last executing test programs:

14m32.25956785s ago: executing program 3 (id=310):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2100, 0x0)
shutdown(0xffffffffffffffff, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x7, 0x101008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x2df0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='X'], 0x58}, 0x1, 0x0, 0x0, 0x90}, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, 0x0, 0x2000408d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)

14m31.429785727s ago: executing program 3 (id=312):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0xf00, 0x0)
fanotify_mark(r2, 0x2, 0x5000003a, r1, 0x0)
r3 = fanotify_init(0x28, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r3, 0x41, 0x8000038, r4, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r6)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x34, r7, 0x1, 0x70bd29, 0xfffffffc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x29}]}, 0x34}}, 0x8000)
r8 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x12, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbb66b3abc2b8cd0800450000020001000000029078ac1414bbe00000011100909b00000000fc6bc25e8e7d9b183d4fa584baf7b91baff332e064d5945ac9565d456023a4011cd9960ab597a6edde831ad0c625c0e425e60d0223e48669e1160c7727a1cfaac8e9739d01"], 0x0)
sendmsg(r8, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
request_key(&(0x7f0000000080)='trusted\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)='@\x00', 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0x40002)
ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0)
r9 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$selinux_user(r9, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r5], 0x27)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r10=>0xffffffffffffffff}, './cgroup\x00'})
setsockopt$kcm_KCM_RECV_DISABLE(r10, 0x119, 0x1, &(0x7f0000000140)=0x5, 0x4)

14m30.760470782s ago: executing program 3 (id=313):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000000200000000000000000000008cce802e90e4caa5240f0c97"], 0x48)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000380), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
syz_fuse_handle_req(r2, &(0x7f0000002100)="5ae785ca91885b37fd87cc2ee9a0dde54a15384713a93e74c6c5665cf41ab5b614384a0c723d1d85b7f6bc4586aa6e92ed7ac174c56e9d03935baac9cd602ef86c462871833fccb38527807be37748b26ae7121568c933bcac24eff886bfc555d77f982dae5f167f06addff9f70e47b09e437c8a5f0631496993b729d147c59b7c331c97efdbda6d81c4b34cac2cc377aa3c3a0e33b6ec4e6226e7464aa3a0ff858daf3d5ed4221ee3c655a61ded7e823b9dbec76c6d22c92128456aaa2c33514df976bf94da56f6a333e64925dc590fa94f0e094532b47941009e4cfcb1040813b8ace44ee1a5340973e31635585f0e5b8c86dc67c24d3ec03c702fa32c3a3abf8c6f5f43b2e3cff4cf5beff9e94690c82bb0fb0505f0cfda40b1482e76f8d798c9448f8d9c395b0ceb4dedb7bb56bd4c1562fd9c524c8c94b23408975e1d1e710978f7b3bbdfad0464adf76f9e5728ce2054c2b650833623106878debe4c2bac0d5e65f0845dc2eff40dbb98c2a27ff939c54b2aac6fcf3c61ae477f1a12ec4981419862656c9f98e667d5c45ca21548b399dd4c6a3df0c60041ffb6ba8ee6e8f3aebdd0f55f940762028a5e8237a2562a4412531904e585e50f805ffbe023a4fbd138aac5472b15a7624413b5ed41443ca5143ce4fa90542e94cf837c8dd5a0416d3ffbf223d3f79ebc688642708e0dde2521b5ba19390c29288d59ce010a22fc77bafd066ac971609351677edef90d274dc953123f939b4894f305f2b6ff90cbcc9ad3b339a1f34a36ee04bfb2aba728d217d1b7c5ee82f3c72ad95fb3dd227b622c9a2e4779bd72d18dbb25f4096256b527643d5c7af5194df16bacc9b21053eae64a118880beef3e5219bba49740e454720e2ff92487555102d54d78b6b744463788473226c5f9a735f2edac00660af50706006900fb42af3535f3540f5c71251c1c181dc317467c2577fe6df8cdfb08168603b10bb8f75b884923d80e21ee57f27269990b9265df078ea6ab7f672185303fdc0fb0bfccd1348cd850697460d494ef16527b55077b40fb46f33812db50a0f5e84086f9dfe4070b2642f61cbd1b83f6d8d8fd0062d0467ad7503ca8e1c3e42820d08cf2b7ca3d7e9ad02bf383e7e1a3aa09e2c68192bacf5e01604e9fd512cd872c7ba29196329f08c7c663530c21f977ecce626609fd82396d0e6aa957caefe86d08b52ea274baf55fb495d2b5f8da480d504a500846dab13d92dec14ff0ec3be163c170386dc811933c618474e20e488b0510d54308bd2c0bc5cb1a42e38ad5d3c6d8fa013f930f0c1e09de02a9c2e5ad6d64a83a1fd48c1c232fb133db6da04f41d380bf5ae3c42919062c60f99ae4c6a000c6b2f44beca3d248e63a819fe139d66d41ac5e21a092f400a8b9e896ab7ba79726a295902eee991d0e3e20fe2c07187c960631fb8a2ddc2bc0982095557c48e8fc69438a43c8982061d06f9dfbbd5ee30fe22f415bfbf53879196da96f4ce63355fbddf36bdb1468989723c69d3b5d115a5115365d34a2a1bcded104f05b24195ff91d741097d5a58875c1db13b1f8f88af363cb8343900be26455d159b2de68488009f398ef6cdbe29b090b19dca899de430e3991b1cd5eaa5c22a326ddd4adf75e3d2c7bbc3a64349c4599d4360ef9d8ff1c68710a2e412e46dc11d24e9139aa88bd6488196f74be0667e61f60a286b19aa5cb9d3f2c761a987eedf5210e3112d2d816885b6afe5b9e6f2993094ef651c88841c3a35a168e1ec2c9d108fecf14769f4ccea0f9fef6b0c0e8ffab76ea475bd788e53d4b0a422a5b391bf01f5ff8bc7e306983fbd734d61f244761353f4485b3676252ea87785342d8360650c3c21771d6ecda6216bea9584ab91f0bb3048987b644d450753c2c863a191990648c9b4d5c2a95467df25cd4b945775503fd670543b706b492c10c6b99b410b15ac9d06d3a1cc0ec71cec68c76a1e5a4953286fea3c4c4e2f0c2c43fb314fca22a2c98136c3bf1006c33bd29a9d0a17f654429fe45f442208e705595bc85a3987403d58256d58074d899f935c57eda03c0db1f42b2c43caf412ab6e0aff370aaf38ff7755709301deec50a84b9ce58e27f697f9ae9aac4bcee723dadb7b4991923395a85b44d886e755871a8979d98e1f9d0530aaf59ecaad7019f72a5956c0f1f25662f64a4086dfc3e1e98fb895dc39f1e53a0425a838927382e7103ebe761fbf138d09f0a359ad0c2faf323120d73917021391168e1db0bd0a63f04c560b731559a1ab6a4ddf25eb35d2bb3423295276bbe96d78907c1071613f129368d5f516d41f1480c5026156230a9665712f4c13df911c83612f8658b3c70fcc28719f99110796a7ed82c7a87e68addef720dfd7b41cf70a1dd93bc4a04c21a05f4bbdf5f619e0fddc9e7a9043231a96e7e9c236766a1069a668b563ceeca8f785c434b40e512dba2311891dd34c1f98c9c0a89369e310708d68ec84ae8aeaa96a206d9dea7ac16a6e429f08bb8d781eec292f12356c2f6be7bc99dbc35837be62ed18b818db892c8c86168dd6886920638f3c1b9ca32cda3d17f8795bc0b8d1c988ed672f66a289dc481e4c5a857050c39ddb3c4797a9442654b29ee85c3c42c10dc87080f6e07b261e0d2bc908e3faf3c4bfe8d2c2200f3f0e734880e9746a461918ee3e9efff5a84def6de3538388a6bcca4d720a8549af6d79f69a409e06da8d6b6d8aecffea39928b70ee486291bcd3a1e8219c6bd3fce4e68a70e21a4f77fd79a98c89dfa06e75a86181ebe07915af8b94664a55515915ba8b56fcce5b91fd965f3d5a1bdc686d7591dc9646c751cf275d13e88d69f8421db561de7d6f52ec63621490b6cf80942c18574927e4c16084a03ddeda058c6739a4621755d24873796c6a5ac987632536296f2fb0155e9eeadabc4407ccf770a8c1fbe177a02b12b83b92f223bfdc0bf45921975d9e6ff17f7560de014ed5ab3f42272600c9e265d170d492ec81db1daa49b971d605c0d09addb12bec7f45c39e1722f3624abbf5b7064bd90c70961ed2552200a21a36701b0e1842c4982e4ab17244f392320ec67bedda8c0b28935c79a995cc81bede03947d812c038df7fa4f95d4ee84c8ad3ff8fb89dcf6b9b312c01c6d2c263d68da642582fa02701c8ee70990a47f494f1ac66fa38acb1a53ca6bed85fd624f8aee0165f059dd7cfbfeb63968dc527f38e1584864ba807afcbffa9c2e1fbd749032c4178f1baac498cc58dc5478f977308f567aca1ecca6a407077cd77cae3dbc0aa9efc68ab46fe028990516181735e98342f93bd9fe3ade709e8c0e1b8a3160d3a6221ea362b118c890a2d41c40c7cecd8f69f022386f9164b3eacf9f34ecf3117806dcf40ec43e74e96da1e12038f2e998b3b93a5879055c51749f9c13c5d9f81153a968b349888e982e25eae26b9313e73a74badc90e04c970bf7c55465dfe9f2c38573d0217d55eb61f5c20f42bca6842574619729abf516189ec8d9888d5d18cbcda9dc35b8266b5105d1966c5671b8a2c472ffaabe0becca6d143d26061968386a28c47a87ddb0f62e14043ccce65b9c42f044170f876fa481cb7e1f42eac989d4c09e8d5fe34a7b8e385f256209dc50916ebc193a412deab834e21f16bc13ccb51f7015bc6e826e7995d8302b4269e739e2672ccd65ba659b6cdf690500e066d1b943e68cec35f05a8b7add2dc435cac2c562f34544d0e7ebfc011228537dcd38ca37c4d6cb1915f215618d506c8de261967b71f9749e588d61f68ec7edc444f7c0f74fe9ae2e4d56173c4ee89223a445dd289f558ce7c9b57389426d129948087609a24c1f8ebe32088f36cba15ad76661f5ab3f27af94d3cbd7c0135774454150e0ecfd4a0c490c0103958e445354a4da2a62548a8b9d61a7fbdcec617fd0e5891b2df56f7e21cdff564bfc720732c4755167c6f17746b2bfc2e2406163dcc8468e3c015f2d448316841b4f4be64366db8a4190200fa7a7a475b7ffc62f5f5a93dec898214ace9f378e3139dd1bb7478039c3d0184c185bdbd5531e3cb86a41175f632b839f1341fddc184a6d495511623440967788540007f01b0ff1ebc4d66d9a0bbf9e113550e57331918ece37ebf560ebcbee47e09290432d980a5c446d16065b9a9279b470a4a7d0120ad6f02ef5fbd5c0882a2c58d0589d128eb44247a88e3157e62fcbd6063b480ffc7c997a40e59b16f00a5e5d66e5825833a827cb65263410289551860404cab9bc1b3d7f99d9e6494ebe9bd52fd6ed8d9f980ccd5813a2f0eca8b17854138ef0c3abe49bc229fb7a8c7b75f712552625ef358cb69496cecda2637d18c1f28f88d486d84e5f702a312777bc0d6c9f11785817a3fd33113277fb8105893e10dc29b878f3d24a4e8cc474fbb7e2cc6d845a921585e01bfab1a1811e7a2c6018a24979d8fb5a853e6efa9b2810eec00d2f0313e72e25afef8423e0f3069c5f3d5214ec428d238276c44ced78d97a42f489edb54b83475c1b1d4a4e4cb1866ad07e6001f19636c442d3b155081511400dace0f271b8a972dc78b2068884a7d3bd766158497717baabc37628ce1bb7d72863ab7db9b553a205cc662015fc63cef445fed61609ce46e72fb8be8122b37c82ccb87df112fe76e9c394679c14b3116ebf7fb133ddd9e5e7693fe8a66e24f19670a19a1ba46a9564660af94aad7e865910d770b6abeebc4fd5f66d474748e08215e70d19c8392f4c7d744d7073cd10f22d55cbbcbc7e17a565bcf388e2ad751afd3da9896e7ced7833fc42a6c9a739085a0651c4d9fb3173b1b328d7d139ff426903ad469141d8c13fce17dfbb2772eb4c7ae9575df9afe18fb433989aab12072d28443bad20f25b1ef597bc0800f8842e67096c8303812feb359656a89d6bbdfebb186c32bd86376e5750784a02fd68580a2a57832addb372f04a5a889c97eecd784d1d2fe4a1b66b51976e2f012b08b9e269b595bab48dc1aabe10a89cb6ec9c504b2a832fd4a281b23262f1c76b5c94d78f6e1008fa4cba4bce83f4f50bbe814e33f38b8658273f5f6fa47c646049a66d2e2385f550308b66154798146408b1548fa8820114e0500e8bcecd4b4dbb3bc1f23a9962031585bc22e9459393fe8fccedd87a1491caa65265a50136c1041bc0e99e1520a6d8e2c067c89dec0c6f3e494bee8b7e820041642695e0932c7ecb3d8a7584f0c202f26735d3dd17c68453a4829d54811ad2598b353921d8cbee30d591381df76f7f2f83f14f9ed47e7cdeb07c8f5c9efe42c17c54108308a60df7689413b6c7ebf521f97f71571a002c6b6bf1487d331a61e763f340f6e7c9ea03a9caca30b26b75f348da60d871f5b4f66f2ded0ce1c5d1d81fe