: entered allmulticast mode
[  250.683151][   T29] audit: type=1400 audit(1734977637.895:412): avc:  denied  { write } for  pid=8460 comm="syz.4.662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  250.684491][ T8461] team0: Port device bridge2 added
[  251.863880][   T25] usb 3-1: USB disconnect, device number 13
[  253.120824][ T8498] netlink: 12 bytes leftover after parsing attributes in process `syz.3.673'.
[  254.100169][ T8505] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  254.822540][ T8507] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  255.344286][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  255.350959][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  256.409524][ T8530] netlink: 'syz.2.681': attribute type 1 has an invalid length.
[  257.464406][ T5862] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  258.431065][ T8549] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  258.920031][ T5862] usb 2-1: Using ep0 maxpacket: 8
[  258.926457][ T5862] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  259.063490][ T5862] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.132011][ T5862] usb 2-1: config 0 descriptor??
[  259.169797][ T5862] usb 2-1: can't set config #0, error -71
[  259.178057][ T5862] usb 2-1: USB disconnect, device number 21
[  259.205637][   T29] audit: type=1400 audit(1734977646.415:413): avc:  denied  { create } for  pid=8554 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  259.714035][   T29] audit: type=1400 audit(1734977646.825:414): avc:  denied  { read write } for  pid=8554 comm="syz.1.690" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  260.063578][   T29] audit: type=1400 audit(1734977646.825:415): avc:  denied  { open } for  pid=8554 comm="syz.1.690" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  260.237151][   T29] audit: type=1400 audit(1734977647.415:416): avc:  denied  { setcheckreqprot } for  pid=8572 comm="syz.3.694" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  260.919740][ T5860] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  260.930792][ T5860] hid-generic 0000:0000:0000.0007: unknown main item tag 0x2
[  260.985736][ T5860] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  261.401091][ T8591] FAULT_INJECTION: forcing a failure.
[  261.401091][ T8591] name failslab, interval 1, probability 0, space 0, times 0
[  261.413806][ T8591] CPU: 1 UID: 0 PID: 8591 Comm: syz.2.697 Not tainted 6.13.0-rc4-syzkaller #0
[  261.422658][ T8591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  261.432710][ T8591] Call Trace:
[  261.435983][ T8591]  <TASK>
[  261.438909][ T8591]  dump_stack_lvl+0x16c/0x1f0
[  261.443597][ T8591]  should_fail_ex+0x497/0x5b0
[  261.448283][ T8591]  ? fs_reclaim_acquire+0xae/0x150
[  261.453403][ T8591]  should_failslab+0xc2/0x120
[  261.458087][ T8591]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  261.464416][ T8591]  ? kasan_save_stack+0x42/0x60
[  261.469266][ T8591]  ? kasan_save_stack+0x33/0x60
[  261.474109][ T8591]  ? kasan_save_track+0x14/0x30
[  261.478935][ T8591]  ? v9fs_session_init+0xb4/0x1a80
[  261.484022][ T8591]  ? vfs_get_tree+0x8f/0x380
[  261.488586][ T8591]  kstrdup+0x53/0x100
[  261.492547][ T8591]  v9fs_session_init+0xb4/0x1a80
[  261.496530][ T8593] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  261.497470][ T8591]  ? __pfx_v9fs_session_init+0x10/0x10
[  261.513399][ T8591]  ? kasan_save_track+0x14/0x30
[  261.518232][ T8591]  v9fs_mount+0xc6/0xa30
[  261.522456][ T8591]  ? __pfx_v9fs_mount+0x10/0x10
[  261.527302][ T8591]  ? selinux_sb_eat_lsm_opts+0x596/0x700
[  261.532923][ T8591]  ? cap_capable+0x1cf/0x240
[  261.537499][ T8591]  ? __pfx_v9fs_mount+0x10/0x10
[  261.542351][ T8591]  legacy_get_tree+0x109/0x220
[  261.547093][ T8591]  vfs_get_tree+0x8f/0x380
[  261.551487][ T8591]  path_mount+0x14e6/0x1f20
[  261.555970][ T8591]  ? __pfx_path_mount+0x10/0x10
[  261.560802][ T8591]  __x64_sys_mount+0x294/0x320
[  261.565548][ T8591]  ? __pfx___x64_sys_mount+0x10/0x10
[  261.570813][ T8591]  do_syscall_64+0xcd/0x250
[  261.575300][ T8591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.581180][ T8591] RIP: 0033:0x7fc7dd985d29
[  261.585582][ T8591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.605178][ T8591] RSP: 002b:00007fc7de769038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  261.613576][ T8591] RAX: ffffffffffffffda RBX: 00007fc7ddb76160 RCX: 00007fc7dd985d29
[  261.621524][ T8591] RDX: 0000000020000080 RSI: 0000000020000300 RDI: 0000000000000000
[  261.629473][ T8591] RBP: 00007fc7de769090 R08: 0000000020000400 R09: 0000000000000000
[  261.637419][ T8591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.645377][ T8591] R13: 0000000000000000 R14: 00007fc7ddb76160 R15: 00007ffd32897508
[  261.653331][ T8591]  </TASK>
[  261.656389][    C1] vkms_vblank_simulate: vblank timer overrun
[  262.142416][   T29] audit: type=1400 audit(1734977649.315:417): avc:  denied  { write } for  pid=8595 comm="syz.4.699" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  262.208348][   T29] audit: type=1326 audit(1734977649.415:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd44e385d29 code=0x7ffc0000
[  262.453400][   T29] audit: type=1326 audit(1734977649.425:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd44e385d29 code=0x7ffc0000
[  262.453942][   T29] audit: type=1326 audit(1734977649.425:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fd44e385d29 code=0x7ffc0000
[  262.454354][   T29] audit: type=1326 audit(1734977649.425:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd44e385d29 code=0x7ffc0000
[  262.455024][   T29] audit: type=1326 audit(1734977649.425:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd44e385d29 code=0x7ffc0000
[  262.712762][ T8611] netlink: 1276 bytes leftover after parsing attributes in process `syz.4.705'.
[  262.712793][ T8611] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  262.742006][ T8598] kvm: emulating exchange as write
[  262.946403][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.701'.
[  264.039102][ T8635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.513298][   T29] kauditd_printk_skb: 53 callbacks suppressed
[  264.513369][   T29] audit: type=1400 audit(1734977651.695:476): avc:  denied  { bind } for  pid=8634 comm="syz.4.712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  264.919061][ T8635] batadv_slave_0: entered promiscuous mode
[  265.649937][   T29] audit: type=1800 audit(1734977652.855:477): pid=8649 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.715" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  265.989402][ T5860] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  266.166134][ T5860] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  266.174764][ T5860] usb 4-1: config 0 has no interface number 0
[  266.183388][ T5860] usb 4-1: config 0 interface 2 altsetting 16 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  266.485725][ T5860] usb 4-1: config 0 interface 2 has no altsetting 0
[  266.523474][   T29] audit: type=1400 audit(1734977653.735:478): avc:  denied  { unmount } for  pid=5811 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  266.560548][ T5860] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=a5.66
[  266.580171][ T5860] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.622532][ T5860] usb 4-1: Product: syz
[  266.643682][ T5860] usb 4-1: Manufacturer: syz
[  266.677848][ T5860] usb 4-1: SerialNumber: syz
[  266.815741][ T5860] usb 4-1: config 0 descriptor??
[  266.830352][ T8644] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  267.112198][ T5860] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  267.137697][ T5860] usb 4-1: invalid MIDI in EP 0
[  267.185217][ T5860] snd-usb-audio 4-1:0.2: probe with driver snd-usb-audio failed with error -22
[  267.207314][ T5860] usb 4-1: USB disconnect, device number 29
[  267.235899][ T5803] udevd[5803]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  267.379310][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  267.549266][    T9] usb 2-1: Using ep0 maxpacket: 16
[  267.555827][    T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  267.588381][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  267.624582][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  267.634332][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.657243][    T9] usb 2-1: Product: syz
[  267.676790][    T9] usb 2-1: Manufacturer: syz
[  267.685211][    T9] usb 2-1: SerialNumber: syz
[  267.701706][    T9] usb 2-1: config 0 descriptor??
[  267.798915][   T29] audit: type=1400 audit(1734977654.985:479): avc:  denied  { create } for  pid=8676 comm="syz.3.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  267.819519][    C1] vkms_vblank_simulate: vblank timer overrun
[  267.825917][   T29] audit: type=1400 audit(1734977654.985:480): avc:  denied  { write } for  pid=8676 comm="syz.3.724" path="socket:[19125]" dev="sockfs" ino=19125 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  267.849986][    C1] vkms_vblank_simulate: vblank timer overrun
[  267.856376][   T29] audit: type=1400 audit(1734977654.995:481): avc:  denied  { read write } for  pid=8676 comm="syz.3.724" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  267.879511][   T29] audit: type=1400 audit(1734977655.005:482): avc:  denied  { open } for  pid=8676 comm="syz.3.724" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  267.881029][    T9] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  267.902349][    C1] vkms_vblank_simulate: vblank timer overrun
[  267.946342][    T9] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  268.628861][ T8683] tipc: Started in network mode
[  268.633993][ T8683] tipc: Node identity 7f000001, cluster identity 4711
[  268.643909][ T8683] tipc: Enabled bearer <udp:syz2>, priority 10
[  268.664048][   T29] audit: type=1400 audit(1734977655.875:483): avc:  denied  { shutdown } for  pid=8679 comm="syz.2.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  268.683513][    C1] vkms_vblank_simulate: vblank timer overrun
[  268.748068][ T8682] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[  268.754703][ T8682] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  268.763672][ T8682] vhci_hcd vhci_hcd.0: Device attached
[  268.959700][   T29] audit: type=1400 audit(1734977655.875:484): avc:  denied  { audit_write } for  pid=8679 comm="syz.2.725" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  269.000551][    T9] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  269.007480][    T9] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  269.009310][ T5860] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  269.142754][   T29] audit: type=1400 audit(1734977656.355:485): avc:  denied  { sqpoll } for  pid=8688 comm="syz.4.727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  269.249368][ T5862] usb 4-1: new low-speed USB device number 30 using dummy_hcd
[  269.421648][ T5862] usb 4-1: device descriptor read/64, error -71
[  269.679301][ T5862] usb 4-1: new low-speed USB device number 31 using dummy_hcd
[  269.689330][    T9] em28xx 2-1:0.0: AC97 command still being executed: not handled properly!
[  269.697934][    T9] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[  269.761275][ T5821] tipc: Node number set to 2130706433
[  269.839342][ T5862] usb 4-1: device descriptor read/64, error -71
[  269.877978][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  269.884877][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  269.891552][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  269.913834][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  269.935952][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  269.953664][    T9] usb 2-1: USB disconnect, device number 22
[  269.973408][ T5862] usb usb4-port1: attempt power cycle
[  270.349462][ T5862] usb 4-1: new low-speed USB device number 32 using dummy_hcd
[  270.375331][ T5862] usb 4-1: device descriptor read/8, error -71
[  270.651951][ T5862] usb 4-1: new low-speed USB device number 33 using dummy_hcd
[  270.710832][ T5862] usb 4-1: device descriptor read/8, error -71
[  270.840772][ T5862] usb usb4-port1: unable to enumerate USB device
[  270.855028][ T8715] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  271.498044][ T8684] vhci_hcd: connection reset by peer
[  271.549321][   T12] vhci_hcd: stop threads
[  271.555225][   T12] vhci_hcd: release socket
[  271.562584][   T12] vhci_hcd: disconnect device
[  273.069435][ T8739] SELinux: syz.0.743 (8739) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  273.934443][ T8752] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  274.140131][ T5860] vhci_hcd: vhci_device speed not set
[  274.336320][   T29] audit: type=1400 audit(1734977661.545:486): avc:  denied  { module_request } for  pid=8758 comm="syz.3.749" kmod="nvme-(null)" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  274.382243][ T8759] nvme_fabrics: missing parameter 'transport=%s'
[  274.390846][ T8759] nvme_fabrics: missing parameter 'nqn=%s'
[  274.420529][ T8764] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.430429][ T5823] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  274.438091][ T5823] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  274.594176][ T8766] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  274.639302][ T5864] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  274.789423][ T5864] usb 1-1: Using ep0 maxpacket: 8
[  274.976938][ T5864] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  274.985242][ T5864] usb 1-1: config 179 has no interface number 0
[  274.991584][ T5864] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  275.002930][ T5864] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  275.014349][ T5864] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  275.029272][ T5864] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  275.049301][ T5864] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  275.062671][ T5864] usb 1-1: config 179 interface 65 has no altsetting 0
[  275.069607][ T5864] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  275.078641][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.100617][ T8761] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  275.136378][ T5864] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input12
[  275.368915][ T5823] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  275.404195][ T5860] usb 1-1: USB disconnect, device number 12
[  275.410267][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  275.463200][ T5860] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  275.609684][   T29] audit: type=1326 audit(1734977662.775:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8770 comm="syz.1.752" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd44e385d29 code=0x0
[  276.330545][ T8784] FAULT_INJECTION: forcing a failure.