76f97137d355c9e41e1515772a863d6ba478441d5083d9749380782e5630eb0c4432bc8a2821fd987bb0b46221b9d681d8b6c538cc3e52426d37737fb1ca6bb8c01bb6718a9f7876a9966c8f834991e9fae7249de1a63a9c30539005bc6a9ed58479c6702537e3100cbb26ffc0afa8ef8c3d9f2dd31a5a5ec8e08aa951ce3ec0b154714351d36af0fe7cd37be67f6aeab6dded1254255c85752aeb43d3f774fd7b990ee19f3da2f514f1b7c36709f5d1427e6a6f3c92bea6f0fb4fb6fa37b723abae6d7ecd8833085568a9e12bff5ea54254a724b1f0194bf25659f891bb339d92aa8c9f55c9744c34f421d249a261afc8dfc08fef71247e567fb230d7a6b8b04e271c106241bffdbb0f08e01b1177e769ffcf2c17be0750a849ee78ed0ffb44f045a81aa3d1257eedc62e5465863491b5cdfb3b77ffa6ce6b79facfc9d7d34c64c8c976c46b65ed9bc9e3bb5ccb754cc34ae7243a50a42b1edb93b6b79e6cb818175ed9662e1f317e30e234d061268614d3c98158391a2348c520a873b5a6a3375384a3c83aed3c9628358eb1082f933a329ab2cf661b65791f8e2281e66827d78a92c8c61145802f0c4a1c9b2fbaa292d4d34ec99b0c7f7cb53ad36dcc2f502156ea7ab0f8a057874205bd45273e33ac8a6e3371b11cf1f00c50c9e54141c8034b876f1165c9c0a442627928b82f90da6427f4e48f119e227d05cef8e256b541e66b7f73fdcb38ff35f5aa23d0e6cca93b6e04dd4d4988f284ffec0d33d6b8f0998a300c8d48488b14c7adca0da7f35a61e6aae05a903a05c0f7d573dbc568a0244a9adbb19b5371769fb22efe65795aece724c52b5d44be6ae540d9ddcaeb463481ba790334c2403453be3cf50a11305d34ae5d40a3b3b2f75e3965bb6e6ab8d15df1a355d296d4fc28426149377e59fd8c51e21a7c5a7409a7e6581cc0f0aff0a4255147ddc5fbe5ae126c12cf630ffb27736f01ad75d4bf11078639043e1b5845f885adab193aa2b4fa8316bcbc8ec184be950a57693712ec578c84e8ef871ecdc007dca21a6ec4883749502bf8a6f15edc956eea3feb8f8535709cb5aa29e946c6328784258fd9406dd8edb39833ab55a71131a3bb334febf0e2daf3927b17ba3b8c11569ef09c662aec6bd8190d98bd3b2126d93a9fe50d5969fdaa399de6003b7355a7c52f27924177d48b8e4761b4390c0030f1d224a77758e7aeb3a176fc4a6685281853c64b005250c533eb156098798153dc0b2fac40cd383afa56d977d77f82bf9079e04bc4c0994c2438b40cd5f149243d0fceccf11a35969c46237350bc4708182357c503b2cd69833b9615de75f573fca18f9c65b1d9cbe87a6dd58ea28e322ba6b7f4e168acc01911e4da9d31a0d0f4df5b4a28b02abaf40f12644cf98247ed916ca09d5fbc17222222d09d2723411b3afce6091eb277028238b924eddaee194b35ac21652a3f477ffc3710623f0601dacaadae3a073ed5ef1e2605a0b1892afe390c3118200ea01cea4b2beda90247ab41654c6b2e34dc659507cea0eae67d7d015e3611988d859ec4dbe5cb84f3c94234f68b23ce89cc75b2e02736d7382f26c8cfca473fb458ee107bda97af0e1b9d52b358342909b5cd76456d26c1cadff1d2dd764e742b945b3c83583110bdc55170b6bea08602ed48834fe8878c9d96b4af81fbef7faff0882e47397b198bc68209989ee17db9afb7bc518ee2aab7b430f44dd95bbbeafc46af1b32ce4541e42205f0599dd61778ea6fd67df30336a4f1089eac72e7a813f19c63476776ddbcf73953f9ba1facc713c64822e505e83d01e80e521cee1586feaaab29259a4fc2d95d3c325a69695aa0c4f5bdbd0e5941a48fc531c5f6c4cc9674ddbc10f71bc13dea9099b5001096beeaab53088fc4710b3378af9c9626dacdc3719d3c8b29d10d0237cfd3c743b76fe48b0e6c50aa83a383a2ce78d767bd78ca5af259d9936c7e12b9b1a53ad1306fa84c07ebee4dfeb7047c9fc40c42174d8bb26793fffc69c4fe2c4673f9aec97b5c78f6aed8d6ecece4b12e932b14494efcbc5be9b77e6fba5c26dae29e3250678478aebfa432de8dce0aeaefa6b0a5c51855ca0f3587c3e3dc341b1295b541d5be879bb58ed6bac56ec9b1f3e9fa502df744c7c717414673bdf9b8e10884ef3764ed1f8e708e0113bc3c05c723a3e75d28a4bd18580289cd9e4ebf2be7d790f4d3384eb757c6f679ce3fa5df1a827a3f7a61265e8e03389defb7755b7fead3dffbc0d63f57e5ac2dde88ef55cd2232b88f87d3764aaafe6df23d97611499a91287e75e772ba57507b9239cfa120fc2b4a7f4ed4d7352854d5032dcd6b7ac56dc9ed0faa4e20492a58b43d1d2b3dbee1bbbd439b0ee36f83f1d50e7cef8e9a7ac555953517a7d796b23343ddf017e4d8d5642447ba2a21921e26fd4fc1df889fc2f24f33322e6a5388a276d1997f62160e25e105dcdbfd03140263e14f95b7d1c0b857c8cda157896c05383903e29117e5816b9ac7253282b7b2c6a37f5d743d37de0cb5464adf5f5f4b9e93891f90c1d7e9e69391936110bac5b1e8281d35aa4afb78768cf0c327e1b78a97b16e31d3f10060793f83ce9fb6a28dc7bf7936de915f8542a9433f4413b9c2a5d0493dc704242284d1c13dce581d7430f029436f900b16cd85f87ace67c455985779b9853beb00df9c7ee7fd343ec7e06636caf86a964b2fca7b5f6151282f7d39a8342cab95be0f2bfa3417d3524f9d1e2499ad8c60edcc9745f412cb8cced7ef4d2b66b1df296df7b4c8a7ca2f3080423b9ed321964ae942525459cc4b1e8ab63da705457217dcdc78e65b7f13ccca8eac766caadea4affabcb77d5addfeb4b5610a908cf72197c8843da77c207c77c3f07a46ef74ec592825f3f0cdcaac0964b3f254090d9c982d2d468521cce9c876be16091962d5d0d6cf8c3df15974bc433279873fa79c7bdef93f00fb3368a3e3158b8dbc7abbb956ab30158c51c1bc67648c1642eddbf6c6bdba7b23bf47e32e1f3ca405d62d098db1e279922879f66b2eaf25e9ebec9c4dae9544a353c71415c078f6c8c0c6765c0bd684d12e8cc9989deac2ae8d0c240ffdf52e6cc88dd77be6e623d8b909a38d76cd11f052579c6f41502295f9a84277472cc3469502e02179de53e537c6ac284f153439f3fed1a13e56d942607b222e7ab7396cfa0879f58bab70f2451c65fd15933f1fac30e8083d9e3219ee69a3835a40b942695ade334febcfe6222c393f902aefeac00e7c9fb8d95fbb03bca67349c81227cb1a7dd8ed53b5564840ceb69770cf2798ae8337e8c4243efa78a2acd3d29040653ab4420b143a3f97706a1d26829b06236c7c96842d611f280582ee892df7d852f53119dba1c3e44fa32231961d09c6b242c0f2cee1149dec69beaceed29d4f4410920390d8ea115252699d10d676fc2dfb7872579479f7293a060a1aab9d376ef64c32df6c8c1223dfa5774f3218e82f7e6e20b9bdea580b3ddb64cb35252f748357c5b2a0e02dbcc72e4ae20594979c3d5a59eb0f1a3ef607531b104c497301e465187c36c17f9d90359d8dec08618c67422239a85706b0543850313d66915f494f0ca1db1a92f7bb00f9777d1c4611313a2b6eb6adaf0f9023fdf847e51f1b4050a82e9bfae5f5fcff08d7a3845d3645d0bb8ff299377e251d479cf2ffe2f4632d3fbe456ef2d3aa636f64512d7e3f19f0254c9ba131512f38fe4addfebb82ab307d00cb1cd60b713db8d289ebc2745c59f50c3faac180d7d04f781b3ed6b08ac97f08c7fa7763cd308e392cd3e6b40063d47d181891bdde2162dc11d1aa64d1ee8e0de550e4b2d290a14a2027eef92b5db0cee5bf69fe1a966321ba65c820029c7d5d5db3b07514bb9d5744c74d996afe7664d89acc1a5914dce036b8f85ea0532ad2e1c7db057c535ef1952d680fcb8d02f33ed55e7bc1902392ac48d0ff63e339085d81001053d1bf2d433db8e8fba8905cc471143b4a2248264ab3a1490162b409b2abd565abc873033c81e90dfcf19f0f07ee5b51282b79b011007e65b03b5c56f0f4ee43d41232dadc02ac13dc6b6acde05f5d6c772dbda02da386c91d5d30011c71d35d9a5ed9193ab8bec9ff3ae94650861082a1f47770e4a1a6ecf2254758c185f3125f9e67c04742d77533b2b2432cf6f4f0166a1450d96d392178426ee8b757a00227eb57e567280516e16862bb6ef478fa45b119cf41f87ad43a35395282d9ff0d105c3c703b71281af0f55b5e61fba02a33b1aa6fe4841b5e3b6e9f5f4ef9fd2e83f625b35732d6e3d722aacf5cd8e1150b866e0a9edc8c6e5c0e5c7f7f51092e2148ef55ab94784f5d849ce6f2b58c4dfbc8ace44272a24c30b15b414cf22ddb6985145dcad25feea36b4db313f191ecb8c6d8bf4caf83dd63056dc5c0877beb86c5a955c8829ce5a7d27504be07a5328c345370316d61e562e91d35d88357186d70953abc73c4c7f338bbf6bebb8173818857110e49c3ff1aa7597531467c1d81aadc2b0531e7fcbdadb539e1f8f4183f973b6ac02a373a926370f7b22fda9f5375de658e47ac43219d9f0a99e8a8cf3b163625e422aaa0475e693dd844fffa27fe93a3bb047cd73e2f31690d445ad6dd6fd457bf0221a2d4700e2358e95f7d6ab1fac733db481bb20febb767e0b7cb4fe6c2478501a7b8c265208010419bc3a5bcc09e227dc5a7cc0ccd422ee95f13c4847a99cb63b47aebcae1faaab32a90f9891fe1bb901c1d4ab71633dc190c76e046654b06b3310031ce4e2f7aeef70e4017c86ddcb4af5f5a6608acab1ef34d8baa58559e997200d8e0dac285ce17f9143b5196adfa566d8df345d1b6ecce914aa5a6effe6dccc63ab7427e9284112d3bf49b8392e747c0e0a9a661539c97a438fb6aed2b8397983819f4a63ed04cd83a7262077d6c4e13a5fd2151570f8c51bd1125fc091510b9a061aebb8c6d46332e043f60de92eca9db30a4c9b3f8c791eeaf7f885561e17f0c7577f2ff0066aa7545301b9a9687656596b33b2a4dd975e77f12d4347d0cc06e20f8930f07e2dfa697dc296f8a18891125209f74893bd184cf7c0296ad51ffecf56f401c1de66f6ff104b61ae38eb570472953e65add5e52a3f90475d6fe478bda16652dc937907d15f9cc7ded970822dc8d9b086c040284ae12573a69230b5da6d5780da44d24967b0003ea06e8cf8565d7dd78120c13c1c12f94095046972ee93482d3d4c828265f0361b24e4c6031786a56602460d9f404a3e83316b4bac65e7f76e8df882e69e241236fc8794f7aad1eb2bdd412c90c9de2a364ef41a0fcb33309e4be27e9c2524be27fcded13f25c586d770dd0c7cb85253daaa291f74134a5e6003006594cbaca74ca4d5e9f1cb1bf69fbf3289631a0bff045d1c119c8d68e655af4dd3cfbb5d4a12bd0c02e6e0d3b827bb7d72de5eccdb04c1a3a6fe78a62f8d4647363d0186337171374802f1e6e7c9476f4c3df4448c3c84c9653258e6a724d45c838105d6b3cdfcdf2b05767917e55d59487773f5d7ede1596597d535caddca42fa9bf554c44c50010ef082ae904515cc801b90114db77ae81c49a77507280a2a3059cd1b2eb24156d814e451d009be05bb86e8baa0a24e34e8e2e7fa7e5456732b0f1bc72809cd2660f20cefb1a85ec2d13c8c237efccd1c94230457fa470d5dd37046e24809dcb4cdf944294f9f6a34f629f79423a503c9417cb44cafae1982b0cbc5718b814e26382a0f7960982a7d44f54a7a7f60861d586b91167ee4a38cb6308a3a82d5c83e57716fa37e564e7469a5e11b1edc63c9a60801cc8b7ffb1fb0532154d9c4338b415909c5416e19c0662134fa0c898f8827105a7116d7cfb116a190f5fe35a4fb1fbe9d8c994c026bbafa73321afa9dc8e60d15ffa908638a54b2f5358cd08f6aeb78e9de2d1271885b4793b67d2e2170ffdd4776b052247bc3802bdb72fbef654020bb3cb36dd5e0105a985d628b2226ce96b64ba4ad9d370c8ce685817f7bbfb715abc1ab0514969b75f0403bce9cfedc3b6064708cec300b38ed8d621e6a5a15ea80812f7c67ce9aef834023de0e4527bb8c8c568cebecb75b192daf488ac9cc590359b3b2f52621f11603f4bded9ad39e1106e8ee91ac64e21a5db17ce71a15033d7c415c25d01d7f0eb471d0cae24e23a59f41c939cc", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0x0, 0x0, {0x0, 0x0, 0x0, '\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x4}}}}})
io_submit(r6, 0x1, &(0x7f0000000300)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x8, 0x8, 0xffffffffffffffff, &(0x7f0000000540)="46bdde6d79f6eb4abd8ea0f6faea9d0b4432afcb7f2e7e3f2459009b5525f934d9eacc117b86b74184035f28b695a83e26fc4b149ee129b9c24b8829deb552b8c6e8e7c5f8a0ff009c316055f2a7928cdf577f41babf029bc0c9b829ad418cb3dc9ed8b1a00688e0e9a2d3564146b49ffbc3730e4f2802fb73d063b262f18287eb9d7d3da0ab5d68d283fbaa14200d4b3287b5e16197bf0f14f00ba826c499040f58730c48a2ad4e470c8699c889f79afd25d9ec4586237991fbe4e77c300d7269b9fe72936490242a54369d883e27f1e6d46f2f5b0fc3", 0xd7, 0x98, 0x0, 0x2}])
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r7, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
writev(r8, 0x0, 0x0)
listen(r7, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r10 = accept(r7, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000005"], 0x50)
shutdown(r10, 0x0)
recvfrom$unix(r10, 0x0, 0x0, 0x40002122, 0x0, 0x0)

14m26.878986185s ago: executing program 3 (id=330):
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x8, 0x8000, 0x0, 0xffffffffffffffff, 0x108, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x15)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0x6)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb4}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b0009058b", @ANYRES8], 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000440)='./file0/../file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f00000001c0)='./file0\x00')
mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000100)='devpts\x00', 0x8, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0\x00')
syz_usb_control_io(r0, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='oom_adj\x00')
write$tcp_mem(r6, &(0x7f00000010c0)={0xfffffffffffffffc}, 0x48)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a000000060001"], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x40000)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x80081, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000000)={0x2c, &(0x7f0000000200)=ANY=[@ANYRES16=r0, @ANYRES16=r4], 0x0, 0x0, 0x0, 0x0})

14m24.716109985s ago: executing program 3 (id=339):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2100, 0x0)
shutdown(0xffffffffffffffff, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x7, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_dccp(0x2, 0x6, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendmsg$xdp(r3, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x42)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000001980), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r4, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000000400)={0x34, r6, 0x1, 0x0, 0xffffffff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}]}, 0x34}}, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="31830000000000000000190000000c0001800800030005"], 0x20}, 0x1, 0x0, 0x0, 0xffffff21}, 0x0)
recvmsg(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0}, 0x100)

14m22.320290527s ago: executing program 3 (id=344):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/oss_mixer\x00', 0x298f3cc22e12b39a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
write$proc_mixer(r2, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x178)
dup3(r3, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffe5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r5 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f0000000ec0)=[{}], 0x1, 0x1ff, 0x0, 0x0, 0x0, 0xd})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x9, 0x34d3, 0x2, 0xc801, r1, 0xfffffffb, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0x9, @value=r6, @void, @void, @value}, 0x50)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@ipmr_newroute={0x54, 0x18, 0x200, 0x70bd27, 0x25dfdbfc, {0x80, 0x80, 0x14, 0xff, 0x1, 0x4, 0xc8, 0x5, 0x3800}, [@RTA_IP_PROTO={0x5, 0x1b, 0x11}, @RTA_UID={0x8, 0x19, 0xee01}, @RTA_PRIORITY={0x8, 0x6, 0x6}, @RTA_PREFSRC={0x8, 0x7, @loopback}, @RTA_PREFSRC={0x8, 0x7, @broadcast}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}, @RTA_UID={0x8, 0x19, 0xee01}]}, 0x54}, 0x1, 0x0, 0x0, 0x84c4}, 0x90)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x9, &(0x7f0000000440)=0xfca4, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1e00"], 0x50)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x200002)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r8, 0x40505331, &(0x7f0000000180)={{0x8, 0xac}, {0x0, 0x7}, 0xf9eee45, 0x2, 0x7})

14m20.875073504s ago: executing program 32 (id=344):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/oss_mixer\x00', 0x298f3cc22e12b39a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
write$proc_mixer(r2, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x178)
dup3(r3, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffe5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r5 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f0000000ec0)=[{}], 0x1, 0x1ff, 0x0, 0x0, 0x0, 0xd})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x9, 0x34d3, 0x2, 0xc801, r1, 0xfffffffb, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0x9, @value=r6, @void, @void, @value}, 0x50)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@ipmr_newroute={0x54, 0x18, 0x200, 0x70bd27, 0x25dfdbfc, {0x80, 0x80, 0x14, 0xff, 0x1, 0x4, 0xc8, 0x5, 0x3800}, [@RTA_IP_PROTO={0x5, 0x1b, 0x11}, @RTA_UID={0x8, 0x19, 0xee01}, @RTA_PRIORITY={0x8, 0x6, 0x6}, @RTA_PREFSRC={0x8, 0x7, @loopback}, @RTA_PREFSRC={0x8, 0x7, @broadcast}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}, @RTA_UID={0x8, 0x19, 0xee01}]}, 0x54}, 0x1, 0x0, 0x0, 0x84c4}, 0x90)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x9, &(0x7f0000000440)=0xfca4, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1e00"], 0x50)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x200002)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r8, 0x40505331, &(0x7f0000000180)={{0x8, 0xac}, {0x0, 0x7}, 0xf9eee45, 0x2, 0x7})

11m37.659974782s ago: executing program 0 (id=834):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0xc})

11m37.550722537s ago: executing program 0 (id=835):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$uid(0x3, 0x0, 0x0)
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, @any, 0xfb}, 0xa)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r5, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_open_dev$sndmidi(&(0x7f0000000080), 0x5, 0x4080)
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r7, 0xc0945662, &(0x7f0000000240)={0x8, 0x0, '\x00', {0x0, @bt={0x5, 0xb, 0x0, 0x1, 0x9, 0x1, 0x3d, 0x9, 0x3, 0x3, 0x4, 0x4, 0x32c00000, 0x1, 0xa, 0x30, {0x0, 0x1ff}, 0x80, 0xd}}})
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e23, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x13}, 0x6a3}, 0x1c)

11m36.498554972s ago: executing program 0 (id=836):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$uid(0x3, 0x0, 0x0)
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, @any, 0xfb}, 0xa)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r5, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_open_dev$sndmidi(&(0x7f0000000080), 0x5, 0x4080)
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r7, 0xc0945662, &(0x7f0000000240)={0x8, 0x0, '\x00', {0x0, @bt={0x5, 0xb, 0x0, 0x1, 0x9, 0x1, 0x3d, 0x9, 0x3, 0x3, 0x4, 0x4, 0x32c00000, 0x1, 0xa, 0x30, {0x0, 0x1ff}, 0x80, 0xd}}})
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e23, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x13}, 0x6a3}, 0x1c)