[  276.330545][ T8784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.354236][ T8784] CPU: 1 UID: 0 PID: 8784 Comm: syz.3.756 Not tainted 6.13.0-rc4-syzkaller #0
[  276.363113][ T8784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  276.373171][ T8784] Call Trace:
[  276.376453][ T8784]  <TASK>
[  276.379396][ T8784]  dump_stack_lvl+0x16c/0x1f0
[  276.384093][ T8784]  should_fail_ex+0x497/0x5b0
[  276.388797][ T8784]  _copy_to_user+0x32/0xd0
[  276.393226][ T8784]  put_timespec64+0xb6/0x120
[  276.397826][ T8784]  ? __pfx_put_timespec64+0x10/0x10
[  276.403038][ T8784]  ? posix_cpu_clock_get+0x13e/0x340
[  276.408352][ T8784]  __x64_sys_clock_gettime+0x1d5/0x270
[  276.413830][ T8784]  ? __pfx___x64_sys_clock_gettime+0x10/0x10
[  276.419830][ T8784]  do_syscall_64+0xcd/0x250
[  276.424350][ T8784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.430261][ T8784] RIP: 0033:0x7f6b5c385d29
[  276.434679][ T8784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.454295][ T8784] RSP: 002b:00007f6b5d288038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
[  276.462718][ T8784] RAX: ffffffffffffffda RBX: 00007f6b5c575fa0 RCX: 00007f6b5c385d29
[  276.470683][ T8784] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 00000000fffffff2
[  276.478642][ T8784] RBP: 00007f6b5d288090 R08: 0000000000000000 R09: 0000000000000000
[  276.486598][ T8784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.494559][ T8784] R13: 0000000000000001 R14: 00007f6b5c575fa0 R15: 00007ffe45490218
[  276.502532][ T8784]  </TASK>
[  276.959393][    T9] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  277.149345][    T9] usb 4-1: Using ep0 maxpacket: 32
[  277.199449][    T9] usb 4-1: config 4 has an invalid interface number: 128 but max is 0
[  277.207692][    T9] usb 4-1: config 4 has no interface number 0
[  277.213844][    T9] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.239263][    T9] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.290121][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  277.329324][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.389249][    T9] hub 4-1:4.128: USB hub found
[  277.610764][    T9] hub 4-1:4.128: 2 ports detected
[  277.629421][    T9] hub 4-1:4.128: Using single TT (err -22)
[  278.771367][    T9] hub 4-1:4.128: hub_hub_status failed (err = -32)
[  278.812309][    T9] hub 4-1:4.128: config failed, can't get hub status (err -32)
[  280.169429][   T29] audit: type=1400 audit(1734977667.365:488): avc:  denied  { getopt } for  pid=8825 comm="syz.0.767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  280.256648][   T29] audit: type=1400 audit(1734977667.465:489): avc:  denied  { bind } for  pid=8825 comm="syz.0.767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  280.275937][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.330716][   T29] audit: type=1400 audit(1734977667.465:490): avc:  denied  { read } for  pid=8825 comm="syz.0.767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  280.351054][ T5860] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  280.469930][ T8832] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  281.040486][ T5860] usb 2-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  281.099439][ T5860] usb 2-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xD1, changing to 0x81
[  281.124280][ T5860] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.135375][ T5860] usb 2-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  281.148511][ T5860] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  281.157737][ T5860] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.329665][ T5821] usb 4-1: USB disconnect, device number 34
[  281.669763][   T29] audit: type=1800 audit(1734977668.865:491): pid=8840 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.769" name="bus" dev="overlay" ino=917 res=0 errno=0
[  282.096956][ T8824] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  282.096956][ T8824]    program syz.1.765 not setting count and/or reply_len properly
[  282.220006][ T5860] ath6kl: Failed to submit usb control message: -110
[  282.226792][ T5860] ath6kl: unable to send the bmi data to the device: -110
[  282.234478][ T5860] ath6kl: Unable to send get target info: -110
[  282.251941][ T5860] ath6kl: Failed to init ath6kl core: -110
[  282.266096][ T5860] ath6kl_usb 2-1:4.0: probe with driver ath6kl_usb failed with error -110
[  282.488916][ T5869] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  282.724764][ T8849] binder: 8847:8849 ioctl c0306201 0 returned -14
[  282.779340][ T5869] usb 1-1: Using ep0 maxpacket: 16
[  282.865280][ T5869] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.886163][ T5869] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 129, changing to 11
[  282.898613][ T5869] usb 1-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  283.077267][ T5869] usb 1-1: config 0 interface 0 has no altsetting 0
[  283.083942][ T5869] usb 1-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  283.093200][ T5869] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.111040][ T5869] usb 1-1: config 0 descriptor??
[  283.185972][ T5860] usb 2-1: USB disconnect, device number 23
[  283.339812][   T29] audit: type=1400 audit(1734977670.555:492): avc:  denied  { write } for  pid=8842 comm="syz.0.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  283.573556][ T5869] nzxt-smart2 0003:1E71:2010.0008: unknown main item tag 0x0
[  283.586145][ T5869] nzxt-smart2 0003:1E71:2010.0008: unknown main item tag 0x0
[  283.608779][ T5869] nzxt-smart2 0003:1E71:2010.0008: unknown main item tag 0x0
[  283.620843][ T5869] nzxt-smart2 0003:1E71:2010.0008: unknown main item tag 0x0
[  283.628250][ T5869] nzxt-smart2 0003:1E71:2010.0008: unknown main item tag 0x0
[  283.681365][ T5869] nzxt-smart2 0003:1E71:2010.0008: hidraw0: USB HID v0.05 Device [HID 1e71:2010] on usb-dummy_hcd.0-1/input0
[  283.890475][ T5869] usb 1-1: USB disconnect, device number 13
[  284.073227][ T5823] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  284.085058][ T5823] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  284.085994][ T8863] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  284.929667][ T8877] bridge3: entered promiscuous mode
[  284.969328][ T8877] bridge3: entered allmulticast mode
[  284.975765][ T8877] team0: Port device bridge3 added
[  287.349409][ T8905] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  287.877327][ T8909] netlink: 16 bytes leftover after parsing attributes in process `syz.2.791'.
[  287.996470][   T29] audit: type=1400 audit(1734977675.205:493): avc:  denied  { write } for  pid=5171 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  288.189319][   T29] audit: type=1400 audit(1734977675.205:494): avc:  denied  { remove_name } for  pid=5171 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  288.280159][   T29] audit: type=1400 audit(1734977675.205:495): avc:  denied  { add_name } for  pid=5171 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  288.654722][ T8921] sp0: Synchronizing with TNC
[  288.806534][ T8924] bridge1: entered promiscuous mode
[  288.811848][ T8924] bridge1: entered allmulticast mode
[  288.953451][ T8924] team0: Port device bridge1 added
[  290.225250][   T29] audit: type=1326 audit(1734977676.485:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8925 comm="syz.3.796" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6b5c385d29 code=0x0
[  291.187749][ T8952] nvme_fabrics: missing parameter 'transport=%s'
[  291.194962][ T8952] nvme_fabrics: missing parameter 'nqn=%s'
[  291.924852][   T29] audit: type=1400 audit(1734977678.425:497): avc:  denied  { setopt } for  pid=8954 comm="syz.2.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  292.311903][   T29] audit: type=1400 audit(1734977679.485:498): avc:  denied  { call } for  pid=8958 comm="syz.1.803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  292.833253][ T8966] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  296.100865][   T29] audit: type=1400 audit(1734977683.315:499): avc:  denied  { listen } for  pid=9011 comm="syz.3.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  296.356438][   T29] audit: type=1400 audit(1734977683.545:500): avc:  denied  { name_connect } for  pid=9015 comm="syz.1.818" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  296.406824][   T29] audit: type=1400 audit(1734977683.555:501): avc:  denied  { nlmsg_write } for  pid=9015 comm="syz.1.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  296.442058][    T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  297.330945][    T9] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  297.972941][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.981068][    T9] usb 3-1: Product: syz
[  297.985263][    T9] usb 3-1: Manufacturer: syz
[  297.989898][    T9] usb 3-1: SerialNumber: syz
[  297.996783][    T9] usb 3-1: config 0 descriptor??
[  298.780971][   T29] audit: type=1400 audit(1734977685.985:502): avc:  denied  { write } for  pid=9031 comm="syz.0.824" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  298.804290][    C0] vkms_vblank_simulate: vblank timer overrun
[  299.067515][    T9] usb 3-1: Firmware: major: 233, minor: 208, hardware type: UNKNOWN (243)
[  299.677287][    T9] usb 3-1: Read permanent extended address 00:00:00:00:00:00:00:d8 from device
[  299.686438][    T9] usb 3-1: atusb_probe: initialization failed, error = -524
[  299.694116][    T9] atusb 3-1:0.0: probe with driver atusb failed with error -524
[  299.886555][    T9] usb 3-1: USB disconnect, device number 14
[  299.993989][   T29] audit: type=1400 audit(1734977687.205:503): avc:  denied  { append } for  pid=9043 comm="syz.1.825" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  300.345926][ T9050] snd_dummy snd_dummy.0: control 2:16:0:syz0:-3 is already present
[  300.529152][ T9050] ax25_connect(): syz.3.828 uses autobind, please contact jreuter@yaina.de
[  300.542601][   T29] audit: type=1400 audit(1734977687.735:504): avc:  denied  { connect } for  pid=9049 comm="syz.3.828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  300.829421][    T9] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  300.899366][ T5860] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  300.981985][    T9] usb 4-1: config 0 has an invalid descriptor of length 33, skipping remainder of the config
[  301.014951][    T9] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  301.161419][    T9] usb 4-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[  301.175765][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.189375][ T5860] usb 2-1: Using ep0 maxpacket: 16
[  301.216751][ T5860] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  301.218231][    T9] usb 4-1: config 0 descriptor??
[  301.461240][ T5860] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  301.475975][ T5860] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  301.492470][ T5860] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.517325][ T5860] usb 2-1: Product: syz
[  301.536078][ T5860] usb 2-1: Manufacturer: syz
[  301.549322][ T5860] usb 2-1: SerialNumber: syz
[  301.567450][ T5860] usb 2-1: config 0 descriptor??
[  301.591306][ T5860] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  301.758889][ T5860] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  302.314822][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  302.322220][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  302.336874][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  302.344281][    T9] usb 4-1: string descriptor 0 read error: -32
[  302.374760][    T9] usb 4-1: USB disconnect, device number 35
[  302.569607][ T5860] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  302.576193][ T5860] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  302.819421][   T25] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  302.970731][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.003807][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.013986][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  303.027522][   T25] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  303.037546][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.078146][   T25] usb 3-1: config 0 descriptor??
[  303.385282][ T5860] em28xx 2-1:0.0: AC97 command still being executed: not handled properly!
[  303.429002][ T5860] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[  303.585043][   T25] prodikeys 0003:041E:2801.0009: unknown main item tag 0x0
[  303.599361][   T25] prodikeys 0003:041E:2801.0009: unknown main item tag 0x0
[  303.606838][   T25] prodikeys 0003:041E:2801.0009: unknown main item tag 0x0
[  303.614296][   T25] prodikeys 0003:041E:2801.0009: unknown main item tag 0x0
[  303.621742][   T25] prodikeys 0003:041E:2801.0009: unknown main item tag 0x0
[  303.641629][ T5860] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  303.796639][   T25] prodikeys 0003:041E:2801.0009: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.2-1/input0
[  303.808724][ T5860] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  303.817472][ T5860] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  303.825788][ T5860] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  303.835273][ T5860] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  303.850027][ T5860] usb 2-1: USB disconnect, device number 24
[  308.728411][   T29] audit: type=1400 audit(1734977695.935:505): avc:  denied  { bind } for  pid=9145 comm="syz.3.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  308.751878][   T29] audit: type=1400 audit(1734977695.935:506): avc:  denied  { write } for  pid=9145 comm="syz.3.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  309.927039][ T9156] netlink: 16 bytes leftover after parsing attributes in process `syz.2.854'.
[  309.943256][ T9158] random: crng reseeded on system resumption
[  309.953095][   T29] audit: type=1400 audit(1734977697.155:507): avc:  denied  { append } for  pid=9157 comm="syz.0.855" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  310.413792][ T9168] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  311.549383][ T5860] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  311.922667][    T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  312.055330][ T9178] netlink: 'syz.4.860': attribute type 16 has an invalid length.