11m35.437279528s ago: executing program 0 (id=837):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x10b091, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000400))
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x2187017, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000240)={[{@stats}]})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
sendfile(r1, r2, 0x0, 0x100800001)
r3 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000100)={0xa30000, 0x44, 0x1, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90d, 0x9, '\x00', @p_u8=0x0}})

11m34.693332082s ago: executing program 0 (id=839):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
recvmmsg(0xffffffffffffffff, &(0x7f0000006a00)=[{{0x0, 0x0, &(0x7f0000006980)=[{0x0}, {&(0x7f0000004e80)=""/160, 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000006640)=[{0x0}, {&(0x7f00000053c0)=""/172, 0xac}, {0x0}, {0x0}, {0x0}, {&(0x7f0000006580)=""/158, 0x9e}], 0x6}}], 0x2, 0x0, 0x0)
write$binfmt_misc(r3, &(0x7f0000000300), 0x6)
recvmmsg(r3, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000085000000b800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r8)

11m34.216413s ago: executing program 0 (id=841):
r0 = socket$inet6(0xa, 0x80001, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="0132014010ff"})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x310)

11m34.054292579s ago: executing program 33 (id=841):
r0 = socket$inet6(0xa, 0x80001, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="0132014010ff"})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x310)

7m9.128494838s ago: executing program 2 (id=1570):
socket(0x10, 0x803, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040))
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
read$FUSE(r5, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
setregid(r6, r6)
stat(0x0, &(0x7f0000000240))
read$FUSE(0xffffffffffffffff, &(0x7f00000006c0)={0x2020}, 0x2020)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
connect$bt_rfcomm(r0, &(0x7f0000005dc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x15}, 0xa)
close(r0)

7m8.099962406s ago: executing program 2 (id=1572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x700, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r4, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0x100a, 0x0, 0x0}, 0x0)

7m4.132301929s ago: executing program 2 (id=1586):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0xe, 0x84)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x7ad780, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x600002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x494280, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
r4 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r4, 0xc00464b4, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
listen(r0, 0xe)
lseek(r1, 0x400006, 0x1)
readv(r3, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/96, 0x6f}, {0x0}, {&(0x7f0000000b80)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000200)=""/14, 0xe}, {&(0x7f0000000280)=""/1, 0xfffffffffffffe49}, {&(0x7f0000003080)=""/4090, 0xffa}], 0x7)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYRES32=0x0, @ANYRES64=r2, @ANYRES32=0x0, @ANYBLOB="03c6cf2184c182cab5a17db4b719174289010a33d345cb483ef723c8b1606f76efca3cbcf767f45a65ec4a0c46e21d6067d5e3868ae4cadd9335c894723b95e042d3e7b35297336d21e39f9ecf85b81b5e040000000000000053eca701423ccec5a51c45940491908142c970e68ca27e4f013779758ced2921bdb1215d7e5e946234adea6f0018414c1c5a255183363c7f9f31e964c0fb6570921db567540aa7e500d29865bb5148fcea49df42726c02b07fa4dca4cba13081d80ce8e59dbd3a8fe31948e6c34fd413dc2fecd5224b80e8f14cf1faeaf039d11e2fba6998bc78b691e1180771f33f0a9c09ea04ac60305ea7c3af226a05742268137f68bad65eb8a38c010fa76f54ed2f779f"], 0x148}, 0x1, 0x0, 0x0, 0x40040}, 0x4048000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r7, &(0x7f000000f8c0)={0x0, 0x0, &(0x7f000000f880)={&(0x7f000000f940)=@newtaction={0x1c, 0x16, 0xe67c0fb78d4e40bf, 0x0, 0x0, {0xa}, [{0x4}, {0x4}]}, 0x1c}}, 0x0)
syz_emit_ethernet(0x33, 0x0, 0x0)
futex(0x0, 0x7, 0x2, 0x0, &(0x7f0000000080), 0x4)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x8, 0x4, 0x3, 0x3f00})
r8 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_DQEVENT(r8, 0xc0506107, 0x0)
ioctl$IOC_PR_PREEMPT(r8, 0x40046109, &(0x7f0000000040)={0xd0, 0xfffffffffffffffe})

6m59.328171933s ago: executing program 2 (id=1597):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r3}, &(0x7f0000000400), &(0x7f0000000440)=r4}, 0x20)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000000c0)={"6957608d766cfff5c3a665bd121a2d89", 0x0, 0x0, {0x4, 0x40000a}, {0x7, 0xc00000}, 0x5, [0x3, 0x3, 0x9, 0x6, 0x0, 0x400, 0xffffffffffff0001, 0x2, 0x8, 0x7, 0x80000000, 0xc, 0x10, 0x5, 0xfffffffffffffffb, 0xf146]})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000280)={0x100, r5}, 0x0)
close(r5)
close(r1)
statx(r5, &(0x7f0000000000)='./file0/file0\x00', 0x4000, 0x10, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r8, r8, 0x0)
setreuid(r6, r8)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

6m59.015741409s ago: executing program 2 (id=1600):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r3 = syz_open_pts(r2, 0x141601)
fcntl$setstatus(r3, 0x4, 0x102800)
r4 = socket$inet(0xa, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6, 0x0, 0x4a}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)
gettid()
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r5=>0x0})
r6 = openat$ocfs2_control(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r6, 0xc0406619, &(0x7f0000000040)={@desc={0x1, 0x0, @desc2}})
recvmsg(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x22)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000240)={0x48, 0x5, r5})
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socket(0x10, 0x80002, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x20008014, &(0x7f0000000340)={0x11, 0x2, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

6m57.248343126s ago: executing program 2 (id=1602):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x3, 0x10}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x8, &(0x7f0000001c40)=ANY=[@ANYRESDEC=r0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000400), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioprio_get$uid(0x3, 0x0)
mount(&(0x7f0000000540)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f00000005c0)='vxfs\x00', 0x0, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r5, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r5, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x18, 0x0, 0x0, 0x0, 0x0, 0xe0}}], 0x17fd147c801ae9ab, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e0508460c"], 0x8)

6m56.963283532s ago: executing program 34 (id=1602):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x3, 0x10}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x8, &(0x7f0000001c40)=ANY=[@ANYRESDEC=r0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000400), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioprio_get$uid(0x3, 0x0)
mount(&(0x7f0000000540)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f00000005c0)='vxfs\x00', 0x0, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r5, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r5, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x18, 0x0, 0x0, 0x0, 0x0, 0xe0}}], 0x17fd147c801ae9ab, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e0508460c"], 0x8)

29.65615574s ago: executing program 5 (id=2579):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0xe0801, 0x0)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0x6}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00010000"], 0x30}}, 0x0)
flock(0xffffffffffffffff, 0x5f2b0b832cf1a82e)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r4, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x4, 0x8000000000, 0x3d, 0x4000000000, 0x5, 0x800000000910d, 0x100000000, 0x3, 0x9dd, 0xffffffffffffffff, 0x1000000004, 0x0, 0x4, 0x1000002, 0xffffffffffffffff, 0xe40], 0xf000, 0x340})
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r5, 0x6b, 0x1, &(0x7f0000000640)=[{0x3, 0x3, {0x2, 0xff, 0x2}, {0x1, 0x0, 0x1}, 0xfe}, {0x2, 0x1, {0x0, 0xf0}, {0x0, 0x1, 0x2}, 0x1, 0xff}], 0x40)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000100)={0x1d, r6, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
close(r5)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000180))

29.279313099s ago: executing program 5 (id=2581):
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
prlimit64(0x0, 0x3, 0x0, &(0x7f0000000100))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000a00)=""/102384, 0x18ff0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$sequencer(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="02"], 0x9)
ioctl$SNDCTL_SEQ_SYNC(r1, 0x5101)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
memfd_create(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x4)
readv(r2, &(0x7f0000000240)=[{&(0x7f0000000300)=""/168, 0xa8}], 0x1)

28.138190328s ago: executing program 5 (id=2583):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, 0x0, 0x8041)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f00000000c0)="008d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@cswp={0x58, 0x114, 0x7, {{}, 0x0, 0x0}}], 0x58}, 0x0)
open(0x0, 0x4041, 0x28)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
ioctl(0xffffffffffffffff, 0x8b26, &(0x7f0000000040))

27.108184529s ago: executing program 5 (id=2586):
sendmsg$key(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)={0x2, 0x13, 0x8, 0x7, 0x21, 0x0, 0x70bd25, 0x25dfdbfd, [@sadb_ident={0x2, 0xb, 0x771, 0x0, 0xff}, @sadb_key={0x19, 0x8, 0x5c8, 0x0, "95a7ad211039f818fd4f5224672e3c2fd4ea93ddbe7b33bfc147ccefe721a2b1da9dc7b2cbcab66fa62c42a8f2a2ebc9a9d9dd0654e2b7fa0ff7ebe389165cf129fa6f86600bd8e487a1766e1938590adf96bc092437f27cd5980df1369af215ae3b978cdba95c932e589b52451ff4d77cdd9477a913257ba28786e6e7e0649d4511162f2970a420d380be17a2024fe12455b87d4b3760466855ac8596f4ea27d0d84c35d7539c71acca9fbff302f921700fa2cd1fe68f689c"}, @sadb_lifetime={0x4, 0x3, 0x9, 0x1, 0x9, 0x7ff}]}, 0x108}}, 0x80)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="010028bd7000fbdbdf2505000000200001800d0001007564703a73797a31000000000c000280080001000a"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x100)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_GET_SG_TABLESIZE(r2, 0x227f, &(0x7f0000000040))
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r3, &(0x7f0000000240)={0x1d, r5, 0x0, {0x0, 0x0, 0x4}}, 0x18)
connect$can_j1939(r3, &(0x7f0000000340)={0x1d, r5, 0x2, {0x0, 0x1, 0x4}, 0xff}, 0x18)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r8=>0x0})
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r9, &(0x7f0000000080)={0x1d, r8, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {0x0, 0x1}}, 0x18, &(0x7f0000000180)={&(0x7f0000000100)="009d10371c720289216a59977104214d16467bfa5424a214c136d0", 0x1b}}, 0xee)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r10=>0x0})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000b00000000000000000c85000000a800000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r13 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x100)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r13, 0xc04064a0, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000180)=[<r14=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r13, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000040)=[r14], 0x1, 0x80800})
r15 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r15, r12, 0x2, 0x6, 0x4000, @void, @value}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newtfilter={0x24, 0x11, 0x1, 0x74bd2c, 0x0, {0x0, 0x0, 0x74, r10, {0x2, 0x4}, {0xa, 0x4}, {0xa}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40804}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280ff"], 0x528}}, 0xc000)

24.695927074s ago: executing program 5 (id=2594):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', <r1=>0x0})
sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="240000000000000029000000320000fad20e0020010000000000000000000100000001", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x28}}], 0x2, 0x4001c00) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newtaction={0x1d0, 0x30, 0x400, 0x0, 0x25dfdbfe, {}, [{0x1bc, 0x1, [@m_bpf={0xa4, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x79, 0x6, "37536fee9624ca0bdd11c8bd50883e89b55728e4854253af5a10a7ddbc8ed9378b65c17bd369cb2aa048a7f2bb039cf7a617ee3e869f9dae1bbe40f673a79a272be407000000d7b3803b0a20c20099a0b17820f378a6eb1322befe30896e541da0d003acb4590d878bf4b542de5a0a04fbb8213785"}, {0xc}, {0xc}}}, @m_gact={0x114, 0x4, 0x0, 0x0, {{0x9}, {0xa0, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x211a, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x8, 0x5, 0x9, 0x1000}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1a31, 0x20000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0xb59}}, @TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x10001, 0x4, 0x7}}, @TCA_GACT_PARMS={0x18, 0x2, {0x5, 0x2004, 0x2, 0x8000, 0x1d}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7, 0x7, 0x3, 0x0, 0x10}}, @TCA_GACT_PARMS={0x18, 0x2, {0x10, 0x1, 0x6, 0x5, 0x5}}]}, {0x4a, 0x6, "d00d1054a5fc8e47d998412e95b1d804e2c8d0e6cc663dc6df9f71f043892072ceb20f8df8c602db8612dbd7aefaa7aaaa22792e32598218e7058061ffc8a6253f9dad0c7231"}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}, 0x1d0}}, 0x0) (async, rerun: 64)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x26, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xb8}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r3 = io_uring_setup(0x1b18, &(0x7f0000000380)={0x0, 0x3, 0x400, 0x1, 0x15}) (async, rerun: 32)
r4 = epoll_create1(0x80000) (rerun: 32)
epoll_pwait2(r4, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0) (async)
close_range(r3, 0xffffffffffffffff, 0x0) (async)
r5 = openat$cgroup_ro(r2, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000080)=0x9, 0x12) (async, rerun: 64)
r6 = socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
r8 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async, rerun: 64)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000000), 0x4) (rerun: 64)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r9, 0x0) (async)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001a00599c6d0e000091d028ef80"], 0xfe33)

24.052191611s ago: executing program 5 (id=2595):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x16, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@map_idx_val={0x18, 0x2, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xe, 0x0, 0x0, 0xfffffffe}})
socket$xdp(0x2c, 0x3, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x701, 0x3, 0x258, 0x1c0, 0xb, 0x108, 0x108, 0x0, 0x1c0, 0x1c8, 0x1c8, 0x1c0, 0x1c8, 0x3, 0x0, {[{{@ip={@rand_addr, @remote, 0x0, 0x0, 'ip6erspan0\x00', '\x00', {}, {0xff}, 0x32}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ip={@loopback, @empty, 0xffffff00, 0x0, 'veth1_to_batadv\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b8)
close(0xffffffffffffffff)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}]}, 0x1c}}, 0x0)

19.388897597s ago: executing program 6 (id=2607):
prlimit64(0x0, 0x6, &(0x7f0000000000)={0x7, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
userfaultfd(0x80001)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008", @ANYRES32], 0x48}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000380)={0x3, 0x0, @ioapic={0x8000000, 0x2, 0x101, 0x0, 0x0, [{0x8, 0x2e, 0x6, '\x00', 0x1}, {0x6, 0x2, 0x26, '\x00', 0xfc}, {0x2, 0xef, 0xd, '\x00', 0xeb}, {0xff, 0x7, 0xd}, {0x13, 0x9, 0x2, '\x00', 0x62}, {0x0, 0x3, 0x6, '\x00', 0xd3}, {0xf, 0x0, 0x8, '\x00', 0x4}, {0x9, 0xdb, 0x1}, {0x81, 0x23, 0x5, '\x00', 0x2}, {0xde, 0x20, 0x3}, {0x40, 0x0, 0xf8, '\x00', 0x1}, {0xf5, 0x5, 0x4, '\x00', 0x8}, {0x7, 0x3, 0x2b, '\x00', 0x6}, {0x4, 0x5, 0x0, '\x00', 0xe9}, {0x10, 0x39, 0x40, '\x00', 0xcf}, {0x6c, 0x7f, 0x0, '\x00', 0x72}, {0x7f, 0x4, 0x4, '\x00', 0xe}, {0x7, 0x2, 0x8, '\x00', 0x81}, {0xf, 0x7, 0x5}, {0x3, 0x6, 0xb}, {0x8, 0x6, 0x1, '\x00', 0x49}, {0xee, 0x2, 0x91, '\x00', 0xba}, {0x2, 0x8, 0x2, '\x00', 0xc3}, {0x8, 0x9, 0x54, '\x00', 0x9}]}})
dup(0xffffffffffffffff)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x24d, 0xa, 0x0, 0x0, 0x3e, 0x180, 0x8, 0x0, {}, {}, {}, {}, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})

17.858243628s ago: executing program 6 (id=2614):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
recvfrom$unix(r1, 0x0, 0x0, 0x123, 0x0, 0x0)
sendto$packet(r2, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x10000, 0x0, &(0x7f0000000140), 0x14)
ftruncate(0xffffffffffffffff, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x578410eb)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')

12.324420522s ago: executing program 7 (id=2629):
syz_usb_connect(0x6, 0x36, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @remote}]}}}]}, 0x3c}, 0x1, 0x2}, 0x0)

11.474021583s ago: executing program 7 (id=2631):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f00000002c0)={{0xfff9, 0x62, 0x2, 0x9}, 'syz0\x00', 0x1e})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000180)={@dev, <r1=>0x0}, &(0x7f00000001c0)=0x14)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r2, &(0x7f0000000280)='./file0\x00', 0x6a1c2, 0xc4)
faccessat(r2, &(0x7f0000000000)='./file0\x00', 0x5)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x20, &(0x7f0000000440)={&(0x7f0000000340)=""/46, 0x2e, <r3=>0x0, &(0x7f0000000380)=""/17, 0x11}}, 0x10)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x2102, 0x0)
r6 = dup3(r4, r5, 0x0)
getsockname$netrom(r6, 0x0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r9 = dup3(r8, r7, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000bc0)={0x1d, 0x0, &(0x7f0000000300)=[@free_buffer, @reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={@fda={0x66646185, 0x0, 0x2, 0x3d}, @flat=@handle={0x73682a85, 0x100b, 0x3}, @ptr={0x70742a85, 0x1, &(0x7f0000000200)=""/59, 0x0, 0x0, 0x1f}}, &(0x7f00000002c0)}}], 0xfffffffffffffe92, 0x800000000000000, 0x0})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1, 0x2, &(0x7f00000000c0)=@raw=[@ldst={0x0, 0x1, 0x0, 0xb, 0x8, 0x18, 0x1}, @call={0x85, 0x0, 0x0, 0x56}], &(0x7f0000000100)='GPL\x00', 0x1, 0x1000, &(0x7f0000000c80)=""/4096, 0x41100, 0x40, '\x00', r1, @fallback=0x32, r2, 0x8, &(0x7f0000000240)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x0, 0x9, 0x400}, 0x10, r3, r6, 0x7, &(0x7f0000000500)=[r9, r10], &(0x7f0000000540)=[{0x3, 0x5, 0xe, 0x9}, {0x0, 0x2, 0xa, 0xe}, {0x3, 0x1, 0xa, 0xc}, {0x2, 0x1, 0x4, 0xb}, {0x4, 0x2, 0x3, 0xc}, {0x0, 0x4, 0x5, 0x5}, {0x1, 0x2, 0x9, 0x8}], 0x10, 0xffff, @void, @value}, 0x94)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0\x00')
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x5, 0x0, 0x41c}}}, 0x7)
request_key(&(0x7f0000000c40)='encrypted\x00', 0x0, 0x0, 0x0)

11.389950318s ago: executing program 1 (id=2632):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
mq_open(0x0, 0x40, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mq_unlink(&(0x7f0000000340)='eth0\x00')
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='loginuid\x00')
pread64(r5, 0x0, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)={0x14, 0x2c, 0x3f, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

11.06829939s ago: executing program 7 (id=2634):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@deltaction={0xc8, 0x31, 0x1, 0x70bd27, 0x25dfdbff, {}, [@TCA_ACT_TAB={0x24, 0x1, [{0x14, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}]}, @TCA_ACT_TAB={0x90, 0x1, [{0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8de}}, {0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x14, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0xd, 0x2, 0x3})
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = dup2(r4, r0)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x11, 0x10, 0x0, &(0x7f00000004c0))
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000003640), 0x40401, 0x0)
write$binfmt_script(r8, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)

10.347960524s ago: executing program 1 (id=2636):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) (fail_nth: 4)
r6 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x85c}, 0x0)

8.22386301s ago: executing program 35 (id=2595):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x16, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@map_idx_val={0x18, 0x2, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xe, 0x0, 0x0, 0xfffffffe}})
socket$xdp(0x2c, 0x3, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x701, 0x3, 0x258, 0x1c0, 0xb, 0x108, 0x108, 0x0, 0x1c0, 0x1c8, 0x1c8, 0x1c0, 0x1c8, 0x3, 0x0, {[{{@ip={@rand_addr, @remote, 0x0, 0x0, 'ip6erspan0\x00', '\x00', {}, {0xff}, 0x32}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ip={@loopback, @empty, 0xffffff00, 0x0, 'veth1_to_batadv\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b8)
close(0xffffffffffffffff)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}]}, 0x1c}}, 0x0)

8.102190739s ago: executing program 1 (id=2638):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="ff0fffffff00000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRESDEC=r0, @ANYBLOB="00000000010000000000000000000000f8ca44dfaa000000"], 0x48}, 0x1, 0x0, 0x0, 0x48850}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='\a\x00'/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000050000000000000005020000b68c52d2be3c0990"], 0x48}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f00000001c0)='ocfs2_dlmfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r8 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r10 = dup(r9)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000072000040"])
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x64}}, 0x8040)
sendmsg$NFT_BATCH(r1, &(0x7f0000004d40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000100001000000000000000000000a000a34000000140a010200000000000000000200000008000340000000000900010073797a30000000000c0006"], 0x5c}}, 0x0)

8.094471498s ago: executing program 7 (id=2639):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @random, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xd}, {[@lsrr={0x83, 0x7, 0xd7, [@multicast2]}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x258800, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x602, 0x0)
write$rfkill(r4, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1}, 0x8)

7.476210213s ago: executing program 6 (id=2640):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000300), 0x6)
recvmmsg(r4, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r8)

7.395299424s ago: executing program 4 (id=2641):
syz_usb_connect(0x6, 0x36, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @remote}]}}}]}, 0x3c}, 0x1, 0x2}, 0x0)

6.66014336s ago: executing program 4 (id=2642):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (fail_nth: 7)

6.545291779s ago: executing program 1 (id=2643):
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDRV_PCM_IOCTL_UNLINK(0xffffffffffffffff, 0x40044160, 0x3)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r4, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
accept(r1, 0x0, 0x0)

6.475803263s ago: executing program 7 (id=2644):
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0xfffffea2}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x29, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
socket$inet6(0x10, 0x800, 0x0)
r1 = socket$inet_sctp(0x2, 0x400000000001, 0x84)
sendto$inet(r1, &(0x7f0000000080)="e3", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10)
listen(r1, 0xda8c)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x0)

3.885065687s ago: executing program 1 (id=2645):
syz_usb_connect(0x2, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000043242108d81301006230010203010902120001000000000904"], 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000140)={0xffffffffffffffff, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=@newsa={0x194, 0x10, 0x1, 0x0, 0x0, {{@in6=@private1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in=@local, 0x0, 0x6c}, @in6=@loopback, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, 0x0, 0x0, 0x2}, [@sec_ctx={0x5a, 0x8, {0x56, 0x8, 0x0, 0x0, 0xfffffffffffffed0, "f44d281f1df33c927e7a22038c4bb2baff07000000000000ad2d631b11f24bd4cfba1b09833d9875250c52bc6bb535ad95f54a02ff96c6e50b50508c87c722116c3a8a188e9de0161329dd6b0000"}}, @algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x194}}, 0x0)
mount$binderfs(0x0, &(0x7f0000001240)='./binderfs\x00', &(0x7f0000001280), 0x4001, &(0x7f00000012c0)=ANY=[@ANYBLOB='max=00000000000000000000003,seclabel>'])
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000bc0)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x1, 0xc}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x48}}, 0x0)

3.832320502s ago: executing program 4 (id=2646):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
openat$dsp(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448c9, 0x0)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x18c})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
close_range(r3, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x95ff, 0x3900000000000000, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)

3.649262735s ago: executing program 6 (id=2647):
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
prlimit64(0x0, 0x3, 0x0, &(0x7f0000000100))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000000a00)=""/102384, 0x18ff0)
syz_open_dev$dri(0x0, 0x1, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x16b601, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$sequencer(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="0293"], 0x9)
ioctl$SNDCTL_SEQ_SYNC(r3, 0x5101)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
lseek(0xffffffffffffffff, 0x7fff, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0xd34, 0xfffffffd})
readv(r4, &(0x7f0000000240)=[{&(0x7f0000000300)=""/168, 0xa8}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000003c0))

2.968862869s ago: executing program 7 (id=2648):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xaddb6000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)

2.915956147s ago: executing program 6 (id=2649):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000440)=0x60)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
socket$kcm(0x10, 0x2, 0x0)
ioperm(0x8, 0x3, 0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r3}, 0x10)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000180)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000001c40)=[{{&(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000000)="e0a303d169314697737decfc73eb43a91ad10f6ed742f93a242969a2ca8314780323b2da0621e992686adf2ef9a1aeb31f14c51ab210bb0654ff3c", 0x3b}, {&(0x7f0000000480)="c41115cb5b7a632980c8f85dc163b5801eab2e32ef2f16f4d6ba708cf078bfc329c497ba0e6ae9c619a8bad79930e16857b03e70bd1b43c401cc4298e9609066b972ee2924291caab1a2fd319f5897c7c3f7e6e987b636fba27dcc909e09f37a20460fa3a3ae9a4de9e2b9e9208860e1deded38a624a4f2eb1d0ae", 0x7b}, {&(0x7f0000000500)="e82343e6160de6ea8fa0728957759525f9ebf27989c8991ba4f845b23a0c36d8a63d1a5fe682564dcd285659938a4fe7b3a8235e366934d744256f2d79b7899ad1b04a1369ab0878b3277f79fdf394712e2645a47950e75f5de41ca07d4aaf84873a6de73799f6e4a3b85cfab76d3fc554f961c14c192080f9557869fe701f323a743eef248a1335b596d6d495cffeee1ddc18c8f73a3f3c8c1e76a101bad1a6825827620a7e97c3718d645753f6bc3880f12f7903facea3f695669c4b9b7452", 0xc0}], 0x3, &(0x7f0000000600)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x1c, 0x1, 0x1, [r2, r2, 0xffffffffffffffff]}}], 0x38, 0xc0}}, {{0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000640)="e9fa56fb0b23fae76c79f1496d61e97f3090d3e13c572546079869c69a42d79fde2f67d979882bc6db9129e86c1411d1c160854305b654909a859992568700a682e1b7ea83d9142ce88385e2cf7c7862c6ab441b7b6824b8b465a1dfb400be17cc7a581cfc88a3f6f165e72d855e276006b493db8ee7fd577f28023a4c0fbeca5db4401ae336e04291d9425f6d9891a0de4bbcdef0946bf1bfdd0a8b89ecee2a2adf91509671cd174be633d383f57287e86a03378b71df1d68c151c7fbf4e2f1e9e044b8a2ab1d5cccee1950e70c142c015da15a0e4bc43628874b42ba0e58073134caf834f3460568d379328075067e0cc48557a61db07b4b4fc738100beb4b8d5263430c7937ee07f22f0011fe8ca97bebbca42be99dd79a4cf39d584b9dbf0b4241ea7bad1a2a4b5c7ca31b18a267d07b3e870226c4216a0f7e66c3e18f876948e889ab5d84030cd3eb988af3b7a1a2a78a1dd1a95873ad6f8defb86fa0a348755f0aac1827242947c2599732cce5f574d6770ebd9c920c1c169956040dd7e80c6cd51b88c9494feac419858fd9c73e05a8e6b95152d451ad55de5faca5375970f1d2e4d76d41f0105c620ba171e2054c865ec5fc54791b0ee0694ca29cd2d4fd08f1f2c548df5ab8a4f6684f94ac350ad21e703a1f5bc9b3cd7eb4b66b8ed09d2a54581730d2e6e3bc5585f771c3a3be7ea6c32a37027ac8d213c13fa8e6fb4ebfb43151b18d4cedd4c89646c03ba0525b3eb06d83c06d91a78a6367cc51cfcb036f31e2753888d5e245fa07b00c96465d80b1a1f7599bc07a904e4d1a8bd5806c19b7e6ed27e03cfd22fd4a73035fe1860e6d9c42efe951aa6bde163da09bf9a29641cc90c4ed9fb8fb51a1eed0341c579c62d15e2fbc920d5d9b6fd1aa145c4d500039847723350583ae68d6cf376e4f718b701964cfe97c1aa085355ca9f5ef2bc0ce7d3a58d68f255ad70f6ce29d8b6d3b099022a691f01162cab83e5d5e6982e768f346df023c66c77302a28768d897d8ef1cc7085df3f0052619f1607625b555517db1340c133a1645574ada8c7b1ae9c409efaff06e464174229ba2340e1517904282e8ae9c560833c79050fe854a26116f1a4e9eb5d0bd7937aa1ce40bfde9cdc950af87e28f977894cdaf702611baf6199ebfd3189c53530ee140603e9273f7a6602c15f2fb0655cc274f5bd8133667613877a8750e2ee8950156c3249387a58b4ae21851bb6a6ac0b98c579dce7fdea32a11e03c1046ee61fa127506d2497cfbaa8b393629763ed7a22652e35077c45bee87a29cc8643def3f1820f8fbcf0f732537ba81070e5826d8033413c1d518422baae5c64894fb7b57e141a73785622db96968eb87442eb0adb234d6784084faff63f69c936ad44aebaff33df41fa2396cb2cd76787fdfee58f6095cdf07a826ce5e8aea72e6bc7cb0bacb5f60f25605f9ff0c527ae7b35628e82893d4116c0a5d91c917e8f8a4069b8e59f078106ff0c9d2f2941d1f51266db5ef037c38092993037c0596450306646bd9c57f29eac8ff827c289d94c516b29fbe0702bcaaf92129ff28b43aae3bc7750f100964e8f5ae264b700c55ee243654b102d4000b65f8db8aa3b52336bb8f848fc7cfb1f5162b00f3253618f6faf74070f5b77341d6976a06ca857690c9ac22926c9a3665ec3c2b85c49912d8414f219e2e669812ff5c76e1255f1d4cf8c1d1a6ca548d66dc2fcb63e117e983cbaf7338dd0909e391ea4c77c686f615d9c4090085d6b2c4fb1e3568794afb40a38259ff65c964380609552ee717fdb53b984ee6341cad85e37ea4eeb04549f5285e4e46389a698378ab8bef1db5459ff1b48651ab7b3c04b3ea60cd2fdf5cfb478d0367f0c8682d37f926c5e39a44394286e3daa459cdb5ba5e9f16b61cdc9d4de0f1e7f4ae4332da78f0f1c26a11b660b9e7aed41e92fe2de1cfc55530e8013f8bc6fa5a371ad302444cdc1b2d858c99401b5fafeba2ca5b157fbe193a2db7046b00aba181c6ca93d6ff1890798a27d83b587f0369ae1aa103ac5d01d0da42b71907faa5a302989d63e4a093f282a8d997134532b60b235ce175c89c8fcadd0584196f744a323091ee0f077427054b7ede257a0a2786048d1d2483a03cc5cdb8ff17ec51fc9b0db383c0d131dd88eb80bba252fb35d9d85e3dc3d635f66f248d3ecc61a70a35efb18d646a364440c44d09a0f57ebefd963de214767762e3f54da4e85cc9ecff370416e0fc609ab3a7e6f781415c0f6ba199e9c69d3d627a329139903fb9ac01f48319e98a899dd8584e08ac5047e705482cd984436ca91d68de49e27a82e58b9d5cbeabe7ad4ed5ee9dcde4b6726aa60b9dd436e1f93a7eabf94e2f1fdce8f5cc5d5f9185545f3e331b6f44c52aca6c8eca165227b5243ea1d977fa5f81c014a83ccb02d4113c7e150a2d2818030a8bf746c4af55ade8e1a7de2d49151a32c1711c386b187dc0c6856c8a13e13e253f495b91e2353e8c1e0042be4f1a317e685c9cf824ee0817cc8e7ada9183878761874adf08846b44b6ca3ba25ad1b89347d934d51fe935534267e65fe597b53570121f7cf0458220c70c74c1417eff87a18f818a59dbfd6d78bcba56a46d337bb1fb55397f5a475cdb572940f6e60bc04871abef17aeb43b18b5cbdf1fc55c6732e572280899cfd39300b79c4fe5ebb06a7ef4b8c9a2f8b1490e1c659b8ef5bfea3e87bc8bdac609491c7ba034d57fda98dd05c49a1a7c3d73c132dd29d478aa9db02afd7647a230fc8b140c5639746efd4707ba071492c7da9f5ac026ce7e14bf418a0c905804f93ebda1d027824f1edd8d3c93a0ca8333757be8f98df901bdfd1d869cf68453ab77caf16d35b56204f0d31f5aaa72aec8b3f63c9b3e5284e0990a5f485525bfe25a84a882d536268a20ffeb2f809c77eeed8f624ee78c87c3b7a4baa99ebc79003048ec00ce59e1e86501002e83646d886c45eb993b4ba5858c2fada50dfa17c23b30bbd143f669ce89647e150bb037cf485c13cc92f11be499a7af6ec54da52360a5f49741c7cf9156e372d7933fdd0f98e00a5892cda3e947a860092e4004dba797b304c2647af4f6ee5468b9eb757ab03013fce290e5ea7c32c6cc61d77df67005fbc31de3817a9e21c91387ffe57a894b94c15d9e2079b62a208bfd73beaf2fb9e83d3ba9b309b11bff35f33ea6d9e7db8b86879aedf52a7b6272759a0501df6fca181969e1f7895b7d18224be491df933a3532607fcf93bae972826096ed6a8d6e36fac0139889d5d6621c66613ef864b1d19ad840b18267c39a842d845895ccbcab6402bf4935d4dc26c21c7c40869dd200e10d7f2031c193e263c2f18b88af043ab46cca0ee22927d1941512e451b60a4d54cb7dcb56d344879a77f5ee9a83fe6e9d4a8562bdcd7dce58fba1e78b4605d92ef7fc3fa37560631c1560a51c0ca14bd691554478c932bae42cae7c9861ed5872f6e02bf04b28d4c2004850d2da710ae2ed512e5c2721de7a151395ab3be51b88794ab35f104ad1ac56d3787b41e7e3a6494e8bf8abe2ea2ef62508bd4b1f83cb31689e4839d88a10ba47f0f6637cbf5b067586d32f3ffc8df2d779c3124cf3ed91137fa7b358f35fc47ce01df3a0916fa7ce7d169a74f0861427718dc44e940578d4d2d913e266bb21609ffc9934d953eaf71e3fbefb64640760fad37ec649a566bfbc66bc70d3ab16c7f40a770b07b544116ff3511c3d54128ba582c54a428d394d631941717df753f86c68f938df847b559dca4102c4231165e27dfcd2e5fb240e3c0678771b8bd2fbd12f7747d33210df6241a4a4e4c8899eccea07a6dc977c17e274266e3fb5fbefeaac5433314edcc46a906e613485fad090ace6a603fbfed2ead50b96e72c1f39733ba0d326e3570ba197d2e8de108a666b58859979b14932963459b5112b32d2cc9f7150e1e846255e8d9da191768534f8200a5f5e5040f1f2b99afba1d40ae8487ebed56ad66e0bb1a070c7e0f3453f062bb2b4fe2f902085a73726726445c3562b7602893db98286edd948d6a461fb477b8720bb7341e0229aa23170fe6a093f699d96dfb3865d4918e4d4921e8fa8a68845ad3d683513a529ddc39f9deb00f532f0fb4403a0d1d639efa48ee35891f1d01acad3b8c52dd7058edc87f2a86afbae3aa737e8ba6d4411e39f39370812816f027728e0b2301124d48608a6b915277bef425b49618bf90b9cf70355c7e040a0b7a187fdcca71b3dd5f6fcab7ae86a14aa54434e816190b852daefe2cd07c4ba4079021edf97af17f83504f4702f8278fad16f0b068eab5f6614993dd9af6a2d8dc9c2d8c97216aab5716392bfd506d39114424ca26e4d1ada7876b6e89f948464da5de421226bc2ea427336c6bdba4713955b477e1c19318a225468894d81a24afacdbaa657cbbfc6635990ec52f1aaf7477bc2e9c8b352da9fbe62d5e3cd52b6918370c60504fc70d734579b70c69a29d71ce536b22a409ecd4ab4c45c8dba818500bdd772abe91b565fb044f88d8b05f31ebdb0e46d9500f2418f52a23e7974834d9da777d40081b64a50fffc1df87b092d6cf22124634011db1b315e97ecc632cf9496c5a43b7d19ee564d33483ad8972603526a725d4099190e115d6566e7904f685dbe68092f6e66c1de9f373c0114ac12fe42d853bbdcfe8e923d1a8a1ed668ec22e802d1cea6c9952cc45cbf60bf179e9c3303850beaf75d634f81ec799510401f8c4459b1c1a496ef5bda34588bbdb5efc2ba3daac852fe9d321640e08d47a479145072e69b4d873a55edf3f22ce214e004e4686057dadec5e573fb0a5598bbb3db814d4d7b74c84b1e628c272068f27c77a674c451cb7996a19c784f2706ac05bc5a626710328f781b8703bc0bc3ba405e608432f2fbc1ab8b7315abc166609dd27e0fc670f0ab98920cdc105336d3faf08fb8d514d5daf8a58562a6b8726280984a0127e0afc61b279187e80b3570656cfe94df0bfd47e83e046205ac50eb302a6f0039c88bc2780d0c9f0e1e780ad6a1cf4ba869a56ed35f0f39b329f45e430f66addac483b7a4b9b809cc7920ca771cf49fc8d1fb91756d641461e8bce346b871d87b08967145cd642c41bde491a2b0449634a0a4729eb4151bae5aa99d4d9fd9b273afbdc32d20aa101250994d322474b68680d82736a5837bbcb404ac86f7ae9adac4ea9ab4cbb905104ca23a2a00f55bc6c4315c68e0a3c66684048914e73a91b63888923751e8af0eaa6f85c81fede484bb79bbddf9bdd2fd8ac669110b1d26e88c82e8139d366b5c26835028512458af85d3c68e66e4c36d93c4fdd9ffed0090096b704abe40ae39c29ea915abd9e9cf71947423a9e1130de9c80de310561aeb3fbb414075c90955236900cf9dc06ff37a57de64b78780235bbb2081aba25002f3b9a46af0588a43e196e7806873a7beb6dfb5163ba57f3b9c0db6901c5771b8b72748c5bea73dab87eb0f4db815b2719516a7cfab344bbc9025414f0ab974059a618211d5f0172f5b6da7df26f3958f713e4f0147aac8e77b3cbb3635f6425c4f1605eb9364e43ad453a1e0897cba85d1214de936b8329a208dc1c66e5aa71d6a5b21b74215fb51243af44bcf25e45a093625c44d92c93d554ee89a1891d480d143b310cbedb0fee09ea76df6737e7ec36a47cd869940c0f4e2372ba99e72d4234d1fe5f1f20ce3d68540747f73b2515b830212e73790d5406fa465700d40f901010c8fabac9d1ed0a3086b4395890ce60067cdb48b75cbbc84", 0x1000}, {&(0x7f0000001640)="ad87e0e326f071719397d45a2fb61011637765d7ceb14aef53fe43b5431780cb6a9a886e7cfbdca8c38d8a710c73238eb1367cb6ff0f87c921ace9fb721c39bcb94e7afd578fb5db4a4369349b", 0x4d}, {&(0x7f00000016c0)="5562ddaa0835e1200ea44124b9b1b746d3cd5a1229e208b95076420745b3d7", 0x1f}, {&(0x7f0000001cc0)="1358e18c724fa7c6ccf6d099592ca5b4259f28eef34e62faf07eb22f710b058e47c1ddf9d6cd5ec356fac187932582999417cd63456e5da419d6a3810d0ecf175459f97a599446a964038d259e1c904e42685d1f13868ba98d622e0d3821056437057fb5ff88b759918499c3e85f9a28af102aead9edba53fb97453a44c537c3535592fc72bcc5064d7daa28e439b413886a7d158fce1405041fe79b4f0dac58f8a65c0cb4aab5565634012b995708b5fe12f481d14819708b9e8dc1e15e59c259", 0xc1}, {&(0x7f00000017c0)="1ce29fa4bdbbd176527eef", 0xb}, {&(0x7f0000001800)="9c7638f83f8551d377d053fc42b9fa2cadc9d1dbbb463c5c6e9e25541ca685705756964f73263aaa5185d80c3a1a2aee928339c73f1ead398c1350bed5d02f9b8d763ba0a64a1a8c524db80605526e04d38cd9c2121250991f8b15c0013a2b7f0a28a943eecec6e58d1ec4a2a1ae87bb110ad266ceabf037441f5692d9b603512c676a5ee40dbd78807db8a46dae1bd7152064b64755ccb926ca1b24f57b92c823cf922737f8148308", 0xa9}], 0x6, &(0x7f0000001b80)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x10}}, @rights={{0x30, 0x1, 0x1, [r6, 0xffffffffffffffff, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r4]}}, @rights={{0x2c, 0x1, 0x1, [r7, 0xffffffffffffffff, r0, r4, r2, 0xffffffffffffffff, r6]}}], 0x90, 0x4040}}], 0x2, 0x48080)
sched_setaffinity(r5, 0x8, &(0x7f00000001c0)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r8, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
r9 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)=<r10=>0x0)
timer_settime(r10, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r11 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pread64(r11, &(0x7f0000000300)=""/150, 0x96, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x42003)