[  312.069470][    T9] usb 1-1: device descriptor read/64, error -71
[  312.154611][   T29] audit: type=1400 audit(1734977699.365:508): avc:  denied  { bind } for  pid=9173 comm="syz.4.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  312.210841][   T29] audit: type=1400 audit(1734977699.375:509): avc:  denied  { node_bind } for  pid=9173 comm="syz.4.860" saddr=fe88::5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  312.242383][ T5860] usb 4-1: Using ep0 maxpacket: 32
[  312.268521][ T5860] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.311543][ T5860] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.329528][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  312.347384][ T5860] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  312.365287][ T5860] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  312.381775][ T5860] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.392840][ T5860] usb 4-1: config 0 descriptor??
[  312.459380][    T9] usb 1-1: device descriptor read/64, error -71
[  312.559290][ T5869] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  312.616977][    T9] usb usb1-port1: attempt power cycle
[  312.717069][ T9187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.731316][ T9187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.747478][ T9187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.756924][ T9187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.028169][ T5869] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.029685][ T5860] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.000A/input/input13
[  313.038295][ T5869] usb 2-1: config 0 has no interfaces?
[  313.055131][ T5869] usb 2-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  313.064217][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.074084][ T5869] usb 2-1: config 0 descriptor??
[  313.079358][    T9] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  313.106108][    T9] usb 1-1: device descriptor read/8, error -71
[  313.523959][ T5860] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.000A/input/input14
[  313.567990][ T5860] kye 0003:0458:5011.000A: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0
[  314.542334][ T5860] usb 4-1: reset high-speed USB device number 36 using dummy_hcd
[  315.179408][ T5860] usb 4-1: device descriptor read/64, error -32
[  315.430482][ T5860] usb 4-1: reset high-speed USB device number 36 using dummy_hcd
[  315.487078][   T29] audit: type=1326 audit(1734977702.695:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.487164][   T29] audit: type=1326 audit(1734977702.695:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.488395][   T29] audit: type=1326 audit(1734977702.695:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.488579][   T29] audit: type=1326 audit(1734977702.695:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.488710][   T29] audit: type=1326 audit(1734977702.695:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.488969][   T29] audit: type=1326 audit(1734977702.695:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.489096][   T29] audit: type=1326 audit(1734977702.695:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.579595][  T970] usb 2-1: USB disconnect, device number 25
[  315.586449][   T29] audit: type=1326 audit(1734977702.705:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.586488][   T29] audit: type=1326 audit(1734977702.705:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  315.586518][   T29] audit: type=1326 audit(1734977702.705:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9203 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc365185d29 code=0x7ffc0000
[  316.234445][   T25] usb 4-1: USB disconnect, device number 36
[  316.410991][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.2.872'.
[  316.479420][ T9226] fuse: Unknown parameter 'gro
„ý'
[  316.722827][ T9236] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.769420][    T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  316.880088][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  316.886404][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  317.703741][ T9236] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.827127][ T9236] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.876456][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  317.892750][    T9] usb 2-1: config 207 has an invalid interface number: 32 but max is 0
[  317.905312][    T9] usb 2-1: config 207 has no interface number 0
[  317.923413][    T9] usb 2-1: config 207 interface 32 altsetting 7 bulk endpoint 0x7 has invalid maxpacket 16
[  317.934589][    T9] usb 2-1: config 207 interface 32 has no altsetting 0
[  317.943312][    T9] usb 2-1: New USB device found, idVendor=1608, idProduct=021b, bcdDevice=c7.7a
[  317.943568][ T9236] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.952854][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.972111][    T9] usb 2-1: Product: syz
[  317.977011][    T9] usb 2-1: Manufacturer: syz
[  317.982205][    T9] usb 2-1: SerialNumber: syz
[  317.988599][ T9226] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  318.029355][  T970] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  318.033505][ T9236] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.051857][ T9236] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.064481][ T9236] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.076552][ T9236] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.079406][ T5862] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  318.209387][ T5860] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  318.209394][  T970] usb 5-1: Using ep0 maxpacket: 32
[  318.242530][    T9] io_ti 2-1:207.32: required endpoints missing
[  318.267752][  T970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.279163][ T5862] usb 4-1: Using ep0 maxpacket: 8
[  318.300310][    T9] usb 2-1: USB disconnect, device number 26
[  318.306830][  T970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.323492][ T5862] usb 4-1: config 6 has an invalid interface number: 2 but max is 0
[  318.335076][  T970] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  318.348043][ T5862] usb 4-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  318.358481][ T5862] usb 4-1: config 6 has no interface number 0
[  318.371398][ T5860] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.373239][  T970] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  318.399150][ T5860] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.403982][ T5862] usb 4-1: config 6 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  318.409084][ T5860] usb 1-1: config 0 interface 0 has no altsetting 0
[  318.428703][ T5860] usb 1-1: New USB device found, idVendor=0810, idProduct=0002, bcdDevice= 0.00
[  318.435012][  T970] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.437920][ T5860] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.453383][  T970] usb 5-1: config 0 descriptor??
[  318.464232][ T5860] usb 1-1: config 0 descriptor??
[  318.464736][ T5862] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  318.478776][ T5862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.489078][ T5862] usb 4-1: Product: syz
[  318.493969][ T5862] usb 4-1: Manufacturer: syz
[  318.498679][ T5862] usb 4-1: SerialNumber: syz
[  318.526319][ T5862] hso 4-1:6.2: Failed to find INT IN ep
[  319.103787][  T970] input: HID 0458:5011 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000B/input/input15
[  319.145006][    T9] usb 4-1: USB disconnect, device number 37
[  319.970878][  T970] input: HID 0458:5011 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000B/input/input16
[  319.986275][  T970] kye 0003:0458:5011.000B: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.4-1/input0
[  320.210714][ T5860] usbhid 1-1:0.0: can't add hid device: -71
[  320.216728][ T5860] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  320.232515][ T5860] usb 1-1: USB disconnect, device number 18
[  320.334720][ T9267] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  320.349140][ T5821] usb 5-1: reset high-speed USB device number 17 using dummy_hcd
[  320.359262][ T9267] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.165775][ T9289] FAULT_INJECTION: forcing a failure.
[  323.165775][ T9289] name failslab, interval 1, probability 0, space 0, times 0
[  323.179763][ T9289] CPU: 0 UID: 0 PID: 9289 Comm: syz.4.889 Not tainted 6.13.0-rc4-syzkaller #0
[  323.188614][ T9289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  323.198651][ T9289] Call Trace:
[  323.201926][ T9289]  <TASK>
[  323.204848][ T9289]  dump_stack_lvl+0x16c/0x1f0
[  323.209510][ T9289]  should_fail_ex+0x497/0x5b0
[  323.214168][ T9289]  ? fs_reclaim_acquire+0xae/0x150
[  323.219268][ T9289]  should_failslab+0xc2/0x120
[  323.223945][ T9289]  __kmalloc_cache_noprof+0x68/0x410
[  323.229229][ T9289]  allocate_file_region_entries+0x1a3/0x620
[  323.235127][ T9289]  ? __pfx_allocate_file_region_entries+0x10/0x10
[  323.241546][ T9289]  region_chg+0x85/0x140
[  323.245807][ T9289]  __vma_reservation_common+0x43d/0x740
[  323.251338][ T9289]  ? __pfx___vma_reservation_common+0x10/0x10
[  323.257391][ T9289]  alloc_hugetlb_folio+0x23c/0x15f0
[  323.262588][ T9289]  ? __pfx_alloc_hugetlb_folio+0x10/0x10
[  323.268225][ T9289]  ? __pfx_down_read+0x10/0x10
[  323.272973][ T9289]  ? __filemap_get_folio+0x2a5/0xaf0
[  323.278249][ T9289]  ? huge_pte_alloc+0x22e/0x3a0
[  323.283081][ T9289]  hugetlb_fault+0x1f65/0x2fb0
[  323.287827][ T9289]  ? rwsem_read_trylock+0x12d/0x250
[  323.293011][ T9289]  ? __pfx_hugetlb_fault+0x10/0x10
[  323.298112][ T9289]  ? find_held_lock+0x2d/0x110
[  323.302893][ T9289]  ? __pfx___up_read+0x10/0x10
[  323.307651][ T9289]  handle_mm_fault+0x930/0xaa0
[  323.312410][ T9289]  __get_user_pages+0x8d9/0x3b50
[  323.317346][ T9289]  ? __pfx___get_user_pages+0x10/0x10
[  323.322708][ T9289]  ? __mm_populate+0x21d/0x380
[  323.327470][ T9289]  populate_vma_page_range+0x27f/0x3a0
[  323.332923][ T9289]  ? __pfx_populate_vma_page_range+0x10/0x10
[  323.338896][ T9289]  ? __pfx_find_vma_intersection+0x10/0x10
[  323.344693][ T9289]  ? __do_sys_mlockall+0x2f0/0x580
[  323.349805][ T9289]  __mm_populate+0x1d6/0x380
[  323.354386][ T9289]  ? __pfx___mm_populate+0x10/0x10
[  323.359501][ T9289]  ? up_write+0x1b2/0x520
[  323.363832][ T9289]  __do_sys_mlockall+0x4df/0x580
[  323.368780][ T9289]  do_syscall_64+0xcd/0x250
[  323.373289][ T9289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.379179][ T9289] RIP: 0033:0x7f167ff85d29
[  323.383587][ T9289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.403208][ T9289] RSP: 002b:00007f1680d1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  323.411631][ T9289] RAX: ffffffffffffffda RBX: 00007f1680176080 RCX: 00007f167ff85d29
[  323.419591][ T9289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  323.427547][ T9289] RBP: 00007f1680d1c090 R08: 0000000000000000 R09: 0000000000000000
[  323.435503][ T9289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.443463][ T9289] R13: 0000000000000000 R14: 00007f1680176080 R15: 00007ffd1385cc88
[  323.451431][ T9289]  </TASK>
[  324.804609][ T5864] usb 5-1: USB disconnect, device number 17
[  326.834912][ T9325] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  326.991905][ T9321] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  327.765526][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  327.765543][   T29] audit: type=1326 audit(1734980274.289:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9316 comm="syz.4.898" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f167ff85d29 code=0x0
[  328.246428][   T29] audit: type=1400 audit(1734980275.459:568): avc:  denied  { connect } for  pid=9337 comm="syz.4.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  329.981635][ T9366] netlink: 8 bytes leftover after parsing attributes in process `syz.4.908'.
[  330.096800][ T9369] netlink: 104 bytes leftover after parsing attributes in process `syz.4.908'.
[  330.285364][   T29] audit: type=1326 audit(1734980277.499:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9364 comm="syz.1.909" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd44e385d29 code=0x0
[  331.748203][   T29] audit: type=1400 audit(1734980278.779:570): avc:  denied  { create } for  pid=9377 comm="syz.1.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  331.749789][ T9380] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  331.813864][   T29] audit: type=1400 audit(1734980278.779:571): avc:  denied  { ioctl } for  pid=9377 comm="syz.1.911" path="/dev/usbmon8" dev="devtmpfs" ino=745 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  332.049550][ T9384] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  332.154425][   T29] audit: type=1326 audit(1734980279.369:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.2.914" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7dd985d29 code=0x0
[  333.284484][   T29] audit: type=1804 audit(1734980280.500:573): pid=9409 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.916" name="/newroot/181/bus/file0" dev="overlay" ino=1003 res=1 errno=0
[  333.885846][ T9394] team0: Port device vlan0 removed
[  333.896517][ T9396] unknown channel width for channel at 909000KHz?
[  333.947458][   T25] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  334.745968][   T29] audit: type=1400 audit(1734980281.440:574): avc:  denied  { map } for  pid=9415 comm="syz.4.922" path="socket:[21740]" dev="sockfs" ino=21740 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  334.799724][   T25] usb 4-1: config index 0 descriptor too short (expected 9, got 0)
[  334.807815][   T25] usb 4-1: can't read configurations, error -22
[  334.861383][ T9409] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  334.968589][   T25] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  335.025628][ T9425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  335.035001][ T9425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  335.182326][   T25] usb 4-1: config index 0 descriptor too short (expected 9, got 0)
[  335.415128][ T5823] Bluetooth: hci0: command 0x0406 tx timeout
[  335.458897][   T25] usb 4-1: can't read configurations, error -22
[  335.465408][   T25] usb usb4-port1: attempt power cycle
[  335.578969][ T9433] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  335.848697][   T29] audit: type=1326 audit(1734980283.010:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9434 comm="syz.1.927" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd44e385d29 code=0x0
[  336.165910][ T9451] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  337.156670][   T29] audit: type=1400 audit(1734980284.190:576): avc:  denied  { execute } for  pid=9453 comm="syz.3.932" path="/dev/dsp1" dev="devtmpfs" ino=1289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  338.407935][   T29] audit: type=1400 audit(1734980285.630:577): avc:  denied  { connect } for  pid=9477 comm="syz.3.938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  338.891107][ T9487] netlink: 12 bytes leftover after parsing attributes in process `syz.1.941'.