2.872809531s ago: executing program 4 (id=2650):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
recvfrom$unix(r1, 0x0, 0x0, 0x123, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')

1.305189642s ago: executing program 6 (id=2651):
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
prlimit64(0x0, 0x3, 0x0, &(0x7f0000000100))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000000a00)=""/102384, 0x18ff0)
syz_open_dev$dri(0x0, 0x1, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$sequencer(r4, 0x0, 0x9)
ioctl$SNDCTL_SEQ_SYNC(r4, 0x5101)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r6 = memfd_create(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x4)
lseek(r6, 0x7fff, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0xd34, 0xfffffffd})
readv(r5, &(0x7f0000000240)=[{&(0x7f0000000300)=""/168, 0xa8}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv0\x00', <r7=>0x0})
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x24, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r7}, @FOU_ATTR_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4005deb7b6a2586d)

1.219734926s ago: executing program 4 (id=2652):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, 0x0, 0x8041)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f00000000c0)="008d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@cswp={0x58, 0x114, 0x7, {{}, 0x0, 0x0}}], 0x58}, 0x0)
open(0x0, 0x4041, 0x28)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r5, 0x8b26, &(0x7f0000000040))

165.121067ms ago: executing program 4 (id=2653):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, &(0x7f0000000200)})
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030000080000000000000000000000020001000000000010000007000000000200010000008a8c9e"], 0x30}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x4})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000080000000008100000008000300", @ANYRES32=r6, @ANYBLOB="0a000600ffffffffffff0000060066008e880000220033"], 0x58}}, 0x0)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r3, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r5, 0x0, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r7 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
syz_usb_ep_write$ath9k_ep2(r7, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"])
r8 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCRMFF(r8, 0x40044581, &(0x7f0000000080)=0x7)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
r9 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r9, 0xc0d05640, &(0x7f0000000340)={0x9, @pix_mp={0xeb, 0xfff, 0x32315659, 0x2, 0x9, [{}, {}, {0x80, 0x9}, {0x0, 0x320}, {0x0, 0x4}, {0x2, 0xfffffff9}, {0x0, 0x8}, {0x5b1, 0x3}], 0x8, 0x5, 0x8, 0x0, 0x6}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 1 (id=2654):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000000040)={&(0x7f0000000400)=[0x10001, 0x5c3d, 0x2, 0x8000, 0x3, 0xe, 0x3, 0xfff, 0xf, 0x4, 0xffffffff, 0x9, 0x9, 0xcedd, 0x4, 0x3ff, 0x3, 0x6ea6, 0x3, 0x8, 0x3, 0x81, 0x8001, 0x8b, 0x2, 0x7, 0x2, 0x1, 0x163c, 0x0, 0x9, 0x9, 0x0, 0x4, 0x3, 0x1ff, 0x7, 0x3b, 0x4, 0x5, 0xc, 0x5, 0xd59, 0xffff, 0x4, 0xffff, 0x3, 0x5, 0xfffffff4, 0x2152, 0x4, 0x0, 0x800, 0x7, 0x8, 0x7fff, 0x2, 0x7, 0x2bce, 0x69, 0x3fe, 0x3, 0x4, 0x2, 0x7, 0x7, 0x101, 0xe, 0x8, 0x5, 0x0, 0x23d3, 0x4, 0x8, 0x4, 0xfe8, 0x5, 0x9, 0x0, 0x8, 0x1, 0x7fff, 0x5, 0x6, 0x6, 0xa1fc, 0x7fffffff, 0x1000, 0x5e8f, 0x5, 0x80, 0x0, 0x7, 0x80, 0xfff, 0x80, 0x81, 0xfffffff7, 0x401, 0x9, 0x0, 0x0, 0x8, 0x7, 0xfffffff9, 0xd7, 0x6, 0x5, 0x8, 0x7, 0x5, 0x7, 0x8000, 0x61b1, 0x2, 0x9, 0x9, 0x6, 0x1, 0x4, 0x8, 0x4, 0x4, 0xffffffff, 0x10, 0x4b, 0x6, 0xff, 0x8, 0x7, 0x9, 0x0, 0x7fffffff, 0x6c0deb86, 0x9, 0x1, 0xe1ff, 0x9, 0x9, 0xa8, 0x83a, 0xfffffff9, 0x0, 0xf, 0x7, 0x3, 0x10, 0x6a, 0x4, 0x5f5, 0x1, 0x3, 0x40, 0xdf, 0x74, 0xffffff81, 0x8, 0xe44c, 0xb37b, 0xfd, 0x4, 0x1ff, 0x80000000, 0x66c4, 0xfff, 0x3, 0xfffff800, 0x7, 0x15, 0x7, 0x5, 0x3, 0x5, 0x25, 0x3, 0x401, 0x8001, 0xa24, 0x6, 0x4, 0x4, 0xaba, 0x4, 0x6, 0x7, 0x2, 0x2, 0x81, 0x6, 0x8, 0x9, 0x6, 0xac1, 0x8, 0x6, 0xe0000000, 0x3, 0xb, 0x9, 0x193a, 0xfffffffc, 0x9, 0x1ff, 0x1a, 0x10, 0x9, 0xed93, 0x9000, 0x7, 0x5f61, 0x1, 0x2000, 0x61, 0xa, 0x7f, 0x0, 0x6, 0x5, 0x8, 0x4a, 0x2, 0x8, 0x8, 0x4, 0xc, 0x6, 0x7, 0x6, 0x9, 0x1, 0x4, 0x2, 0x5, 0x4, 0x9, 0xd3, 0x5, 0x9, 0x9, 0x8001, 0x3, 0x9, 0x2, 0x7, 0x7, 0x2, 0xfffffeac, 0x0, 0x8, 0x6, 0xfff, 0x1dd00, 0x8, 0x7, 0x9, 0x3, 0x2, 0x2, 0x4, 0x9, 0x1, 0x6, 0x7, 0x9, 0xa9, 0x2, 0x401, 0x1da, 0xffffffff, 0x8000, 0x7, 0x2, 0x7, 0x6, 0x5, 0x7, 0x10001, 0x7f, 0xb, 0x100, 0x9ece, 0x4, 0x8f5, 0x7, 0x9, 0x6, 0x8, 0x4, 0x5, 0x7fffffff, 0x1, 0x2, 0xd1, 0xffff8000, 0x9, 0x7, 0x9, 0x6, 0x4, 0xffff, 0x80000000, 0x2, 0x6f6e, 0x100, 0x0, 0xf0000000, 0xce, 0x3f6a, 0x0, 0x5, 0xfff, 0x9, 0xc, 0x2, 0x9, 0x3, 0x6, 0x3, 0x0, 0x6, 0x3, 0xf1, 0x6, 0x10000, 0x5, 0x6, 0x8, 0x6, 0xffffffff, 0x9, 0xe, 0x7fffffff, 0x400, 0x1, 0xfffffff8, 0x4, 0x3, 0x7f, 0x7, 0x1c000, 0xfffffff8, 0x7, 0x764b, 0x200, 0x5, 0x9, 0x80, 0x6, 0x3, 0x4, 0x4, 0x8, 0x8, 0x1ce, 0x6, 0x7fff, 0x7, 0xd1, 0x7, 0xfffffeff, 0x8, 0x3, 0x9, 0xfffff801, 0x8, 0x6, 0x0, 0x4, 0x20000000, 0x10001, 0x400, 0x4, 0x8, 0xe, 0xffff, 0x2, 0xd, 0x0, 0x1, 0x3, 0x101, 0x7, 0x1, 0x3, 0xda6c, 0x2, 0x7, 0x401, 0x4, 0x6, 0xffffffff, 0x401, 0x4, 0x100, 0xfff, 0x2, 0x6, 0x7, 0x10000, 0x1, 0x9, 0x6856, 0x1, 0x38c5, 0x80000001, 0x0, 0x7, 0x5, 0x10001, 0x8, 0x4, 0x7, 0x3, 0x9, 0x65ec, 0x2, 0x3, 0x2, 0x0, 0x2, 0x0, 0x3ff, 0xba, 0x5, 0x0, 0x9, 0x6, 0x6, 0x4, 0x5, 0xb, 0x3, 0x1ff, 0xffffffff, 0x2b, 0xffff, 0xec4, 0x7, 0x34b4c361, 0x81, 0x0, 0x100, 0x1, 0x6, 0x7, 0x101, 0x7f, 0xfffffff7, 0x7, 0x669, 0x8, 0x8001, 0x80, 0x3, 0x8, 0x3, 0x77, 0x4, 0xb53, 0x80000001, 0x9, 0x8001, 0x5, 0x9, 0x3, 0x1, 0x85, 0x0, 0x619f, 0x40, 0x1000, 0x9, 0xfffffffe, 0x0, 0x636, 0x6, 0x4, 0x4, 0x8, 0xffffff80, 0x0, 0x487, 0x10001, 0x7, 0xd, 0xfffffffb, 0xfffffffa, 0x48, 0x10001, 0x200, 0x519, 0xa, 0x411, 0x0, 0x5, 0x9, 0x1d64, 0x7, 0x10000, 0xffffff80, 0x1, 0x80000000, 0xfffffffc, 0x7a70, 0x7, 0x6, 0x6, 0x80, 0x8, 0x7fc0000, 0xa040, 0xfffffffb, 0x7e, 0xff, 0xfffffff7, 0x1, 0x7, 0x9f92, 0x4, 0x6, 0xe, 0xd, 0x7f, 0xfffff000, 0x10001, 0x7, 0x3, 0x800, 0x659, 0xffff, 0xe, 0x8, 0x7fff, 0x7fffffff, 0x3, 0x2, 0x5bd, 0x9a, 0xb, 0x8, 0x9, 0x10000, 0xa, 0x4, 0x7, 0x3, 0x3, 0x5, 0x9, 0x5, 0x400, 0x6, 0x0, 0x2, 0x9, 0x8, 0x10000, 0x86d4, 0x10, 0x4, 0x1, 0xfc9, 0x5, 0x80000000, 0x9, 0x5, 0x9b40, 0x5, 0x9d6, 0x5aed, 0x3, 0x0, 0x7fffffff, 0x4, 0xfffff001, 0xea94, 0x4, 0x1, 0x38c, 0x3000, 0x604c, 0x1, 0xe, 0x4, 0x7ff, 0x6, 0x3efe, 0x2, 0x101, 0x80000001, 0xa415, 0x5, 0xfff, 0x199b935d, 0xb, 0x400, 0x2, 0x800, 0x8, 0x8, 0xd0, 0x6, 0x4, 0xfffffff8, 0xb22, 0x101, 0x3, 0x2, 0x4, 0x3, 0x3, 0xbf, 0x6, 0x800, 0x3, 0x80000001, 0x8000, 0x100, 0x40000000, 0xa98f, 0x26aa, 0xb, 0x1, 0x8000, 0x400004, 0xffffff7a, 0x5, 0x100, 0x5, 0x8fd, 0xbb5, 0x2, 0x3, 0x1, 0xb0, 0x8, 0x3, 0x4, 0xffffffff, 0x1000, 0x8, 0x7, 0x779, 0xb, 0x15ac, 0x0, 0xc, 0x108, 0x5, 0x7, 0x1, 0x94, 0x1ecb, 0x9, 0x0, 0x401, 0x3, 0x5, 0x80000001, 0x7, 0x3, 0x200, 0x2, 0x7, 0x81, 0x1, 0x6, 0xf, 0x401, 0x5, 0x8, 0x5, 0xa, 0x5, 0x4, 0xd, 0xe00000, 0x6, 0xffffff83, 0x7a6c, 0x4, 0x7f, 0x1ff, 0x100, 0xffffffff, 0x1, 0xfffffffc, 0x10000, 0x8, 0x1, 0x81, 0x9, 0x6, 0xa803, 0x5, 0x6, 0x401, 0x0, 0x2, 0x8, 0x7ffd, 0x10000, 0xfffffffe, 0x6, 0x9, 0x4, 0x8, 0x1000, 0xfa3, 0x8, 0x0, 0x9, 0x4, 0x3, 0x30dc, 0x1332, 0x800, 0x2, 0x3, 0x6, 0x1000, 0x1, 0x5ae, 0x31, 0x0, 0x4, 0x3, 0x5, 0x1000, 0x2fec, 0xfffffbff, 0xb, 0x5, 0xfffffffc, 0x0, 0x3, 0x7, 0x437d0808, 0x6, 0xa, 0x6, 0x9, 0x8, 0x0, 0x3, 0x0, 0x10001, 0x3, 0x7ff, 0x3a9, 0x7, 0xff, 0x9, 0x400, 0x2, 0x2, 0x7fffffff, 0x8, 0x5, 0xffff8000, 0xffffffff, 0x7, 0x40, 0xc4, 0x10, 0x2, 0xe, 0xa9, 0x9a, 0x7fff, 0xadad, 0x2, 0xffffffff, 0x1ff, 0x10000, 0x3, 0x9, 0x4, 0x100, 0x7, 0xa50, 0x53, 0x1, 0x1, 0x5, 0xf, 0x45f, 0x5, 0x6, 0x80000001, 0x40000000, 0x5, 0xb00a, 0x3, 0x7, 0x6, 0x100, 0xfffffffb, 0xe, 0x80000000, 0x5, 0xce4, 0x3b, 0x7fffffff, 0x6, 0x2, 0x5, 0x9, 0x4, 0x4, 0xb2, 0x9, 0x47, 0x9, 0x8, 0x8, 0x6, 0x7fff, 0xa, 0x8, 0x1, 0x7, 0x6, 0x48e2527b, 0x0, 0x100, 0xfffffffa, 0x7, 0x5, 0xfffffffe, 0x3, 0x7f, 0x3, 0xfffffffd, 0x80, 0x12c, 0x6, 0x2, 0x2d25, 0x0, 0x0, 0x0, 0x4, 0x5, 0x100, 0xfbe2, 0xd, 0x2, 0x7, 0x10001, 0x9, 0x4, 0x0, 0x3, 0xd02, 0x3, 0x3, 0x9, 0x5, 0x1, 0x100, 0x9, 0x9, 0x9, 0x3, 0x0, 0x6, 0xffffdf5a, 0x4, 0x5, 0x9, 0x6, 0x1, 0x5, 0x7ff, 0x0, 0x939c, 0x5, 0x6, 0xe2, 0x7, 0x2, 0x80000000, 0x400, 0x9, 0xd, 0x9, 0x8, 0xe766, 0xb, 0xbc34, 0x9, 0x3, 0xfffffffe, 0xff85, 0x9, 0x4, 0x23, 0x2a8, 0x4, 0xe4, 0x8, 0x1, 0x8001, 0x1480, 0x5, 0x3ff, 0x83, 0x0, 0x2, 0x5cbb, 0x33fb, 0x7, 0x1, 0xf3c, 0xf, 0x912, 0x5, 0x800, 0x24000, 0x9, 0x31, 0x0, 0x68, 0x1, 0xb, 0xd, 0x9, 0x9, 0x1, 0x6, 0x4, 0xb, 0x401, 0x1, 0x6, 0x5, 0xf2f, 0x7ff, 0x10001, 0x5, 0x5, 0xc479aab, 0x0, 0x1, 0x7, 0x80000000, 0x36a, 0x0, 0x6b37, 0x0, 0xffffffff, 0x0, 0x7f, 0x7ff, 0x0, 0xff, 0x800, 0x40, 0x1ff, 0x1, 0xfffffff8, 0x9, 0xc72c, 0x8, 0x7ffffffb, 0x71, 0x9, 0x6, 0x6, 0x40, 0xc, 0x3, 0x401, 0x8, 0x40, 0x8000, 0x4, 0x3, 0xe, 0x2d0, 0x1ff, 0x7, 0xb3, 0x4, 0x10001, 0x1ff, 0x0, 0x8, 0x2, 0xfffffff7, 0x6, 0x7ff, 0xfffffff8, 0xffff, 0x6, 0x1, 0x80000000, 0x1000, 0x84, 0xfffffffc, 0xfff, 0xb9e, 0xc, 0xfffffeb7, 0xf77a, 0x8, 0x3, 0x7, 0x1, 0x2, 0x6, 0x1f38, 0x3ff, 0x3ff, 0x9, 0x8000, 0x7f, 0x7, 0x6, 0x8000, 0xd, 0x7, 0x2], 0x1, 0x400, 0x7fffffff})
poll(0x0, 0x0, 0x9)
r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x200000001000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, &(0x7f0000000000)={0x0, 0xe, 0x18, {0x18, 0x24, "c27ebb8e4edc5271b856b204443ef8aa38613940b0cc"}}, &(0x7f0000000040)={0x0, 0x3, 0xb3, @string={0xb3, 0x3, "d1fd721eb7dd93d494aaefe248a1268e4b50d2687487f9ee6cdd786a1f9a0c2d63e3a9495a2d8ec7cb49ad17a2de3eb00da351ca5ea8384c02a97a77f095edebba8958c8f1f71410bedbc564134c3058e7f3b81c018c4e72394851dc838c09b364a9b4c23ca66150f84d8251ad632bfe34db6e7c5578bf429fa21b4f3573f6af01495f16d6c647cef03f92f768567b032084e6b9cd579e754d04133018e8cb333384efd4c7d81553027ce628cafd87b754"}}, &(0x7f0000000100)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0xb, "219304cc"}, @main=@item_4={0x3, 0x0, 0xb, "fa3960ea"}, @main=@item_4={0x3, 0x0, 0xb, "95b9fcdc"}]}}, &(0x7f0000000180)={0x0, 0x21, 0x9, {0x9, 0x21, 0x14, 0x7, 0x1, {0x22, 0xe75}}}}, &(0x7f0000000500)={0x2c, &(0x7f0000000200)={0x0, 0x5, 0xca, "3c19af78a2c443ebca8b8e3d1b6f548c911a267fe152b9e5bbda1ee3eed94c0984fc96ce0baef90fef21897ba5901b97834d5b963504992292c9065ed6b96267dcfdebc1362113b76b9e0b5b813475e857c1a3c93ad57be7356d1206c9201e5e4621e623707cecf33c55834df9f9854b1aea305a9883d9e0302fd28848b16f3b5788d310675441d50e162e48747437bb3fccb634e8ad3b416a93ba76973989962e58e7d8abfae550c99ac9f91dc190f120568e424a17470df1b291b0f2a59b8135623b13cdca8e22cb3c"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0xc9}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000400)={0x20, 0x1, 0xb4, "0523557bf3e15263262c32736ae21a0bbc80e65bc7c2f0749bd65ed77864378842a6eeaf468352cad7378f3d2b21dbd9d05d26a3c958a2e266119f5bc127a502f2371bd8be2a72fe73e77213d3aa6d5e8a27559e42b5e6b8497b9b0afb9f34d468a0db027beedc3aa0c1c618de2117e2b14871b91ae04129b9e15974f1ab4fd8756dd5ca1c28be15e7f1b30fbcca1801e811c144ec9272b98be403e5e2a932fcb7189392787dced9a4f3b067a7fb787f9fea90ae"}, &(0x7f00000004c0)={0x20, 0x3, 0x1}})
syz_open_dev$hiddev(&(0x7f0000000300), 0x0, 0x6000)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000140)={'team0\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_GET_ADDR(r3, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x50, r4, 0x0, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48014}, 0x4841)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="000000001400b59500000000000000008a000000", @ANYRES32, @ANYBLOB="14000200fe8000000000000000000000000000aa140006000000000001f0ffff0000000000000000"], 0x40}}, 0x0)

kernel console output (not intermixed with test programs):

 usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  712.506348][ T5929] usb 7-1: Using ep0 maxpacket: 8
[  712.549876][T10635] appleir 0003:05AC:8243.0010: item fetching failed at offset 0/1
[  712.567616][ T5929] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  712.585110][T10635] appleir 0003:05AC:8243.0010: parse failed
[  713.537730][ T5929] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  713.549365][T10635] appleir 0003:05AC:8243.0010: probe with driver appleir failed with error -22
[  713.558408][ T5929] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  713.574475][T10635] usb 8-1: USB disconnect, device number 3
[  713.580405][ T5929] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  713.896953][ T5929] usb 7-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7
[  713.906146][ T5929] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.947346][ T5929] usb 7-1: config 0 descriptor??
[  713.972203][ T5929] metro_usb 7-1:0.0: Metrologic USB to Serial converter detected
[  713.989441][ T5929] usb 7-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  714.089772][T12812] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  714.196571][T12815] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  714.261604][T10144] usb 7-1: USB disconnect, device number 19
[  714.313623][T10144] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  714.406069][T10144] metro_usb 7-1:0.0: device disconnected
[  715.254677][T12830] binder: 12824:12830 ioctl c0306201 20000bc0 returned -14
[  716.046476][T10635] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  716.266187][T12840] binder: 12835:12840 ioctl c0306201 20000bc0 returned -14
[  717.181023][T10635] usb 7-1: Using ep0 maxpacket: 32
[  717.208710][T10635] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  717.218050][T10635] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  717.226059][T10635] usb 7-1: Product: syz
[  717.265182][T10635] usb 7-1: Manufacturer: syz
[  717.410092][T10635] usb 7-1: SerialNumber: syz
[  717.651642][T12849] SELinux: syz.7.1803 (12849) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  717.967427][T10635] usb 7-1: config 0 descriptor??
[  718.006655][T10635] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  718.074954][T10635] gspca_ov534_9: reg_w failed -71
[  719.446391][T10635] gspca_ov534_9: Unknown sensor 0000
[  719.446439][T10635] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22
[  719.583149][T10635] usb 7-1: USB disconnect, device number 20
[  719.747962][T12860] RDS: rds_bind could not find a transport for ::ffff:172.30.0.7, load rds_tcp or rds_rdma?
[  720.870417][T12867] xt_CT: No such helper "netbios-ns"
[  721.634649][T12870] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  722.201489][T12872] fuse: Bad value for 'user_id'
[  722.777529][T12872] fuse: Bad value for 'user_id'
[  723.252318][T12885] binder: 12879:12885 ioctl c0306201 20000bc0 returned -14
[  724.829814][T12887] binder: 12882:12887 ioctl c0306201 20000bc0 returned -14
[  725.755872][T12900] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1815'.
[  725.841967][T12889] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  725.871050][T12889] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1813'.
[  726.134057][T12912] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1819'.
[  726.822588][T12916] SELinux: syz.7.1818 (12916) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  727.611606][T12928] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  728.308474][T12932] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1824'.
[  729.318405][T12943] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  730.390532][T12956] SELinux: syz.7.1830 (12956) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  730.591344][T12964] fuse: Bad value for 'user_id'
[  731.256929][T12964] fuse: Bad value for 'user_id'
[  731.832458][T12983] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  732.149434][T12984] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1835'.
[  732.547650][T12994] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  733.260394][T13008] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1840'.
[  733.366732][   T25] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  734.265108][   T25] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  734.495955][T13023] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  734.740905][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  734.768579][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  734.795147][   T25] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  734.815226][   T25] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  734.824794][   T25] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  734.833350][   T25] usb 7-1: Manufacturer: syz
[  734.844573][   T25] usb 7-1: config 0 descriptor??
[  735.186789][T13005] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  735.272695][   T25] appleir 0003:05AC:8243.0011: item fetching failed at offset 0/1
[  735.283584][   T25] appleir 0003:05AC:8243.0011: parse failed
[  735.290222][   T25] appleir 0003:05AC:8243.0011: probe with driver appleir failed with error -22
[  735.494658][   T25] usb 7-1: USB disconnect, device number 21
[  736.276744][T13013] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  736.399601][T13085] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1851'.
[  736.839626][T13092] fuse: Bad value for 'user_id'
[  736.844522][T13092] fuse: Bad value for 'user_id'
[  738.319254][T13109] netlink: 'syz.6.1856': attribute type 10 has an invalid length.
[  738.337025][T13109] team0: Device hsr_slave_0 failed to register rx_handler
[  738.544642][T13118] ALSA: mixer_oss: invalid OSS volume ''
[  739.646344][T13100] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  739.899914][T13124] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  740.306022][T13136] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1861'.
[  741.827875][T13169] FAULT_INJECTION: forcing a failure.
[  741.827875][T13169] name failslab, interval 1, probability 0, space 0, times 0
[  741.937105][T13170] binder: 13164:13170 ioctl c0306201 20000bc0 returned -14
[  742.026794][T13169] CPU: 1 UID: 0 PID: 13169 Comm: syz.7.1868 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  742.026824][T13169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  742.026836][T13169] Call Trace:
[  742.026843][T13169]  <TASK>
[  742.026852][T13169]  dump_stack_lvl+0x16c/0x1f0
[  742.026885][T13169]  should_fail_ex+0x497/0x5b0
[  742.026914][T13169]  should_failslab+0xc2/0x120
[  742.026934][T13169]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  742.026962][T13169]  ? skb_clone+0x190/0x3f0
[  742.026988][T13169]  skb_clone+0x190/0x3f0
[  742.027009][T13169]  netlink_deliver_tap+0xabd/0xd30
[  742.027042][T13169]  netlink_unicast+0x5e1/0x7f0
[  742.027073][T13169]  ? __pfx_netlink_unicast+0x10/0x10
[  742.027109][T13169]  netlink_sendmsg+0x8b8/0xd70
[  742.027140][T13169]  ? __pfx_netlink_sendmsg+0x10/0x10
[  742.027179][T13169]  sock_write_iter+0x4fe/0x5b0
[  742.027203][T13169]  ? __pfx_sock_write_iter+0x10/0x10
[  742.027240][T13169]  ? rw_verify_area+0xcf/0x680
[  742.027267][T13169]  vfs_write+0x5ae/0x1150
[  742.027293][T13169]  ? __pfx_sock_write_iter+0x10/0x10
[  742.027319][T13169]  ? __pfx_vfs_write+0x10/0x10
[  742.027347][T13169]  ? __fget_files+0x40/0x3a0
[  742.027388][T13169]  ksys_write+0x207/0x250
[  742.027413][T13169]  ? __pfx_ksys_write+0x10/0x10
[  742.027446][T13169]  do_syscall_64+0xcd/0x250
[  742.027476][T13169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.027501][T13169] RIP: 0033:0x7feb0ab8cd29
[  742.027517][T13169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.027535][T13169] RSP: 002b:00007feb0b92c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  742.027554][T13169] RAX: ffffffffffffffda RBX: 00007feb0ada5fa0 RCX: 00007feb0ab8cd29
[  742.027567][T13169] RDX: 0000000000000027 RSI: 0000000020005c00 RDI: 0000000000000003
[  742.027578][T13169] RBP: 00007feb0b92c090 R08: 0000000000000000 R09: 0000000000000000
[  742.027589][T13169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.027601][T13169] R13: 0000000000000000 R14: 00007feb0ada5fa0 R15: 00007ffffa337808
[  742.027627][T13169]  </TASK>
[  742.311186][T13134] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  745.534823][T13208] 9pnet_fd: Insufficient options for proto=fd
[  746.007067][T13210] xt_CT: No such helper "netbios-ns"
[  746.768475][  T924] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  747.179561][T13222] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  747.501573][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  747.507952][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  747.523725][  T924] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  747.536169][  T924] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  747.548103][  T924] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  747.583122][  T924] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  747.596775][T13216] ALSA: mixer_oss: invalid OSS volume ''
[  747.972783][  T924] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  747.986607][  T924] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  747.995252][  T924] usb 8-1: Manufacturer: syz
[  748.005765][  T924] usb 8-1: config 0 descriptor??
[  748.097956][T13235] fuse: Bad value for 'user_id'
[  748.102909][T13235] fuse: Bad value for 'user_id'
[  749.287867][  T924] appleir 0003:05AC:8243.0012: item fetching failed at offset 0/1
[  749.297238][  T924] appleir 0003:05AC:8243.0012: parse failed
[  749.303234][  T924] appleir 0003:05AC:8243.0012: probe with driver appleir failed with error -22
[  750.219544][   T25] usb 8-1: USB disconnect, device number 4
[  750.230808][T13259] binder: 13257:13259 ioctl c0306201 20000bc0 returned -14
[  751.532921][T13276] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1887'.
[  751.633102][T13282] libceph: resolve '0.' (ret=-3): failed
[  751.681272][T13281] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1888'.
[  751.864447][T13291] 9pnet_fd: Insufficient options for proto=fd
[  751.919425][   T29] audit: type=1400 audit(1737864359.146:551): avc:  denied  { lock } for  pid=13277 comm="syz.6.1888" path="socket:[44650]" dev="sockfs" ino=44650 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  755.360163][T13313] SELinux: syz.7.1894 (13313) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  755.547112][T13298] SELinux: syz.1.1893 (13298) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  755.646233][T13316] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1898'.
[  755.972567][T13332] binder: 13322:13332 ioctl c0306201 20000bc0 returned -14
[  756.235251][T13336] Illegal XDP return value 4294967294 on prog  (id 314) dev N/A, expect packet loss!
[  756.576598][   T25] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  756.764684][   T25] usb 5-1: config 0 has an invalid interface number: 198 but max is 0
[  756.829708][T13345] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  756.858769][   T25] usb 5-1: config 0 has no interface number 0
[  757.196927][   T25] usb 5-1: New USB device found, idVendor=9e88, idProduct=9e8f, bcdDevice=44.b1
[  757.258452][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.336326][   T25] usb 5-1: Product: syz
[  757.366440][   T25] usb 5-1: Manufacturer: syz
[  757.371079][   T25] usb 5-1: SerialNumber: syz
[  757.427479][   T25] usb 5-1: config 0 descriptor??
[  757.465782][   T25] ftdi_sio 5-1:0.198: FTDI USB Serial Device converter detected
[  757.672055][T13336] pimreg3: entered allmulticast mode
[  757.678162][   T25] ftdi_sio ttyUSB0: unknown device type: 0x44b1
[  757.699256][   T25] usb 5-1: USB disconnect, device number 42
[  757.731250][   T25] ftdi_sio 5-1:0.198: device disconnected
[  758.443102][T13359] FAULT_INJECTION: forcing a failure.
[  758.443102][T13359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  758.521406][T13359] CPU: 0 UID: 0 PID: 13359 Comm: syz.1.1906 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  758.521435][T13359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  758.521446][T13359] Call Trace:
[  758.521451][T13359]  <TASK>
[  758.521459][T13359]  dump_stack_lvl+0x16c/0x1f0
[  758.521489][T13359]  should_fail_ex+0x497/0x5b0
[  758.521514][T13359]  _copy_from_user+0x2e/0xd0
[  758.521538][T13359]  memdup_user+0x71/0xd0
[  758.521561][T13359]  strndup_user+0x78/0xe0
[  758.521584][T13359]  __do_sys_fsconfig+0x2e3/0xbe0
[  758.521606][T13359]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  758.521635][T13359]  do_syscall_64+0xcd/0x250
[  758.521662][T13359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.521685][T13359] RIP: 0033:0x7f749058cd29
[  758.521699][T13359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  758.521716][T13359] RSP: 002b:00007f7491303038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  758.521732][T13359] RAX: ffffffffffffffda RBX: 00007f74907a5fa0 RCX: 00007f749058cd29
[  758.521742][T13359] RDX: 0000000020000000 RSI: 0000000000000001 RDI: 0000000000000003
[  758.521752][T13359] RBP: 00007f7491303090 R08: 0000000000000000 R09: 0000000000000000
[  758.521761][T13359] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[  758.521771][T13359] R13: 0000000000000000 R14: 00007f74907a5fa0 R15: 00007ffdfd2bc5a8
[  758.521791][T13359]  </TASK>
[  759.673203][T13383] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1911'.
[  759.714354][T13376] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1910'.
[  760.747217][T13393] ALSA: mixer_oss: invalid OSS volume ''
[  760.953090][T13377] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  763.904089][T13414] xt_CT: No such helper "netbios-ns"
[  763.971879][T13417] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  763.981271][T13417] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  763.990450][T13417] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  763.999510][T13417] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  764.650418][T13417] vxlan0: entered promiscuous mode
[  764.659330][T13417] vxlan0: entered allmulticast mode
[  765.771715][T13417] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  765.780763][T13417] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  765.789785][T13417] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  765.798911][T13417] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  766.905711][T13457] binder: 13445:13457 ioctl c0306201 20000bc0 returned -14
[  767.126510][   T46] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  767.195833][T13468] ALSA: mixer_oss: invalid OSS volume ''
[  767.596374][   T46] usb 6-1: Using ep0 maxpacket: 8
[  767.607648][   T46] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  767.624568][   T46] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  767.659979][   T46] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  767.688753][   T46] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  767.714484][   T46] usb 6-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7
[  767.740239][   T46] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.770569][   T46] usb 6-1: config 0 descriptor??
[  767.787741][   T46] metro_usb 6-1:0.0: Metrologic USB to Serial converter detected
[  767.813922][   T46] usb 6-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  768.052972][T13473] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  768.381359][    T9] usb 6-1: USB disconnect, device number 37
[  768.402541][    T9] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  768.447113][    T9] metro_usb 6-1:0.0: device disconnected
[  768.822216][T13480] RDS: rds_bind could not find a transport for ::ffff:172.30.0.7, load rds_tcp or rds_rdma?
[  769.345686][T13493] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1934'.
[  770.011519][   T29] audit: type=1400 audit(1737864377.416:552): avc:  denied  { bind } for  pid=13498 comm="syz.4.1936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  770.789060][T13505] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1937'.
[  771.214529][   T29] audit: type=1400 audit(1737864378.626:553): avc:  denied  { create } for  pid=13511 comm="syz.1.1939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  771.236573][   T29] audit: type=1400 audit(1737864378.646:554): avc:  denied  { setopt } for  pid=13511 comm="syz.1.1939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  771.686442][   T29] audit: type=1326 audit(1737864379.086:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13511 comm="syz.1.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  772.030010][   T29] audit: type=1326 audit(1737864379.086:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13511 comm="syz.1.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  772.030048][   T29] audit: type=1326 audit(1737864379.086:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13511 comm="syz.1.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  772.030086][   T29] audit: type=1326 audit(1737864379.126:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13511 comm="syz.1.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  772.030120][   T29] audit: type=1326 audit(1737864379.126:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13511 comm="syz.1.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  772.133784][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.258640][T13525] ALSA: mixer_oss: invalid OSS volume ''
[  772.753994][T13531] lo speed is unknown, defaulting to 1000
[  773.741123][T13549] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  774.640246][T10635] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  774.648037][   T29] audit: type=1400 audit(1737864382.056:560): avc:  denied  { unlink } for  pid=13559 comm="syz.6.1948" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  774.760171][   T29] audit: type=1400 audit(1737864382.176:561): avc:  denied  { read } for  pid=13559 comm="syz.6.1948" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  774.836487][T10635] usb 5-1: device descriptor read/64, error -71
[  775.167041][T10635] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  775.391776][T10635] usb 5-1: device descriptor read/64, error -71
[  775.510493][T10635] usb usb5-port1: attempt power cycle
[  775.856427][T10635] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  775.917195][T10635] usb 5-1: device descriptor read/8, error -71
[  776.206408][T10635] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  776.270268][T10635] usb 5-1: device descriptor read/8, error -71
[  776.332000][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  776.332017][   T29] audit: type=1400 audit(1737864383.746:563): avc:  denied  { getopt } for  pid=13588 comm="syz.1.1956" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  776.397407][T10635] usb usb5-port1: unable to enumerate USB device
[  777.536523][ T5916] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  777.719446][T13606] FAULT_INJECTION: forcing a failure.
[  777.719446][T13606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  777.732713][T13606] CPU: 0 UID: 0 PID: 13606 Comm: syz.4.1960 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  777.732736][T13606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  777.732748][T13606] Call Trace:
[  777.732754][T13606]  <TASK>
[  777.732761][T13606]  dump_stack_lvl+0x16c/0x1f0
[  777.732792][T13606]  should_fail_ex+0x497/0x5b0
[  777.732819][T13606]  _copy_from_user+0x2e/0xd0
[  777.732846][T13606]  copy_msghdr_from_user+0x99/0x160
[  777.732866][T13606]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  777.732891][T13606]  ? __pfx___lock_acquire+0x10/0x10
[  777.732921][T13606]  ___sys_recvmsg+0xdc/0x1a0
[  777.732940][T13606]  ? __pfx____sys_recvmsg+0x10/0x10
[  777.732958][T13606]  ? find_held_lock+0x2d/0x110
[  777.732991][T13606]  ? __pfx___might_resched+0x10/0x10
[  777.733018][T13606]  ? __might_fault+0xe3/0x190
[  777.733044][T13606]  do_recvmmsg+0x2f8/0x740
[  777.733066][T13606]  ? __pfx_do_recvmmsg+0x10/0x10
[  777.733083][T13606]  ? vfs_write+0x306/0x1150
[  777.733114][T13606]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  777.733150][T13606]  ? __fget_files+0x206/0x3a0
[  777.733182][T13606]  __x64_sys_recvmmsg+0x239/0x290
[  777.733203][T13606]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  777.733231][T13606]  do_syscall_64+0xcd/0x250
[  777.733259][T13606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.733285][T13606] RIP: 0033:0x7f6a0b78cd29
[  777.733299][T13606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  777.733317][T13606] RSP: 002b:00007f6a0c663038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  777.733335][T13606] RAX: ffffffffffffffda RBX: 00007f6a0b9a6160 RCX: 00007f6a0b78cd29
[  777.733347][T13606] RDX: 000000000000004b RSI: 0000000020000500 RDI: 0000000000000005
[  777.733359][T13606] RBP: 00007f6a0c663090 R08: 0000000000000000 R09: 0000000000000000
[  777.733370][T13606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  777.733381][T13606] R13: 0000000000000000 R14: 00007f6a0b9a6160 R15: 00007ffed9a4f328
[  777.733412][T13606]  </TASK>
[  778.079322][ T5916] usb 6-1: Using ep0 maxpacket: 32
[  778.108683][T13612] misc userio: Begin command sent, but we're already running
[  778.109898][ T5916] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  778.144470][ T5916] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.161681][ T5916] usb 6-1: Product: syz
[  778.220461][ T5916] usb 6-1: Manufacturer: syz
[  778.242547][ T5916] usb 6-1: SerialNumber: syz
[  778.246547][  T924] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  778.347489][ T5916] usb 6-1: config 0 descriptor??
[  778.439693][  T924] usb 5-1: device descriptor read/64, error -71
[  778.445660][ T5916] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  778.726427][  T924] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  778.891692][T13620] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  778.928353][  T924] usb 5-1: device descriptor read/64, error -71
[  779.049412][  T924] usb usb5-port1: attempt power cycle
[  779.129703][ T5916] gspca_ov534_9: reg_w failed -71
[  779.556565][  T924] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  779.590173][  T924] usb 5-1: device descriptor read/8, error -71
[  779.906670][  T924] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  779.978481][  T924] usb 5-1: device descriptor read/8, error -71
[  780.108691][T13631] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  780.125235][  T924] usb usb5-port1: unable to enumerate USB device
[  780.436325][ T5916] gspca_ov534_9: Unknown sensor 0000
[  780.436390][ T5916] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  780.582005][ T5916] usb 6-1: USB disconnect, device number 38
[  780.966350][T13643] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1970'.
[  781.457550][T13646] SELinux: syz.7.1972 (13646) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  782.560630][T13662] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  783.511418][T13667] lo speed is unknown, defaulting to 1000
[  783.661434][   T29] audit: type=1400 audit(1737864390.986:564): avc:  denied  { map } for  pid=13666 comm="syz.6.1978" path="/216" dev="tmpfs" ino=1145 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  783.738359][T13672] openvswitch: netlink: Flow actions attr not present in new flow.
[  784.409435][T13687] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  784.890785][T13691] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  785.217110][T13617] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  786.086356][T13617] usb 7-1: Using ep0 maxpacket: 32
[  786.099476][T13617] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  786.196561][T13617] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.228042][   T29] audit: type=1400 audit(1737864393.646:565): avc:  denied  { ioctl } for  pid=13697 comm="syz.1.1985" path="socket:[45449]" dev="sockfs" ino=45449 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  786.285186][T13617] usb 7-1: Product: syz
[  786.300977][T13617] usb 7-1: Manufacturer: syz
[  786.326076][T13617] usb 7-1: SerialNumber: syz
[  786.353371][T13617] usb 7-1: config 0 descriptor??
[  786.382085][T13617] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  787.521512][T13617] gspca_ov534_9: reg_w failed -110
[  789.086396][T13617] gspca_ov534_9: Unknown sensor 0000
[  789.086473][T13617] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22
[  789.850907][T13617] usb 7-1: USB disconnect, device number 22