[  339.213780][    T9] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  339.816732][    T9] usb 2-1: Using ep0 maxpacket: 8
[  339.823962][    T9] usb 2-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  339.836125][    T9] usb 2-1: config 246 descriptor has 1 excess byte, ignoring
[  340.116901][   T29] audit: type=1326 audit(1734980287.130:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9496 comm="syz.2.944" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7dd985d29 code=0x0
[  340.475060][    T9] usb 2-1: config 246 has 1 interface, different from the descriptor's value: 42
[  340.497374][    T9] usb 2-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  340.501277][   T29] audit: type=1400 audit(1734980287.200:579): avc:  denied  { nlmsg_read } for  pid=9496 comm="syz.2.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  340.509249][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  340.590219][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  340.609744][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  340.648975][    T9] usb 2-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  340.660000][    T9] usb 2-1: config 246 descriptor has 1 excess byte, ignoring
[  340.667977][    T9] usb 2-1: config 246 has 1 interface, different from the descriptor's value: 42
[  340.677594][    T9] usb 2-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  340.690263][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  340.728217][ T9508] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  340.752561][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  340.773952][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  340.807967][    T9] usb 2-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  340.819204][    T9] usb 2-1: config 246 descriptor has 1 excess byte, ignoring
[  340.827090][    T9] usb 2-1: config 246 has 1 interface, different from the descriptor's value: 42
[  340.836447][    T9] usb 2-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  340.933330][   T29] audit: type=1326 audit(1734980288.121:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5c385d29 code=0x7ffc0000
[  340.960586][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  340.972980][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  340.985121][    T9] usb 2-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  341.358906][   T29] audit: type=1326 audit(1734980288.121:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5c385d29 code=0x7ffc0000
[  341.385411][   T29] audit: type=1326 audit(1734980288.121:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f6b5c385d29 code=0x7ffc0000
[  341.548693][    T9] usb 2-1: string descriptor 0 read error: -22
[  341.578178][    T9] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  341.587206][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.599902][    T9] adutux 2-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  341.704184][   T29] audit: type=1326 audit(1734980288.121:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5c385d29 code=0x7ffc0000
[  341.751771][   T29] audit: type=1326 audit(1734980288.121:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5c385d29 code=0x7ffc0000
[  342.140788][   T29] audit: type=1326 audit(1734980288.131:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6b5c384690 code=0x7ffc0000
[  342.170191][   T29] audit: type=1326 audit(1734980288.131:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.3.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f6b5c387557 code=0x7ffc0000
[  342.270494][ T9523] atomic_op ffff88801bb53198 conn xmit_atomic 0000000000000000
[  342.403549][ T9517] netlink: 24576 bytes leftover after parsing attributes in process `syz.0.950'.
[  342.473368][   T51] usb 2-1: USB disconnect, device number 27
[  344.184793][ T9544] XFS (nullb0): no-recovery mounts must be read-only.
[  344.600126][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  344.600160][   T29] audit: type=1326 audit(1734980291.741:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.1.956" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd44e385d29 code=0x0
[  345.757865][ T9554] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  349.390625][ T9601] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  349.411012][ T9601] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.145997][   T29] audit: type=1400 audit(1734980297.362:613): avc:  denied  { write } for  pid=9604 comm="syz.3.974" name="usbmon4" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  350.169924][   T29] audit: type=1400 audit(1734980297.382:614): avc:  denied  { getopt } for  pid=9604 comm="syz.3.974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  350.491243][ T9614] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  350.817069][   T29] audit: type=1400 audit(1734980297.732:615): avc:  denied  { read } for  pid=9606 comm="syz.1.975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  353.985205][   T29] audit: type=1804 audit(1734980301.172:616): pid=9661 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.985" name="/newroot/207/bus/file1" dev="overlay" ino=1162 res=1 errno=0
[  354.084809][   T29] audit: type=1400 audit(1734980301.192:617): avc:  denied  { watch } for  pid=9653 comm="syz.0.985" path="/207/bus/file1" dev="overlay" ino=1162 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  354.590405][ T9671] netlink: 'syz.2.988': attribute type 10 has an invalid length.
[  354.634498][ T9671] 8021q: adding VLAN 0 to HW filter on device team0
[  354.653073][ T9671] bond0: (slave team0): Enslaving as an active interface with an up link
[  354.694647][   T29] audit: type=1400 audit(1734980301.902:618): avc:  denied  { setopt } for  pid=9670 comm="syz.2.988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  354.714891][    C1] vkms_vblank_simulate: vblank timer overrun
[  354.725013][   T51] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  354.958119][   T51] usb 4-1: Using ep0 maxpacket: 16
[  355.336902][   T51] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  355.359816][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  355.370765][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  355.380483][   T51] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  355.390217][   T51] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  355.425784][   T51] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  355.434980][   T51] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  355.459941][   T51] usb 4-1: Manufacturer: syz
[  356.102801][   T51] usb 4-1: config 0 descriptor??
[  357.443006][ T9703] netlink: 20 bytes leftover after parsing attributes in process `syz.4.999'.
[  357.524551][   T51] rc_core: IR keymap rc-hauppauge not found
[  357.530504][   T51] Registered IR keymap rc-empty
[  357.537148][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.564582][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.587485][   T51] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  357.610528][   T51] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input17
[  357.636754][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.677321][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.708216][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.864652][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.884685][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  357.905008][ T5864] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  357.913339][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  358.064622][ T5864] usb 5-1: Using ep0 maxpacket: 32
[  358.077493][ T5864] usb 5-1: config 0 interface 0 has no altsetting 0
[  358.129829][ T5864] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  358.331021][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.353939][ T5864] usb 5-1: Product: syz
[  358.358553][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  358.366648][ T5864] usb 5-1: Manufacturer: syz
[  358.371399][ T5864] usb 5-1: SerialNumber: syz
[  358.384505][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  358.397532][ T5864] usb 5-1: config 0 descriptor??
[  358.414600][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  358.444731][   T51] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  358.477570][   T51] mceusb 4-1:0.0: Registered Е with mce emulator interface version 1
[  358.489208][   T51] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  358.842403][ T5864] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  359.192938][    T9] usb 4-1: USB disconnect, device number 41
[  359.239432][ T9710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  359.258377][ T9710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.350598][ T5864] gs_usb 5-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[  359.375536][ T5864] usb 5-1: USB disconnect, device number 18
[  359.510011][ T9731] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  360.014310][ T5864] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  360.535560][ T5864] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  360.546487][ T5864] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  360.576604][ T5864] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  360.591052][ T5864] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.591703][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  360.629688][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  360.634167][ T5864] usb 4-1: Product: syz
[  360.656548][ T9747] overlayfs: failed to get inode (-116)
[  360.669932][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  360.669983][ T5864] usb 4-1: Manufacturer: syz
[  360.671118][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  360.684950][ T9747] overlayfs: failed to look up (file0) for ino (-116)
[  360.708697][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  360.730321][ T5864] usb 4-1: SerialNumber: syz
[  360.972672][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  360.982704][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'.
[  361.125807][ T9745] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  361.968465][ T9736] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  362.648242][ T9766] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  362.716628][ T9766] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  362.973072][   T29] audit: type=1326 audit(1734980310.183:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9767 comm="syz.1.1018" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd44e385d29 code=0x0
[  362.995791][    C1] vkms_vblank_simulate: vblank timer overrun
[  363.147585][ T9736] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  363.497200][ T5864] cdc_mbim 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  363.504597][ T5864] cdc_mbim 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  363.514797][ T5864] cdc_mbim 4-1:1.0: setting rx_max = 2048
[  363.605870][ T9773] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  363.868495][ T5864] cdc_mbim 4-1:1.0: setting tx_max = 184
[  363.883341][ T5864] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device
[  364.059934][   T29] audit: type=1326 audit(1734980311.183:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9774 comm="syz.1.1019" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd44e385d29 code=0x0
[  364.900142][ T5864] wwan wwan0: port wwan0mbim0 attached
[  364.980935][ T5864] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 42:42:42:42:42:42
[  365.044125][ T5864] usb 4-1: USB disconnect, device number 42
[  365.050619][ T5864] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM
[  365.792031][ T9797] netlink: 4088 bytes leftover after parsing attributes in process `syz.1.1024'.
[  365.820850][ T9797] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1024'.
[  365.839397][ T9797] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9797 comm=syz.1.1024
[  365.966103][ T5864] wwan wwan0: port wwan0mbim0 disconnected
[  366.982297][ T9818] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  367.105729][ T9821] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  367.996371][ T9833] atomic_op ffff88805a6c5198 conn xmit_atomic 0000000000000000
[  370.114778][ T5862] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  370.453308][ T5862] usb 5-1: Using ep0 maxpacket: 32
[  370.464090][ T5862] usb 5-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=ac.b4
[  370.473328][ T5862] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.481317][ T5862] usb 5-1: Product: syz
[  370.698340][ T5862] usb 5-1: Manufacturer: syz
[  371.101423][ T5862] usb 5-1: SerialNumber: syz
[  371.126435][ T5862] usb 5-1: config 0 descriptor??
[  371.131752][ T5862] usb 5-1: can't set config #0, error -71
[  371.140293][ T5862] usb 5-1: USB disconnect, device number 19
[  371.165995][ T5823] Bluetooth: hci1: unexpected event for opcode 0x0c5b
[  371.652127][ T5862] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  371.792350][ T9872] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  372.066253][ T5862] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  372.109538][ T5862] usb 5-1: config 0 has no interfaces?
[  372.345714][ T5862] usb 5-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  372.451194][ T5862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.517322][ T5862] usb 5-1: config 0 descriptor??
[  372.803292][ T9880] FAULT_INJECTION: forcing a failure.
[  372.803292][ T9880] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  372.816839][ T9880] CPU: 0 UID: 0 PID: 9880 Comm: syz.1.1047 Not tainted 6.13.0-rc4-syzkaller #0
[  372.825751][ T9880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  372.835779][ T9880] Call Trace:
[  372.839036][ T9880]  <TASK>
[  372.841943][ T9880]  dump_stack_lvl+0x16c/0x1f0
[  372.846600][ T9880]  should_fail_ex+0x497/0x5b0
[  372.851256][ T9880]  ? fs_reclaim_acquire+0xae/0x150
[  372.856341][ T9880]  should_fail_alloc_page+0xe7/0x130
[  372.861605][ T9880]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  372.867731][ T9880]  ? __pfx_lock_release+0x10/0x10
[  372.872742][ T9880]  __alloc_pages_noprof+0x190/0x25b0
[  372.878025][ T9880]  ? __pfx_mark_lock+0x10/0x10
[  372.882776][ T9880]  ? find_held_lock+0x2d/0x110
[  372.887518][ T9880]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  372.893219][ T9880]  ? hlock_class+0x4e/0x130
[  372.897699][ T9880]  ? mark_lock+0xb5/0xc60
[  372.902006][ T9880]  ? hlock_class+0x4e/0x130
[  372.906487][ T9880]  ? mark_lock+0xb5/0xc60
[  372.910789][ T9880]  ? __pfx___lock_acquire+0x10/0x10
[  372.915961][ T9880]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.921830][ T9880]  ? policy_nodemask+0xea/0x4e0
[  372.926661][ T9880]  alloc_pages_mpol_noprof+0x2c9/0x610
[  372.932116][ T9880]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  372.938098][ T9880]  ? __lock_acquire+0xcc5/0x3c40
[  372.943022][ T9880]  ? find_held_lock+0x2d/0x110
[  372.947776][ T9880]  folio_alloc_mpol_noprof+0x36/0xd0
[  372.953047][ T9880]  vma_alloc_folio_noprof+0xee/0x1b0
[  372.958315][ T9880]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  372.964189][ T9880]  ? __pfx___lock_acquire+0x10/0x10
[  372.969378][ T9880]  do_wp_page+0x105a/0x4670
[  372.973859][ T9880]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  372.979475][ T9880]  ? __pfx_do_wp_page+0x10/0x10
[  372.984299][ T9880]  ? rcu_is_watching+0x12/0xc0
[  372.989051][ T9880]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  372.994398][ T9880]  ? lock_acquire+0x2f/0xb0
[  372.998874][ T9880]  ? __handle_mm_fault+0xdfa/0x2a40
[  373.004051][ T9880]  __handle_mm_fault+0x1ade/0x2a40
[  373.009141][ T9880]  ? __pfx___handle_mm_fault+0x10/0x10
[  373.014574][ T9880]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  373.020187][ T9880]  ? find_vma+0xc0/0x140
[  373.024404][ T9880]  ? __pfx_find_vma+0x10/0x10
[  373.029064][ T9880]  handle_mm_fault+0x3fa/0xaa0
[  373.033806][ T9880]  do_user_addr_fault+0x7a3/0x13f0
[  373.038904][ T9880]  exc_page_fault+0x5c/0xc0
[  373.043384][ T9880]  asm_exc_page_fault+0x26/0x30
[  373.048226][ T9880] RIP: 0010:__put_user_4+0x11/0x20
[  373.053313][ T9880] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  373.072894][ T9880] RSP: 0018:ffffc90003ecfcf0 EFLAGS: 00050202
[  373.078934][ T9880] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020001c38
[  373.086880][ T9880] RDX: ffff8880296fa440 RSI: ffffffff8900040a RDI: ffffffff8bd1ed20
[  373.094827][ T9880] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20be6d2
[  373.102772][ T9880] R10: ffffffff905f3697 R11: 0000000000000000 R12: 0000000000040840
[  373.110717][ T9880] R13: 0000000020001c00 R14: 0000000000000158 R15: 0000000000000159
[  373.118677][ T9880]  ? __sys_sendmmsg+0x22a/0x420
[  373.123506][ T9880]  __sys_sendmmsg+0x235/0x420
[  373.128158][ T9880]  ? __pfx___sys_sendmmsg+0x10/0x10
[  373.133335][ T9880]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  373.139296][ T9880]  ? fput+0x67/0x440
[  373.143169][ T9880]  ? ksys_write+0x1ba/0x250
[  373.147646][ T9880]  ? __pfx_ksys_write+0x10/0x10
[  373.152472][ T9880]  __x64_sys_sendmmsg+0x9c/0x100
[  373.157381][ T9880]  ? lockdep_hardirqs_on+0x7c/0x110
[  373.162563][ T9880]  do_syscall_64+0xcd/0x250
[  373.167044][ T9880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.172914][ T9880] RIP: 0033:0x7fd44e385d29
[  373.177315][ T9880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.196895][ T9880] RSP: 002b:00007fd44f0e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  373.205282][ T9880] RAX: ffffffffffffffda RBX: 00007fd44e575fa0 RCX: 00007fd44e385d29
[  373.213226][ T9880] RDX: 0400000000000159 RSI: 0000000020001c00 RDI: 0000000000000004
[  373.221180][ T9880] RBP: 00007fd44f0e4090 R08: 0000000000000000 R09: 0000000000000000
[  373.229123][ T9880] R10: 0000000000040840 R11: 0000000000000246 R12: 0000000000000001
[  373.237068][ T9880] R13: 0000000000000000 R14: 00007fd44e575fa0 R15: 00007ffdd3399ff8
[  373.245038][ T9880]  </TASK>
[  374.672920][   T29] audit: type=1400 audit(1734980321.755:621): avc:  denied  { ioctl } for  pid=9892 comm="syz.2.1050" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  375.645142][ T5864] usb 5-1: USB disconnect, device number 20
[  377.109303][ T9922] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  377.162524][ T9929] dccp_invalid_packet: P.type (SYNCACK) not Data || [Data]Ack, while P.X == 0
[  377.377280][ T9935] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  377.476270][ T9937] nvme_fabrics: missing parameter 'transport=%s'
[  377.482743][ T9937] nvme_fabrics: missing parameter 'nqn=%s'
[  377.562229][  T970] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  377.736171][  T970] usb 1-1: Using ep0 maxpacket: 8
[  377.746431][  T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.765963][  T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  377.776004][  T970] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  377.864992][  T970] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.020515][  T970] usb 1-1: config 0 descriptor??
[  378.672577][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  378.678896][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  379.028172][  T970] stadia 0003:18D1:9400.000C: unknown main item tag 0x0
[  379.051941][  T970] stadia 0003:18D1:9400.000C: unknown main item tag 0x0
[  379.071980][  T970] stadia 0003:18D1:9400.000C: unknown main item tag 0x0
[  379.078948][  T970] stadia 0003:18D1:9400.000C: unknown main item tag 0x0
[  379.102004][  T970] stadia 0003:18D1:9400.000C: unknown main item tag 0x0
[  379.106640][ T9929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  379.108964][  T970] stadia 0003:18D1:9400.000C: item fetching failed at offset 5/7
[  379.121990][ T5823] Bluetooth: hci0: command 0x0406 tx timeout
[  379.137158][ T9929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  379.160448][ T9929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  379.170284][ T9929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  379.172225][  T970] stadia 0003:18D1:9400.000C: parse failed
[  379.229989][  T970] stadia 0003:18D1:9400.000C: probe with driver stadia failed with error -22
[  379.334810][  T970] usb 1-1: USB disconnect, device number 19
[  380.001884][   T25] usb 5-1: new low-speed USB device number 21 using dummy_hcd
[  380.132158][   T29] audit: type=1400 audit(1734980327.345:622): avc:  denied  { map } for  pid=9966 comm="syz.0.1069" path="socket:[23862]" dev="sockfs" ino=23862 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  380.277231][   T25] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  380.328241][   T25] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  380.402234][   T25] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  380.827226][   T25] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  380.922962][   T25] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84
[  380.969430][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  380.991393][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  381.031985][   T25] usb 5-1: string descriptor 0 read error: -22
[  381.038395][   T25] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  381.061331][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.189224][   T25] usb 5-1: config 0 descriptor??
[  381.209032][ T9959] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  381.278880][   T25] hub 5-1:0.0: bad descriptor, ignoring hub
[  381.285140][   T25] hub 5-1:0.0: probe with driver hub failed with error -5
[  381.360530][   T25] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input18
[  381.454963][   T29] audit: type=1400 audit(1734980328.675:623): avc:  denied  { read write } for  pid=9958 comm="syz.4.1066" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  381.539759][   T29] audit: type=1400 audit(1734980328.675:624): avc:  denied  { open } for  pid=9958 comm="syz.4.1066" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  381.571625][   T29] audit: type=1400 audit(1734980328.675:625): avc:  denied  { ioctl } for  pid=9958 comm="syz.4.1066" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  381.573860][ T9984] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  381.597096][   T29] audit: type=1400 audit(1734980328.675:626): avc:  denied  { ioctl } for  pid=9958 comm="syz.4.1066" path="socket:[23882]" dev="sockfs" ino=23882 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  381.630889][   T29] audit: type=1400 audit(1734980328.675:627): avc:  denied  { setopt } for  pid=9958 comm="syz.4.1066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  381.667244][    T9] usb 5-1: USB disconnect, device number 21
[  381.673199][    C0] usb_acecad 5-1:0.0: can't resubmit intr, dummy_hcd.4-1/input0, status -19
[  381.778966][ T9986] nvme_fabrics: missing parameter 'transport=%s'
[  381.785433][ T9986] nvme_fabrics: missing parameter 'nqn=%s'
[  384.001113][   T25] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  384.415897][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  384.459675][   T25] usb 5-1: config 0 has no interfaces?
[  384.493020][   T25] usb 5-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  384.553024][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.713783][   T25] usb 5-1: config 0 descriptor??
[  385.306093][T10025] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  388.009095][   T25] usb 5-1: USB disconnect, device number 22
[  388.805992][T10053] netlink: 'syz.1.1091': attribute type 1 has an invalid length.
[  388.880816][   T25] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  389.070925][   T25] usb 5-1: Using ep0 maxpacket: 16
[  389.086695][   T25] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  389.133344][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  389.217129][   T25] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  389.236583][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.265396][T10078] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  389.266948][   T25] usb 5-1: Product: syz
[  389.318956][   T25] usb 5-1: Manufacturer: syz
[  389.339151][   T25] usb 5-1: SerialNumber: syz
[  389.350787][   T25] usb 5-1: config 0 descriptor??
[  389.378315][   T25] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  389.407975][   T25] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  389.885949][   T29] audit: type=1400 audit(1734980337.106:628): avc:  denied  { bind } for  pid=10080 comm="syz.0.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  390.131625][   T25] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  390.144738][   T25] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  390.940724][   T25] em28xx 5-1:0.0: AC97 command still being executed: not handled properly!
[  390.949792][   T25] em28xx 5-1:0.0: Unknown AC97 audio processor detected!
[  391.189485][   T25] em28xx 5-1:0.0: couldn't setup AC97 register 2
[  391.203883][   T25] em28xx 5-1:0.0: couldn't setup AC97 register 4
[  391.213283][   T25] em28xx 5-1:0.0: couldn't setup AC97 register 6
[  391.220357][   T25] em28xx 5-1:0.0: couldn't setup AC97 register 54
[  391.339929][   T25] em28xx 5-1:0.0: couldn't setup AC97 register 56
[  391.430654][   T25] usb 5-1: USB disconnect, device number 23
[  393.271364][T10118] FAULT_INJECTION: forcing a failure.
[  393.271364][T10118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.284836][T10118] CPU: 0 UID: 0 PID: 10118 Comm: syz.0.1108 Not tainted 6.13.0-rc4-syzkaller #0
[  393.293876][T10118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  393.303935][T10118] Call Trace:
[  393.307203][T10118]  <TASK>
[  393.310118][T10118]  dump_stack_lvl+0x16c/0x1f0
[  393.314789][T10118]  should_fail_ex+0x497/0x5b0
[  393.319449][T10118]  _copy_from_iter+0x2a1/0x1560
[  393.324280][T10118]  ? trace_lock_acquire+0x14e/0x1f0
[  393.329458][T10118]  ? __alloc_skb+0x1fe/0x380
[  393.334029][T10118]  ? __pfx__copy_from_iter+0x10/0x10
[  393.339292][T10118]  ? __virt_addr_valid+0x1a4/0x590
[  393.344382][T10118]  ? __virt_addr_valid+0x5e/0x590
[  393.349383][T10118]  ? __phys_addr_symbol+0x30/0x80
[  393.354396][T10118]  ? __check_object_size+0x488/0x710
[  393.359658][T10118]  netlink_sendmsg+0x813/0xd70
[  393.364403][T10118]  ? __pfx_netlink_sendmsg+0x10/0x10
[  393.369670][T10118]  ____sys_sendmsg+0xaaf/0xc90
[  393.374438][T10118]  ? copy_msghdr_from_user+0x10b/0x160
[  393.379885][T10118]  ? __pfx_____sys_sendmsg+0x10/0x10
[  393.385166][T10118]  ___sys_sendmsg+0x135/0x1e0
[  393.389825][T10118]  ? __pfx____sys_sendmsg+0x10/0x10
[  393.395023][T10118]  ? __pfx_lock_release+0x10/0x10
[  393.400040][T10118]  ? trace_lock_acquire+0x14e/0x1f0
[  393.405233][T10118]  ? __fget_files+0x206/0x3a0
[  393.409889][T10118]  __sys_sendmsg+0x16e/0x220
[  393.414457][T10118]  ? __pfx___sys_sendmsg+0x10/0x10
[  393.419559][T10118]  do_syscall_64+0xcd/0x250
[  393.424044][T10118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.429914][T10118] RIP: 0033:0x7fc365185d29
[  393.434305][T10118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.453899][T10118] RSP: 002b:00007fc3660a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  393.462293][T10118] RAX: ffffffffffffffda RBX: 00007fc365375fa0 RCX: 00007fc365185d29
[  393.470241][T10118] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004
[  393.478186][T10118] RBP: 00007fc3660a0090 R08: 0000000000000000 R09: 0000000000000000
[  393.486142][T10118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.494106][T10118] R13: 0000000000000000 R14: 00007fc365375fa0 R15: 00007ffcc382a528
[  393.502082][T10118]  </TASK>
[  393.505188][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.841049][ T5862] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  394.466550][T10133] nvme_fabrics: missing parameter 'transport=%s'
[  394.473215][T10133] nvme_fabrics: missing parameter 'nqn=%s'
[  394.480859][ T5862] usb 4-1: Using ep0 maxpacket: 32
[  394.505962][ T5862] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  394.517867][ T5862] usb 4-1: config 0 has no interface number 0
[  394.886032][ T5862] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  394.898493][ T5862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.949505][ T5862] usb 4-1: Product: syz
[  394.953964][   T29] audit: type=1400 audit(1734980342.177:629): avc:  denied  { write } for  pid=10141 comm="syz.4.1115" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  394.993173][ T5862] usb 4-1: Manufacturer: syz
[  394.998123][ T5862] usb 4-1: SerialNumber: syz
[  395.012563][   T29] audit: type=1400 audit(1734980342.177:630): avc:  denied  { open } for  pid=10141 comm="syz.4.1115" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  395.036980][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.046512][ T5862] usb 4-1: config 0 descriptor??
[  395.064461][ T5862] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  395.311685][T10147] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  395.336294][T10122] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  395.353017][T10122] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  395.480809][   T51] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  395.493409][T10151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  395.512694][T10151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  396.224280][   T51] usb 1-1: Using ep0 maxpacket: 8
[  396.240727][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  396.271703][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  396.279724][ T5862] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  396.294981][ T5862] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  396.337035][   T51] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  396.367379][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  396.378576][   T51] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  396.388627][   T51] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  396.397876][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.502096][   T51] usb 1-1: config 0 descriptor??
[  396.508719][T10140] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  396.519220][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  396.519855][   T25] usb 4-1: USB disconnect, device number 43
[  396.550174][   T25] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  396.573462][   T25] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  396.587167][   T25] quatech2 4-1:0.51: device disconnected
[  396.729866][ T5864] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  396.819900][   T51] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  396.882043][ T5864] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  396.892334][ T5864] usb 5-1: config 0 has no interfaces?
[  396.897869][ T5864] usb 5-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  396.907256][ T5864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.916896][ T5864] usb 5-1: config 0 descriptor??
[  396.974939][ T5864] usb 1-1: USB disconnect, device number 20
[  396.976608][ T5823] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  396.990858][   T51] usb 2-1: Using ep0 maxpacket: 32
[  397.014946][   T51] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  397.025011][   T51] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.045034][   T51] usb 2-1: Product: syz
[  397.065047][   T51] usb 2-1: Manufacturer: syz
[  397.235394][   T51] usb 2-1: SerialNumber: syz
[  397.257327][   T51] usb 2-1: config 0 descriptor??
[  397.309324][   T51] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  398.019705][   T51] gspca_ov534_9: reg_w failed -110
[  398.379276][T10168] bridge1: entered promiscuous mode
[  398.384687][T10168] bridge1: entered allmulticast mode
[  398.396302][T10168] team0: Port device bridge1 added
[  398.691838][   T51] gspca_ov534_9: Unknown sensor 0000
[  398.692483][   T51] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22
[  398.828693][   T29] audit: type=1400 audit(1734980346.048:631): avc:  denied  { ioctl } for  pid=10171 comm="syz.2.1122" path="socket:[24940]" dev="sockfs" ino=24940 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  398.853410][    C0] vkms_vblank_simulate: vblank timer overrun
[  398.919687][  T970] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  399.114851][T10180] xt_ipvs: protocol family 7 not supported
[  399.164899][  T970] usb 1-1: Using ep0 maxpacket: 32
[  399.171740][  T970] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  399.186326][  T970] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  399.200790][  T970] usb 1-1: config 0 has no interface number 0
[  399.209069][  T970] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  399.629785][  T970] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.630113][   T51] usb 5-1: USB disconnect, device number 24
[  399.637830][  T970] usb 1-1: Product: syz
[  399.647901][  T970] usb 1-1: Manufacturer: syz
[  399.652727][  T970] usb 1-1: SerialNumber: syz
[  399.680258][  T970] usb 1-1: config 0 descriptor??
[  399.699336][  T970] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  400.103453][T10189] nvme_fabrics: missing parameter 'transport=%s'
[  400.110721][T10189] nvme_fabrics: missing parameter 'nqn=%s'
[  401.057039][    T9] usb 2-1: USB disconnect, device number 28
[  401.973187][  T970] usb 1-1: qt2_attach - failed to power on unit: -71
[  401.986348][  T970] quatech2 1-1:0.51: probe with driver quatech2 failed with error -71
[  401.997334][  T970] usb 1-1: USB disconnect, device number 21
[  402.306186][T10213] binder_alloc: 10207: binder_alloc_buf, no vma
[  403.297177][T10217] bridge2: entered promiscuous mode
[  403.321069][T10217] bridge2: entered allmulticast mode
[  403.360901][T10217] team0: Port device bridge2 added
[  403.500790][   T29] audit: type=1400 audit(1734980350.728:632): avc:  denied  { read } for  pid=10227 comm="syz.2.1127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  403.548544][T10229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  403.569947][T10230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  403.578399][T10230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.599201][T10229] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.619024][  T970] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  403.626655][    T9] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  403.789088][  T970] usb 1-1: Using ep0 maxpacket: 16
[  403.796797][    T9] usb 2-1: Using ep0 maxpacket: 8
[  403.803782][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  403.822408][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  403.832607][  T970] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  403.844264][    T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  403.860294][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  403.877889][  T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  403.894712][    T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  403.905209][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  403.920407][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.929523][  T970] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  403.961889][  T970] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.970515][  T970] usb 1-1: Product: syz
[  403.975538][    T9] usb 2-1: config 0 descriptor??
[  403.987011][  T970] usb 1-1: Manufacturer: syz
[  403.992031][T10223] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  404.967554][  T970] usb 1-1: SerialNumber: syz
[  405.020600][  T970] usb 1-1: config 0 descriptor??
[  405.183561][T10243] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  405.230668][T10243] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  405.858814][   T25] usb 2-1: USB disconnect, device number 29
[  405.868137][ T5829] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  405.962356][  T970] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  405.966413][T10253] evm: overlay not supported
[  405.971869][  T970] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  406.052643][   T29] audit: type=1804 audit(1734980353.278:633): pid=10253 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.1140" name="/newroot/226/bus/bus" dev="overlay" ino=1243 res=1 errno=0
[  406.088412][   T51] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  406.203265][  T970] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  406.258840][  T970] em28xx 1-1:0.0: Config register raw data: 0xfffffffb
[  406.298779][   T51] usb 4-1: Using ep0 maxpacket: 32
[  406.449222][   T51] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  406.458349][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.486494][   T51] usb 4-1: Product: syz
[  406.495183][   T51] usb 4-1: Manufacturer: syz
[  406.512474][   T51] usb 4-1: SerialNumber: syz
[  406.547888][   T51] usb 4-1: config 0 descriptor??
[  406.580401][   T51] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  407.038657][  T970] em28xx 1-1:0.0: AC97 command still being executed: not handled properly!
[  407.047462][  T970] em28xx 1-1:0.0: Unknown AC97 audio processor detected!
[  407.175748][  T970] em28xx 1-1:0.0: couldn't setup AC97 register 2
[  407.194180][  T970] em28xx 1-1:0.0: couldn't setup AC97 register 4
[  407.207326][  T970] em28xx 1-1:0.0: couldn't setup AC97 register 6
[  407.221347][  T970] em28xx 1-1:0.0: couldn't setup AC97 register 54
[  407.234617][  T970] em28xx 1-1:0.0: couldn't setup AC97 register 56
[  407.257399][  T970] usb 1-1: USB disconnect, device number 22
[  407.378388][ T5821] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  407.547993][ T5821] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  407.573323][ T5821] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  407.621260][   T51] gspca_ov534_9: reg_w failed -110
[  407.662449][ T5821] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  407.740307][ T5821] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.824990][T10270] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  407.837497][ T5821] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  407.968955][   T51] gspca_ov534_9: Unknown sensor 0000
[  407.969317][   T51] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[  408.083371][   T51] usb 4-1: USB disconnect, device number 44
[  408.381927][T10279] bridge2: entered promiscuous mode
[  408.402197][T10279] bridge2: entered allmulticast mode
[  408.527189][T10279] team0: Port device bridge2 added
[  409.825518][T10302] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1153'.
[  410.858499][   T51] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  410.892629][T10317] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  411.075364][   T51] usb 2-1: Using ep0 maxpacket: 16
[  411.114893][   T51] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  411.132019][   T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  411.161657][   T51] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  411.179647][   T51] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.198151][   T51] usb 2-1: Product: syz
[  411.204555][   T51] usb 2-1: Manufacturer: syz
[  411.209472][   T51] usb 2-1: SerialNumber: syz
[  411.339095][   T51] usb 2-1: config 0 descriptor??
[  411.384823][   T51] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  411.400908][   T51] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  411.470185][T10320] nvme_fabrics: missing parameter 'transport=%s'
[  411.476596][T10320] nvme_fabrics: missing parameter 'nqn=%s'
[  411.524047][ T5821] usb 5-1: USB disconnect, device number 25
[  411.868079][ T5821] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  411.954785][   T51] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  411.961368][   T51] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  412.019968][ T5821] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  412.063333][ T5821] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  412.119509][ T5821] usb 5-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00
[  412.159824][ T5821] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.205135][ T5821] usb 5-1: config 0 descriptor??
[  412.642504][T10325] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.1161' sets config #1
[  412.907929][   T29] audit: type=1400 audit(2000000000.230:634): avc:  denied  { read append } for  pid=10324 comm="syz.4.1161" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  517.657813][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  517.657833][    C1] rcu: 	0-...!: (1 GPs behind) idle=e7d4/1/0x4000000000000000 softirq=34421/34422 fqs=20
[  517.658425][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=30373, q=214 ncpus=2)
[  517.658445][    C1] Sending NMI from CPU 1 to CPUs 0:
[  517.658467][    C0] NMI backtrace for cpu 0
[  517.658475][    C0] CPU: 0 UID: 0 PID: 10325 Comm: syz.4.1161 Not tainted 6.13.0-rc4-syzkaller #0
[  517.658491][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  517.658499][    C0] RIP: 0010:debug_smp_processor_id+0x0/0x20
[  517.658522][    C0] Code: e8 45 7c 4f f6 e8 d0 81 f4 ff 90 65 ff 0d 50 09 da 74 e9 40 ff ff ff 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 c7 c6 a0 ec d1 8b 48 c7 c7 e0 ec d1 8b e9 f9 fe ff
[  517.658535][    C0] RSP: 0018:ffffc90000007cd0 EFLAGS: 00000003
[  517.658547][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8175dcac
[  517.658557][    C0] RDX: fffffbfff20be6d3 RSI: 0000000000000008 RDI: ffffffff905f3690
[  517.658566][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20be6d2
[  517.658574][    C0] R10: ffffffff905f3697 R11: 0000000000000003 R12: 0000000000000000
[  517.658583][    C0] R13: 000000000003d90c R14: 0000000000000000 R15: 0000000000000000
[  517.658591][    C0] FS:  00007f1680d3d6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  517.658606][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  517.658616][    C0] CR2: 000000110c349ee9 CR3: 0000000012dac000 CR4: 00000000003526f0
[  517.658625][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  517.658633][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  517.658642][    C0] Call Trace:
[  517.658646][    C0]  <NMI>
[  517.658652][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  517.658668][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  517.658682][    C0]  ? nmi_handle+0x1ac/0x5d0
[  517.658697][    C0]  ? __pfx_debug_smp_processor_id+0x10/0x10
[  517.658716][    C0]  ? default_do_nmi+0x6a/0x160
[  517.658729][    C0]  ? exc_nmi+0x170/0x1e0
[  517.658741][    C0]  ? end_repeat_nmi+0xf/0x53
[  517.658762][    C0]  ? trace_lock_acquire+0x3c/0x1f0
[  517.658781][    C0]  ? __pfx_debug_smp_processor_id+0x10/0x10
[  517.658800][    C0]  ? __pfx_debug_smp_processor_id+0x10/0x10
[  517.658818][    C0]  ? __pfx_debug_smp_processor_id+0x10/0x10
[  517.658836][    C0]  </NMI>
[  517.658840][    C0]  <IRQ>
[  517.658844][    C0]  rcu_is_watching+0x12/0xc0
[  517.658862][    C0]  trace_lock_acquire+0x14e/0x1f0
[  517.658881][    C0]  ? advance_sched+0x679/0xc60
[  517.658895][    C0]  lock_acquire+0x2f/0xb0
[  517.658909][    C0]  ? advance_sched+0x679/0xc60
[  517.658923][    C0]  advance_sched+0x67f/0xc60
[  517.658936][    C0]  ? advance_sched+0x679/0xc60
[  517.658952][    C0]  ? __pfx_advance_sched+0x10/0x10
[  517.658965][    C0]  __hrtimer_run_queues+0x20a/0xae0
[  517.658986][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  517.659003][    C0]  ? read_tsc+0x9/0x20
[  517.659023][    C0]  hrtimer_interrupt+0x392/0x8e0
[  517.659045][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  517.659062][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  517.659078][    C0]  </IRQ>
[  517.659082][    C0]  <TASK>
[  517.659087][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  517.659105][    C0] RIP: 0010:console_flush_all+0x9a4/0xc60
[  517.659124][    C0] Code: 00 e8 b0 09 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 1e 69 20 00 48 85 db 0f 85 55 01 00 00 e8 a0 66 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 55 12 83
[  517.659136][    C0] RSP: 0018:ffffc9000433f768 EFLAGS: 00000283
[  517.659147][    C0] RAX: ffffffff8ee937b8 RBX: 0000000000000000 RCX: ffffc9000c1f9000
[  517.659156][    C0] RDX: 0000000000080000 RSI: ffffffff8179af10 RDI: 0000000000000007
[  517.659165][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  517.659173][    C0] R10: 0000000000000000 R11: 0000000000000004 R12: ffffffff8ee937b8
[  517.659181][    C0] R13: ffffffff8ee93760 R14: ffffc9000433f7f8 R15: dffffc0000000000
[  517.659194][    C0]  ? console_flush_all+0x9a0/0xc60
[  517.659212][    C0]  ? console_flush_all+0x9a0/0xc60
[  517.659231][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  517.659250][    C0]  ? printk_percpu_data_ready+0x9/0x20
[  517.659271][    C0]  ? nbcon_get_cpu_emergency_nesting+0x3b/0x50
[  517.659285][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  517.659303][    C0]  console_unlock+0xd9/0x210
[  517.659320][    C0]  ? __pfx_console_unlock+0x10/0x10
[  517.659337][    C0]  ? lock_acquire+0x2f/0xb0
[  517.659352][    C0]  ? dev_printk_emit+0xfb/0x140
[  517.659367][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[  517.659384][    C0]  vprintk_emit+0x424/0x6f0
[  517.659401][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  517.659422][    C0]  dev_printk_emit+0xfb/0x140
[  517.659436][    C0]  ? __pfx_dev_printk_emit+0x10/0x10
[  517.659454][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  517.659470][    C0]  ? trace_contention_end+0xee/0x140
[  517.659487][    C0]  __dev_printk+0xf5/0x270
[  517.659502][    C0]  _dev_warn+0xe5/0x120
[  517.659516][    C0]  ? __pfx__dev_warn+0x10/0x10
[  517.659531][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  517.659550][    C0]  ? lock_acquire+0x2f/0xb0
[  517.659563][    C0]  ? __might_fault+0xe3/0x190
[  517.659581][    C0]  ? __might_fault+0xe3/0x190
[  517.659600][    C0]  usbdev_ioctl+0x1376/0x4010
[  517.659620][    C0]  ? __pfx_usbdev_ioctl+0x10/0x10
[  517.659636][    C0]  ? do_vfs_ioctl+0x513/0x1990
[  517.659655][    C0]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  517.659675][    C0]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  517.659694][    C0]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  517.659712][    C0]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  517.659732][    C0]  ? __pfx_lock_release+0x10/0x10
[  517.659751][    C0]  ? selinux_file_ioctl+0x180/0x270
[  517.659767][    C0]  ? selinux_file_ioctl+0xb4/0x270
[  517.659784][    C0]  ? __pfx_usbdev_ioctl+0x10/0x10
[  517.659801][    C0]  __x64_sys_ioctl+0x190/0x200
[  517.659820][    C0]  do_syscall_64+0xcd/0x250
[  517.659839][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.659856][    C0] RIP: 0033:0x7f167ff85d29
[  517.659879][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.659892][    C0] RSP: 002b:00007f1680d3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  517.659905][    C0] RAX: ffffffffffffffda RBX: 00007f1680175fa0 RCX: 00007f167ff85d29
[  517.659914][    C0] RDX: 00000000200000c0 RSI: 0000000080045505 RDI: 0000000000000004
[  517.659923][    C0] RBP: 00007f1680001aa8 R08: 0000000000000000 R09: 0000000000000000
[  517.659931][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  517.659940][    C0] R13: 0000000000000000 R14: 00007f1680175fa0 R15: 00007ffd1385cc88
[  517.659955][    C0]  </TASK>
[  517.660463][    C1] rcu: rcu_preempt kthread starved for 10462 jiffies! g30373 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  517.660485][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  517.660494][    C1] rcu: RCU grace-period kthread stack dump:
[  517.660500][    C1] task:rcu_preempt     state:R  running task     stack:28424 pid:17    tgid:17    ppid:2      flags:0x00004000
[  517.660557][    C1] Call Trace:
[  517.660563][    C1]  <TASK>
[  517.660574][    C1]  __schedule+0xe58/0x5ad0
[  517.660596][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  517.660627][    C1]  ? __pfx___schedule+0x10/0x10
[  517.660648][    C1]  ? schedule+0x298/0x350
[  517.660668][    C1]  ? __pfx_lock_release+0x10/0x10
[  517.660691][    C1]  ? lock_acquire+0x2f/0xb0
[  517.660709][    C1]  ? schedule+0x1fd/0x350
[  517.660732][    C1]  schedule+0xe7/0x350
[  517.660754][    C1]  schedule_timeout+0x124/0x280
[  517.660773][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  517.660792][    C1]  ? __pfx_process_timeout+0x10/0x10
[  517.660821][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  517.660843][    C1]  ? prepare_to_swait_event+0xf3/0x470
[  517.660868][    C1]  rcu_gp_fqs_loop+0x1eb/0xb00
[  517.660892][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  517.660911][    C1]  ? rcu_gp_init+0xc82/0x1630
[  517.660934][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  517.660960][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  517.660984][    C1]  rcu_gp_kthread+0x271/0x380
[  517.661012][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  517.661034][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  517.661058][    C1]  ? __kthread_parkme+0x148/0x220
[  517.661084][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  517.661105][    C1]  kthread+0x2c1/0x3a0
[  517.661127][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  517.661147][    C1]  ? __pfx_kthread+0x10/0x10
[  517.661171][    C1]  ret_from_fork+0x45/0x80
[  517.661189][    C1]  ? __pfx_kthread+0x10/0x10
[  517.661213][    C1]  ret_from_fork_asm+0x1a/0x30
[  517.661251][    C1]  </TASK>
[  517.661258][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  517.661266][    C1] CPU: 1 UID: 0 PID: 253 Comm: kworker/u8:5 Not tainted 6.13.0-rc4-syzkaller #0
[  517.661285][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  517.661296][    C1] Workqueue: events_unbound toggle_allocation_gate
[  517.661318][    C1] RIP: 0010:smp_call_function_many_cond+0x45d/0x1300
[  517.661343][    C1] Code: 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 ba 0e 0c 00 f3 90 41 0f b6 04 24 <40> 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31 ff 83 e0 01 41
[  517.661358][    C1] RSP: 0018:ffffc90002e57998 EFLAGS: 00000293
[  517.661373][    C1] RAX: 0000000000000000 RBX: ffff8880b86469c0 RCX: ffffffff818e071c
[  517.661386][    C1] RDX: ffff88802275a440 RSI: ffffffff818e06f6 RDI: 0000000000000005
[  517.661398][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  517.661409][    C1] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170c8d39
[  517.661420][    C1] R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
[  517.661433][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  517.661450][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  517.661463][    C1] CR2: 00007f1680d1aff0 CR3: 000000000df7e000 CR4: 00000000003526f0
[  517.661475][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  517.661486][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  517.661498][    C1] Call Trace:
[  517.661504][    C1]  <IRQ>
[  517.661511][    C1]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[  517.661536][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  517.661561][    C1]  ? rcu_sched_clock_irq+0x247a/0x3310
[  517.661593][    C1]  ? timekeeping_advance+0x72e/0xa90
[  517.661612][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  517.661638][    C1]  ? __asan_memcpy+0x3c/0x60
[  517.661665][    C1]  ? rcu_is_watching+0x12/0xc0
[  517.661692][    C1]  ? update_process_times+0x178/0x2d0
[  517.661714][    C1]  ? __pfx_update_process_times+0x10/0x10
[  517.661736][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  517.661761][    C1]  ? update_wall_time+0x1c/0x40
[  517.661782][    C1]  ? tick_nohz_handler+0x376/0x530
[  517.661809][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  517.661833][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  517.661863][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  517.661885][    C1]  ? read_tsc+0x9/0x20
[  517.661915][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  517.661949][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  517.661971][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  517.661992][    C1]  </IRQ>
[  517.661999][    C1]  <TASK>
[  517.662011][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  517.662043][    C1]  ? smp_call_function_many_cond+0x47c/0x1300
[  517.662066][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  517.662090][    C1]  ? smp_call_function_many_cond+0x45d/0x1300
[  517.662115][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  517.662140][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  517.662168][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  517.662189][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  517.662215][    C1]  text_poke_bp_batch+0x22b/0x760
[  517.662244][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  517.662265][    C1]  ? __jump_label_patch+0x1db/0x400
[  517.662294][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  517.662327][    C1]  text_poke_finish+0x30/0x40
[  517.662349][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  517.662373][    C1]  jump_label_update+0x1d7/0x400
[  517.662401][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  517.662427][    C1]  static_key_enable+0x1a/0x20
[  517.662451][    C1]  toggle_allocation_gate+0xfc/0x260
[  517.662473][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  517.662493][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  517.662518][    C1]  ? process_one_work+0x921/0x1ba0
[  517.662539][    C1]  ? lock_acquire+0x2f/0xb0
[  517.662557][    C1]  ? process_one_work+0x921/0x1ba0
[  517.662580][    C1]  process_one_work+0x9c5/0x1ba0
[  517.662609][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  517.662629][    C1]  ? __pfx_process_one_work+0x10/0x10
[  517.662647][    C1]  ? rcu_is_watching+0x12/0xc0
[  517.662678][    C1]  ? assign_work+0x1a0/0x250
[  517.662700][    C1]  worker_thread+0x6c8/0xf00
[  517.662731][    C1]  ? __pfx_worker_thread+0x10/0x10
[  517.662751][    C1]  kthread+0x2c1/0x3a0
[  517.662772][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  517.662791][    C1]  ? __pfx_kthread+0x10/0x10
[  517.662814][    C1]  ret_from_fork+0x45/0x80
[  517.662831][    C1]  ? __pfx_kthread+0x10/0x10
[  517.662854][    C1]  ret_from_fork_asm+0x1a/0x30
[  517.662890][    C1]  </TASK>
[  661.890848][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [kworker/u8:5:253]
[  661.890870][    C1] Modules linked in:
[  661.890882][    C1] irq event stamp: 25067836
[  661.890889][    C1] hardirqs last  enabled at (25067835): [<ffffffff8b29c32b>] irqentry_exit+0x3b/0x90
[  661.890920][    C1] hardirqs last disabled at (25067836): [<ffffffff8b29aaae>] sysvec_apic_timer_interrupt+0xe/0xc0
[  661.890943][    C1] softirqs last  enabled at (25067834): [<ffffffff815c51db>] handle_softirqs+0x5bb/0x8f0
[  661.890968][    C1] softirqs last disabled at (25067821): [<ffffffff815c56a9>] __irq_exit_rcu+0x109/0x170
[  661.890998][    C1] CPU: 1 UID: 0 PID: 253 Comm: kworker/u8:5 Not tainted 6.13.0-rc4-syzkaller #0
[  661.891020][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  661.891033][    C1] Workqueue: events_unbound toggle_allocation_gate
[  661.891056][    C1] RIP: 0010:smp_call_function_many_cond+0x472/0x1300
[  661.891083][    C1] Code: 83 e5 07 49 01 c4 83 c5 03 e8 ba 0e 0c 00 f3 90 41 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31 ff 83 e0 01 <41> 89 c5 89 c6 e8 d4 10 0c 00 45 85 ed 75 d0 e8 8a 0e 0c 00 e8 85
[  661.891101][    C1] RSP: 0018:ffffc90002e57998 EFLAGS: 00000202
[  661.891118][    C1] RAX: 0000000000000001 RBX: ffff8880b86469c0 RCX: ffffffff818e071c
[  661.891131][    C1] RDX: ffff88802275a440 RSI: ffffffff818e06f6 RDI: 0000000000000000
[  661.891144][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  661.891157][    C1] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170c8d39
[  661.891169][    C1] R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
[  661.891182][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  661.891202][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  661.891216][    C1] CR2: 00007f1680d1aff0 CR3: 000000000df7e000 CR4: 00000000003526f0
[  661.891229][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  661.891241][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  661.891253][    C1] Call Trace:
[  661.891260][    C1]  <IRQ>
[  661.891270][    C1]  ? watchdog_timer_fn+0x570/0x7d0
[  661.891297][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  661.891320][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  661.891352][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  661.891376][    C1]  ? read_tsc+0x9/0x20
[  661.891408][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  661.891444][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  661.891469][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  661.891491][    C1]  </IRQ>
[  661.891498][    C1]  <TASK>
[  661.891506][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  661.891538][    C1]  ? smp_call_function_many_cond+0x47c/0x1300
[  661.891563][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  661.891588][    C1]  ? smp_call_function_many_cond+0x472/0x1300
[  661.891614][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  661.891640][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  661.891669][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  661.891692][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  661.891718][    C1]  text_poke_bp_batch+0x22b/0x760
[  661.891748][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  661.891771][    C1]  ? __jump_label_patch+0x1db/0x400
[  661.891801][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  661.891834][    C1]  text_poke_finish+0x30/0x40
[  661.891857][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  661.891883][    C1]  jump_label_update+0x1d7/0x400
[  661.891912][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  661.891939][    C1]  static_key_enable+0x1a/0x20
[  661.891965][    C1]  toggle_allocation_gate+0xfc/0x260
[  661.891992][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  661.892012][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  661.892039][    C1]  ? process_one_work+0x921/0x1ba0
[  661.892059][    C1]  ? lock_acquire+0x2f/0xb0
[  661.892077][    C1]  ? process_one_work+0x921/0x1ba0
[  661.892101][    C1]  process_one_work+0x9c5/0x1ba0
[  661.892130][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  661.892150][    C1]  ? __pfx_process_one_work+0x10/0x10
[  661.892169][    C1]  ? rcu_is_watching+0x12/0xc0
[  661.892199][    C1]  ? assign_work+0x1a0/0x250
[  661.892221][    C1]  worker_thread+0x6c8/0xf00
[  661.892253][    C1]  ? __pfx_worker_thread+0x10/0x10
[  661.892272][    C1]  kthread+0x2c1/0x3a0
[  661.892294][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  661.892313][    C1]  ? __pfx_kthread+0x10/0x10
[  661.892337][    C1]  ret_from_fork+0x45/0x80
[  661.892354][    C1]  ? __pfx_kthread+0x10/0x10
[  661.892377][    C1]  ret_from_fork_asm+0x1a/0x30
[  661.892414][    C1]  </TASK>
[  661.892422][    C1] Sending NMI from CPU 1 to CPUs 0:
[  661.892444][    C0] NMI backtrace for cpu 0
[  661.892452][    C0] CPU: 0 UID: 0 PID: 10325 Comm: syz.4.1161 Not tainted 6.13.0-rc4-syzkaller #0
[  661.892467][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  661.892474][    C0] RIP: 0010:rcu_is_watching+0x3d/0xc0
[  661.892492][    C0] Code: c7 c3 68 7f 03 00 83 f8 07 89 c5 0f 87 82 00 00 00 48 8d 3c ed e0 6c a7 8d 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 5c 48 03 1c ed e0 6c a7 8d 48 b8 00 00 00 00 00 fc
[  661.892504][    C0] RSP: 0018:ffffc90000007e18 EFLAGS: 00000806
[  661.892515][    C0] RAX: dffffc0000000000 RBX: 0000000000037f68 RCX: ffffffff81874a90
[  661.892524][    C0] RDX: 1ffffffff1b4ed9c RSI: ffffffff8bd1eca0 RDI: ffffffff8da76ce0
[  661.892533][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  661.892541][    C0] R10: 0000000000000001 R11: 0000000000000004 R12: ffff8880781ce340
[  661.892549][    C0] R13: ffff8880b862cb00 R14: ffff8880b862ca00 R15: ffffffff894153a0
[  661.892559][    C0] FS:  00007f1680d3d6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  661.892573][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  661.892583][    C0] CR2: 000000110c349ee9 CR3: 0000000012dac000 CR4: 00000000003526f0
[  661.892592][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  661.892600][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  661.892609][    C0] Call Trace:
[  661.892613][    C0]  <NMI>
[  661.892618][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  661.892634][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  661.892647][    C0]  ? nmi_handle+0x1ac/0x5d0
[  661.892661][    C0]  ? rcu_is_watching+0x3d/0xc0
[  661.892678][    C0]  ? default_do_nmi+0x6a/0x160
[  661.892692][    C0]  ? exc_nmi+0x170/0x1e0
[  661.892704][    C0]  ? end_repeat_nmi+0xf/0x53
[  661.892721][    C0]  ? __pfx_advance_sched+0x10/0x10
[  661.892742][    C0]  ? __hrtimer_run_queues+0x5a0/0xae0
[  661.892760][    C0]  ? rcu_is_watching+0x3d/0xc0
[  661.892778][    C0]  ? rcu_is_watching+0x3d/0xc0
[  661.892796][    C0]  ? rcu_is_watching+0x3d/0xc0
[  661.892813][    C0]  </NMI>
[  661.892817][    C0]  <IRQ>
[  661.892822][    C0]  __hrtimer_run_queues+0x80b/0xae0
[  661.892843][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  661.892860][    C0]  ? read_tsc+0x9/0x20
[  661.892880][    C0]  hrtimer_interrupt+0x392/0x8e0
[  661.892902][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  661.892919][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  661.892935][    C0]  </IRQ>
[  661.892939][    C0]  <TASK>
[  661.892944][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  661.892962][    C0] RIP: 0010:console_flush_all+0x9a4/0xc60
[  661.892980][    C0] Code: 00 e8 b0 09 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 1e 69 20 00 48 85 db 0f 85 55 01 00 00 e8 a0 66 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 55 12 83
[  661.892992][    C0] RSP: 0018:ffffc9000433f768 EFLAGS: 00000283
[  661.893003][    C0] RAX: ffffffff8ee937b8 RBX: 0000000000000000 RCX: ffffc9000c1f9000
[  661.893012][    C0] RDX: 0000000000080000 RSI: ffffffff8179af10 RDI: 0000000000000007
[  661.893021][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  661.893029][    C0] R10: 0000000000000000 R11: 0000000000000004 R12: ffffffff8ee937b8
[  661.893038][    C0] R13: ffffffff8ee93760 R14: ffffc9000433f7f8 R15: dffffc0000000000
[  661.893050][    C0]  ? console_flush_all+0x9a0/0xc60
[  661.893069][    C0]  ? console_flush_all+0x9a0/0xc60
[  661.893089][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  661.893109][    C0]  ? printk_percpu_data_ready+0x9/0x20
[  661.893125][    C0]  ? nbcon_get_cpu_emergency_nesting+0x3b/0x50
[  661.893139][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  661.893157][    C0]  console_unlock+0xd9/0x210
[  661.893174][    C0]  ? __pfx_console_unlock+0x10/0x10
[  661.893191][    C0]  ? lock_acquire+0x2f/0xb0
[  661.893206][    C0]  ? dev_printk_emit+0xfb/0x140
[  661.893221][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[  661.893237][    C0]  vprintk_emit+0x424/0x6f0
[  661.893255][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  661.893275][    C0]  dev_printk_emit+0xfb/0x140
[  661.893289][    C0]  ? __pfx_dev_printk_emit+0x10/0x10
[  661.893308][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  661.893324][    C0]  ? trace_contention_end+0xee/0x140
[  661.893340][    C0]  __dev_printk+0xf5/0x270
[  661.893355][    C0]  _dev_warn+0xe5/0x120
[  661.893369][    C0]  ? __pfx__dev_warn+0x10/0x10
[  661.893383][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  661.893402][    C0]  ? lock_acquire+0x2f/0xb0
[  661.893415][    C0]  ? __might_fault+0xe3/0x190
[  661.893433][    C0]  ? __might_fault+0xe3/0x190
[  661.893451][    C0]  usbdev_ioctl+0x1376/0x4010
[  661.893471][    C0]  ? __pfx_usbdev_ioctl+0x10/0x10
[  661.893487][    C0]  ? do_vfs_ioctl+0x513/0x1990
[  661.893506][    C0]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  661.893525][    C0]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  661.893545][    C0]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  661.893563][    C0]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  661.893583][    C0]  ? __pfx_lock_release+0x10/0x10
[  661.893601][    C0]  ? selinux_file_ioctl+0x180/0x270
[  661.893617][    C0]  ? selinux_file_ioctl+0xb4/0x270
[  661.893634][    C0]  ? __pfx_usbdev_ioctl+0x10/0x10
[  661.893651][    C0]  __x64_sys_ioctl+0x190/0x200
[  661.893669][    C0]  do_syscall_64+0xcd/0x250
[  661.893686][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.893703][    C0] RIP: 0033:0x7f167ff85d29
[  661.893715][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.893731][    C0] RSP: 002b:00007f1680d3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  661.893743][    C0] RAX: ffffffffffffffda RBX: 00007f1680175fa0 RCX: 00007f167ff85d29
[  661.893753][    C0] RDX: 00000000200000c0 RSI: 0000000080045505 RDI: 0000000000000004
[  661.893761][    C0] RBP: 00007f1680001aa8 R08: 0000000000000000 R09: 0000000000000000
[  661.893769][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.893777][    C0] R13: 0000000000000000 R14: 00007f1680175fa0 R15: 00007ffd1385cc88
[  661.893791][    C0]  </TASK>
[  661.894441][    C1] Kernel panic - not syncing: softlockup: hung tasks
[  661.894454][    C1] CPU: 1 UID: 0 PID: 253 Comm: kworker/u8:5 Tainted: G             L     6.13.0-rc4-syzkaller #0
[  661.894476][    C1] Tainted: [L]=SOFTLOCKUP
[  661.894483][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  661.894493][    C1] Workqueue: events_unbound toggle_allocation_gate
[  661.894513][    C1] Call Trace:
[  661.894519][    C1]  <IRQ>
[  661.894526][    C1]  dump_stack_lvl+0x3d/0x1f0
[  661.894549][    C1]  panic+0x71d/0x800
[  661.894574][    C1]  ? __pfx_panic+0x10/0x10
[  661.894597][    C1]  ? __pfx__printk+0x10/0x10
[  661.894619][    C1]  ? __irq_work_queue_local+0xdd/0x460
[  661.894641][    C1]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  661.894659][    C1]  ? irq_work_queue+0x2a/0x80
[  661.894679][    C1]  ? watchdog_timer_fn+0x5f2/0x7d0
[  661.894700][    C1]  ? watchdog_timer_fn+0x5e5/0x7d0
[  661.894725][    C1]  watchdog_timer_fn+0x603/0x7d0
[  661.894748][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  661.894769][    C1]  __hrtimer_run_queues+0x5fb/0xae0
[  661.894799][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  661.894821][    C1]  ? read_tsc+0x9/0x20
[  661.894850][    C1]  hrtimer_interrupt+0x392/0x8e0
[  661.894884][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  661.894906][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  661.894927][    C1]  </IRQ>
[  661.894933][    C1]  <TASK>
[  661.894940][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  661.894963][    C1] RIP: 0010:smp_call_function_many_cond+0x472/0x1300
[  661.894992][    C1] Code: 83 e5 07 49 01 c4 83 c5 03 e8 ba 0e 0c 00 f3 90 41 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31 ff 83 e0 01 <41> 89 c5 89 c6 e8 d4 10 0c 00 45 85 ed 75 d0 e8 8a 0e 0c 00 e8 85
[  661.895007][    C1] RSP: 0018:ffffc90002e57998 EFLAGS: 00000202
[  661.895021][    C1] RAX: 0000000000000001 RBX: ffff8880b86469c0 RCX: ffffffff818e071c
[  661.895033][    C1] RDX: ffff88802275a440 RSI: ffffffff818e06f6 RDI: 0000000000000000
[  661.895044][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  661.895055][    C1] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170c8d39
[  661.895066][    C1] R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
[  661.895085][    C1]  ? smp_call_function_many_cond+0x47c/0x1300
[  661.895108][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  661.895134][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  661.895159][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  661.895186][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  661.895207][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  661.895233][    C1]  text_poke_bp_batch+0x22b/0x760
[  661.895261][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  661.895283][    C1]  ? __jump_label_patch+0x1db/0x400
[  661.895312][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  661.895344][    C1]  text_poke_finish+0x30/0x40
[  661.895366][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  661.895390][    C1]  jump_label_update+0x1d7/0x400
[  661.895417][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  661.895443][    C1]  static_key_enable+0x1a/0x20
[  661.895466][    C1]  toggle_allocation_gate+0xfc/0x260
[  661.895488][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  661.895507][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  661.895533][    C1]  ? process_one_work+0x921/0x1ba0
[  661.895552][    C1]  ? lock_acquire+0x2f/0xb0
[  661.895570][    C1]  ? process_one_work+0x921/0x1ba0
[  661.895593][    C1]  process_one_work+0x9c5/0x1ba0
[  661.895620][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  661.895639][    C1]  ? __pfx_process_one_work+0x10/0x10
[  661.895657][    C1]  ? rcu_is_watching+0x12/0xc0
[  661.895687][    C1]  ? assign_work+0x1a0/0x250
[  661.895708][    C1]  worker_thread+0x6c8/0xf00
[  661.895737][    C1]  ? __pfx_worker_thread+0x10/0x10
[  661.895757][    C1]  kthread+0x2c1/0x3a0
[  661.895778][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  661.895797][    C1]  ? __pfx_kthread+0x10/0x10
[  661.895821][    C1]  ret_from_fork+0x45/0x80
[  661.895838][    C1]  ? __pfx_kthread+0x10/0x10
[  661.895861][    C1]  ret_from_fork_asm+0x1a/0x30
[  661.895897][    C1]  </TASK>
[  662.979111][    C1] Shutting down cpus with NMI
[  662.979325][    C1] Kernel Offset: disabled