[  790.905542][T13736] ALSA: mixer_oss: invalid OSS volume ''
[  791.110752][T13741] binder: 13739:13741 ioctl c0306201 20000bc0 returned -14
[  792.488205][T13756] fuse: Bad value for 'user_id'
[  792.519560][T13756] fuse: Bad value for 'user_id'
[  792.622143][T13751] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1994'.
[  792.639448][T13756] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  792.650506][T13765] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1996'.
[  792.936402][    T9] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  793.124735][    T9] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  793.166993][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  793.192928][   T25] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  793.196389][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  793.234183][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  793.263723][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  793.286349][    T9] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  793.294472][    T9] usb 7-1: Manufacturer: syz
[  793.327615][    T9] usb 7-1: config 0 descriptor??
[  793.356623][   T25] usb 8-1: Using ep0 maxpacket: 32
[  793.377572][   T25] usb 8-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  793.405439][   T25] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  793.434161][   T25] usb 8-1: Product: syz
[  793.444009][   T25] usb 8-1: Manufacturer: syz
[  793.460931][   T25] usb 8-1: SerialNumber: syz
[  793.488467][   T25] usb 8-1: config 0 descriptor??
[  793.529891][   T25] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  793.751726][T13800] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  794.274573][    T9] appleir 0003:05AC:8243.0013: item fetching failed at offset 0/1
[  794.461951][    T9] appleir 0003:05AC:8243.0013: parse failed
[  794.462277][   T25] gspca_ov534_9: reg_w failed -71
[  794.481952][    T9] appleir 0003:05AC:8243.0013: probe with driver appleir failed with error -22
[  794.528846][    T9] usb 7-1: USB disconnect, device number 23
[  794.955387][   T25] gspca_ov534_9: Unknown sensor 0000
[  794.955455][   T25] ov534_9 8-1:0.0: probe with driver ov534_9 failed with error -22
[  794.988929][   T25] usb 8-1: USB disconnect, device number 5
[  796.099015][   T29] audit: type=1400 audit(1737864403.516:566): avc:  denied  { getopt } for  pid=13766 comm="syz.1.1997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  796.333632][T13840] netlink: 256 bytes leftover after parsing attributes in process `syz.7.2009'.
[  796.344955][T13840] unsupported nlmsg_type 40
[  796.375708][T13841] fuse: Bad value for 'user_id'
[  796.375730][T13841] fuse: Bad value for 'user_id'
[  798.526498][   T29] audit: type=1400 audit(1737864405.926:567): avc:  denied  { nlmsg_write } for  pid=13856 comm="syz.4.2013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  798.748845][T13865] xt_CT: No such helper "netbios-ns"
[  799.590030][T13863] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  799.675008][T13876] ALSA: mixer_oss: invalid OSS volume ''
[  799.816438][ T5867] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  800.159062][ T5867] usb 5-1: Using ep0 maxpacket: 8
[  800.179987][ T5867] usb 5-1: config 0 has an invalid interface number: 199 but max is 0
[  800.196397][ T5867] usb 5-1: config 0 has no interface number 0
[  800.211846][ T5867] usb 5-1: config 0 interface 199 altsetting 0 endpoint 0x5 has invalid maxpacket 82, setting to 64
[  800.238227][ T5867] usb 5-1: New USB device found, idVendor=ac93, idProduct=b001, bcdDevice=15.3d
[  800.256400][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.274732][ T5867] usb 5-1: Product: syz
[  800.279292][ T5867] usb 5-1: Manufacturer: syz
[  800.283930][ T5867] usb 5-1: SerialNumber: syz
[  800.298212][ T5867] usb 5-1: config 0 descriptor??
[  800.322008][ T5867] usbhid 5-1:0.199: couldn't find an input interrupt endpoint
[  800.523997][ T5867] usb 5-1: USB disconnect, device number 51
[  801.471173][T13899] netlink: 220 bytes leftover after parsing attributes in process `syz.7.2023'.
[  801.738505][   T29] audit: type=1400 audit(1737864409.156:568): avc:  denied  { read write } for  pid=13896 comm="syz.6.2022" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  801.804536][T13906] fuse: Bad value for 'user_id'
[  801.818042][   T29] audit: type=1400 audit(1737864409.156:569): avc:  denied  { open } for  pid=13896 comm="syz.6.2022" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  801.970689][T13906] fuse: Bad value for 'user_id'
[  801.988576][   T29] audit: type=1400 audit(1737864409.266:570): avc:  denied  { watch watch_reads } for  pid=13896 comm="syz.6.2022" path="/223/file0" dev="tmpfs" ino=1189 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  803.318062][   T29] audit: type=1400 audit(1737864410.736:571): avc:  denied  { ioctl } for  pid=13921 comm="syz.4.2028" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0x920a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  804.375973][T13949] 9pnet_fd: Insufficient options for proto=fd
[  804.417743][T10766] Bluetooth: hci5: sending frame failed (-49)
[  804.427818][   T55] Bluetooth: hci5: Entering manufacturer mode failed (-49)
[  804.440980][T13949] Bluetooth: hci5: Frame reassembly failed (-84)
[  804.606432][T13959] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  805.018651][T13965] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2037'.
[  805.436733][T13617] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  805.474078][T13976] netlink: 'syz.4.2040': attribute type 10 has an invalid length.
[  805.547313][T13976] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  805.598274][T13617] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  805.917328][T13617] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  805.936620][T13617] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  805.959916][T13617] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  805.975372][T13617] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  805.984903][T13617] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  805.993714][T13617] usb 8-1: Manufacturer: syz
[  806.000824][T13617] usb 8-1: config 0 descriptor??
[  806.077255][T13980] team0: Port device team_slave_1 removed
[  806.415589][T13947] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  806.589711][T14002] binder: 13993:14002 ioctl c0306201 20000bc0 returned -14
[  806.631915][T13617] appleir 0003:05AC:8243.0014: item fetching failed at offset 0/1
[  806.640384][T13617] appleir 0003:05AC:8243.0014: parse failed
[  806.651223][T13617] appleir 0003:05AC:8243.0014: probe with driver appleir failed with error -22
[  806.710440][T14006] netlink: zone id is out of range
[  806.722259][T14006] netlink: zone id is out of range
[  806.731160][T14006] netlink: zone id is out of range
[  806.741350][T14006] netlink: zone id is out of range
[  806.750293][T14006] netlink: zone id is out of range
[  806.755554][T14006] netlink: zone id is out of range
[  806.958251][T13617] usb 8-1: USB disconnect, device number 6
[  807.035555][T14009] netlink: 'syz.4.2046': attribute type 10 has an invalid length.
[  807.071644][T14009] team0: Device hsr_slave_0 failed to register rx_handler
[  807.157304][T14013] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2047'.
[  808.262536][T14024] binder: 14020:14024 ioctl c0306201 20000bc0 returned -14
[  808.443908][    T9] libceph: connect (1)[c::]:6789 error -22
[  808.456417][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  808.537934][   T29] audit: type=1400 audit(1737864415.936:572): avc:  denied  { mounton } for  pid=14019 comm="syz.5.2048" path="/proc/1138/task" dev="proc" ino=48153 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  808.638003][   T29] audit: type=1400 audit(1737864415.946:573): avc:  denied  { mount } for  pid=14019 comm="syz.5.2048" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  808.644721][T14021] ceph: No mds server is up or the cluster is laggy
[  808.684384][   T29] audit: type=1400 audit(1737864416.096:574): avc:  denied  { ioctl } for  pid=14035 comm="syz.4.2051" path="socket:[47185]" dev="sockfs" ino=47185 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  808.790604][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  808.797204][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  808.818251][    T9] libceph: connect (1)[c::]:6789 error -22
[  808.832216][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  808.841300][   T29] audit: type=1400 audit(1737864416.246:575): avc:  denied  { accept } for  pid=14035 comm="syz.4.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  808.968023][   T29] audit: type=1326 audit(1737864416.376:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14033 comm="syz.1.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  808.991621][   T29] audit: type=1326 audit(1737864416.376:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14033 comm="syz.1.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  809.015251][   T29] audit: type=1326 audit(1737864416.386:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14033 comm="syz.1.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  809.039738][   T29] audit: type=1326 audit(1737864416.386:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14033 comm="syz.1.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  809.068391][   T29] audit: type=1326 audit(1737864416.386:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14033 comm="syz.1.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7ffc0000
[  809.137102][T14043] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  809.156940][T14043] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  809.210438][T14049] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  809.505151][T14043] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  810.137011][T14062] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  810.765540][T14071] FAULT_INJECTION: forcing a failure.
[  810.765540][T14071] name failslab, interval 1, probability 0, space 0, times 0
[  810.778521][T14071] CPU: 0 UID: 0 PID: 14071 Comm: syz.4.2056 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  810.778545][T14071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  810.778557][T14071] Call Trace:
[  810.778562][T14071]  <TASK>
[  810.778569][T14071]  dump_stack_lvl+0x16c/0x1f0
[  810.778601][T14071]  should_fail_ex+0x497/0x5b0
[  810.778625][T14071]  ? fs_reclaim_acquire+0xae/0x150
[  810.778652][T14071]  should_failslab+0xc2/0x120
[  810.778672][T14071]  __kmalloc_node_noprof+0xd1/0x510
[  810.778692][T14071]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  810.778724][T14071]  __kvmalloc_node_noprof+0xad/0x1a0
[  810.778752][T14071]  udmabuf_create+0x35f/0x11e0
[  810.778782][T14071]  ? find_held_lock+0x2d/0x110
[  810.778806][T14071]  ? __might_fault+0x13b/0x190
[  810.778828][T14071]  ? __pfx_udmabuf_create+0x10/0x10
[  810.778855][T14071]  ? lock_acquire+0x2f/0xb0
[  810.778878][T14071]  ? __might_fault+0xe3/0x190
[  810.778899][T14071]  ? __might_fault+0xe3/0x190
[  810.778926][T14071]  udmabuf_ioctl+0x193/0x310
[  810.778950][T14071]  ? __pfx_udmabuf_ioctl+0x10/0x10
[  810.778985][T14071]  ? selinux_file_ioctl+0xb4/0x270
[  810.779010][T14071]  ? __pfx_udmabuf_ioctl+0x10/0x10
[  810.779036][T14071]  __x64_sys_ioctl+0x190/0x200
[  810.779061][T14071]  do_syscall_64+0xcd/0x250
[  810.779089][T14071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.779114][T14071] RIP: 0033:0x7f6a0b78cd29
[  810.779130][T14071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  810.779148][T14071] RSP: 002b:00007f6a0c663038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  810.779165][T14071] RAX: ffffffffffffffda RBX: 00007f6a0b9a6160 RCX: 00007f6a0b78cd29
[  810.779178][T14071] RDX: 0000000020000000 RSI: 0000000040187542 RDI: 0000000000000007
[  810.779190][T14071] RBP: 00007f6a0c663090 R08: 0000000000000000 R09: 0000000000000000
[  810.779201][T14071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  810.779213][T14071] R13: 0000000000000000 R14: 00007f6a0b9a6160 R15: 00007ffed9a4f328
[  810.779238][T14071]  </TASK>
[  811.019742][T14072] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2057'.
[  811.097653][T14076] 9pnet_fd: Insufficient options for proto=fd
[  811.112065][T14076] Bluetooth: hci5: Frame reassembly failed (-84)
[  811.132608][ T9557] Bluetooth: hci5: Frame reassembly failed (-84)
[  811.362929][T14089] 9pnet_fd: Insufficient options for proto=fd
[  812.959055][T14119] binder: 14114:14119 ioctl c0306201 20000bc0 returned -14
[  813.186763][   T55] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  813.399539][T14131] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  813.894372][T14134] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  814.268738][T14136] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2067'.
[  814.535279][T14137] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2069'.
[  815.071375][T14153] SELinux: syz.5.2072 (14153) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  815.238598][T14155] binder: 14140:14155 ioctl c0306201 20000bc0 returned -14
[  816.779808][T14168] xt_CT: No such helper "netbios-ns"
[  817.070021][T14176] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  818.615650][T14198] binder: 14191:14198 ioctl c0306201 20000bc0 returned -14
[  820.794222][T14212] netlink: 'syz.6.2082': attribute type 10 has an invalid length.
[  820.838847][T14212] team0: Device hsr_slave_0 failed to register rx_handler
[  821.595206][T14225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2085'.
[  821.735144][T14225] ipvlan2: entered allmulticast mode
[  821.754366][T14225] batadv0: entered allmulticast mode
[  821.785848][T14225] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  822.089133][T14241] SELinux: syz.7.2086 (14241) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  824.028275][T14263] ALSA: mixer_oss: invalid OSS volume ''
[  824.566480][T14270] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  825.082496][T14279] fuse: Bad value for 'user_id'
[  825.093671][T14276] sp0: Synchronizing with TNC
[  825.099163][T14279] fuse: Bad value for 'user_id'
[  825.251177][T14284] netlink: 'syz.1.2098': attribute type 10 has an invalid length.
[  825.259177][T14284] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2098'.
[  825.269316][T14284] ipvlan1: entered promiscuous mode
[  825.274635][T14284] ipvlan1: entered allmulticast mode
[  825.287831][T14284] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  825.664745][T14292] netlink: 'syz.7.2099': attribute type 10 has an invalid length.
[  826.880643][T14301] xt_CT: No such helper "netbios-ns"
[  827.754390][T14292] team0: Device hsr_slave_0 failed to register rx_handler
[  828.505559][T14320] xt_CT: No such helper "netbios-ns"
[  829.127203][T14316] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2103'.
[  830.027696][T14319] fuse: Bad value for 'user_id'
[  830.065361][T14319] fuse: Bad value for 'user_id'
[  830.370437][T14338] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  830.380235][   T29] audit: type=1804 audit(1737864437.786:581): pid=14337 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.2107" name="/newroot/439/file1" dev="fuse" ino=1 res=1 errno=0
[  830.611210][   T29] audit: type=1800 audit(1737864437.866:582): pid=14337 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.2107" name="/" dev="fuse" ino=1 res=0 errno=0
[  830.714984][   T29] audit: type=1804 audit(1737864437.906:583): pid=14337 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.2107" name="/newroot/439/file1" dev="fuse" ino=1 res=1 errno=0
[  830.885741][   T29] audit: type=1804 audit(1737864437.906:584): pid=14337 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.2107" name="/newroot/439/file1" dev="fuse" ino=1 res=1 errno=0
[  830.917612][   T29] audit: type=1800 audit(1737864437.916:585): pid=14337 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.2107" name="/" dev="fuse" ino=1 res=0 errno=0
[  831.671486][T14366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2112'.
[  833.267036][T14382] netlink: 'syz.6.2116': attribute type 10 has an invalid length.
[  833.379721][T14382] team0: Device hsr_slave_0 failed to register rx_handler
[  833.676453][T14309] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  834.117384][T14309] usb 8-1: Using ep0 maxpacket: 32
[  834.129705][T14309] usb 8-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  834.148527][T14309] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.174599][T14309] usb 8-1: Product: syz
[  834.189116][T14309] usb 8-1: Manufacturer: syz
[  834.196538][T14309] usb 8-1: SerialNumber: syz
[  834.217238][T14309] usb 8-1: config 0 descriptor??
[  834.233226][T14309] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  834.950882][T14309] gspca_ov534_9: reg_w failed -71
[  835.078982][   T29] audit: type=1400 audit(1737864442.496:586): avc:  denied  { map } for  pid=14398 comm="syz.6.2120" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  835.306675][T14309] gspca_ov534_9: Unknown sensor 0000
[  835.307163][T14309] ov534_9 8-1:0.0: probe with driver ov534_9 failed with error -22
[  835.315854][T14406] 9pnet_fd: Insufficient options for proto=fd
[  835.337856][T14309] usb 8-1: USB disconnect, device number 7
[  835.507462][T14407] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  835.598459][T14406] tmpfs: Bad value for 'mpol'
[  836.308576][T14389] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  836.562380][T14309] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  836.896475][T14309] usb 8-1: Using ep0 maxpacket: 32
[  837.072038][T14309] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  837.096455][T14309] usb 8-1: config 0 has no interface number 0
[  837.102948][T14309] usb 8-1: config 0 interface 67 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  837.133573][T14309] usb 8-1: Dual-Role OTG device on HNP port
[  837.146429][T14309] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  837.188410][T14309] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  837.220908][T14309] usb 8-1: Product: syz
[  837.238599][T14309] usb 8-1: Manufacturer: syz
[  837.243310][T14309] usb 8-1: SerialNumber: syz
[  837.348730][T14309] usb 8-1: config 0 descriptor??
[  837.381715][T14309] smsc95xx v2.0.0
[  837.385403][T14309] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  837.426511][T14309] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -22
[  837.486807][T14429] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2129'.
[  837.539888][T14431] netlink: 'syz.1.2130': attribute type 10 has an invalid length.
[  837.563307][T14431] team0: Device hsr_slave_0 failed to register rx_handler
[  837.786611][T14309] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  838.026237][T14309] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  838.053626][T14309] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  838.095167][T14309] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  838.125536][T14309] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  838.140064][T14309] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  838.149574][T14309] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  838.166419][T14309] usb 6-1: Manufacturer: syz
[  838.173150][T14309] usb 6-1: config 0 descriptor??
[  838.466850][T14434] Cannot find set identified by id 0 to match
[  838.978313][T14309] appleir 0003:05AC:8243.0015: item fetching failed at offset 0/1
[  839.012586][T14309] appleir 0003:05AC:8243.0015: parse failed
[  839.036487][T14309] appleir 0003:05AC:8243.0015: probe with driver appleir failed with error -22
[  839.376851][T10635] usb 6-1: USB disconnect, device number 39
[  840.333521][T14461] mkiss: ax0: crc mode is auto.
[  841.483573][T14469] xt_CT: No such helper "netbios-ns"
[  842.412398][   T29] audit: type=1400 audit(1737864449.826:587): avc:  denied  { write } for  pid=14437 comm="syz.6.2131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  842.527392][T10635] usb 8-1: USB disconnect, device number 8
[  842.615420][T14465] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  844.341573][T14538] xt_CT: No such helper "netbios-ns"
[  844.927607][T14476] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  845.311615][T14549] netlink: 892 bytes leftover after parsing attributes in process `syz.4.2142'.
[  847.482068][T14560] mmap: syz.7.2145 (14560): VmData 25841664 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  847.517384][T14591] fuse: Bad value for 'fd'
[  847.523567][T14591] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2151'.
[  848.826434][ T5929] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  848.998195][ T5929] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  849.063971][ T5929] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  849.064033][ T5929] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  849.064063][ T5929] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  849.065493][ T5929] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  849.065523][ T5929] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  849.065544][ T5929] usb 8-1: Manufacturer: syz
[  849.685491][ T5929] usb 8-1: config 0 descriptor??
[  850.152472][ T5929] usbhid 8-1:0.0: can't add hid device: -71
[  850.152813][ T5929] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  850.158644][ T5929] usb 8-1: USB disconnect, device number 9
[  850.910264][T14637] binder: 14635:14637 ioctl c0306201 20000bc0 returned -14
[  851.268734][T14638] mmap: syz.5.2155 (14638) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  851.535655][   T29] audit: type=1400 audit(1737864458.746:588): avc:  denied  { shutdown } for  pid=14639 comm="syz.7.2159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  851.642490][T14645] Invalid ELF header type: 0 != 1
[  852.166575][ T5867] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  852.666456][ T5867] usb 6-1: Using ep0 maxpacket: 32
[  852.673336][T14658] binder: 14657:14658 ioctl 8912 20000540 returned -22
[  852.729682][ T5867] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  852.740982][ T5867] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  852.887688][T14658] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2165'.
[  852.906474][ T5867] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  852.950831][ T5867] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  852.971188][ T5867] usb 6-1: config 0 descriptor??
[  852.986532][ T5929] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  853.136405][ T5929] usb 7-1: Using ep0 maxpacket: 32
[  853.157541][ T5929] usb 7-1: config 0 has an invalid interface number: 111 but max is 1
[  853.186141][ T5929] usb 7-1: config 0 has no interface number 1
[  853.202850][ T5929] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  853.206628][T14649] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2162'.
[  853.228881][T14649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  853.237609][T14649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  853.296339][ T5929] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  853.335165][ T5929] usb 7-1: Product: syz
[  853.339603][ T5929] usb 7-1: Manufacturer: syz
[  853.344217][ T5929] usb 7-1: SerialNumber: syz
[  853.397175][ T5929] usb 7-1: config 0 descriptor??
[  853.416963][T14663] xt_ecn: cannot match TCP bits for non-tcp packets
[  853.450514][   T29] audit: type=1400 audit(1737864460.866:589): avc:  denied  { write } for  pid=14662 comm="syz.1.2166" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  853.503945][ T5867] ft260 0003:0403:6030.0016: unknown main item tag 0x0
[  853.614874][ T5929] snd-usb-6fire 7-1:0.111: unable to receive device firmware state.
[  853.648683][ T5929] snd-usb-6fire 7-1:0.111: probe with driver snd-usb-6fire failed with error -71
[  853.689461][ T5867] ft260 0003:0403:6030.0016: chip code: 5e81 abf2
[  853.702612][ T5929] usb 7-1: USB disconnect, device number 24
[  853.891662][ T5867] ft260 0003:0403:6030.0016: failed to retrieve system status
[  853.914342][ T5867] ft260 0003:0403:6030.0016: probe with driver ft260 failed with error -32
[  853.943757][ T5867] usb 6-1: USB disconnect, device number 40
[  854.095976][   T29] audit: type=1400 audit(1737864461.506:590): avc:  denied  { accept } for  pid=14675 comm="syz.4.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  854.135137][   T29] audit: type=1326 audit(1737864461.546:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7fc00000
[  854.189245][   T29] audit: type=1400 audit(1737864461.606:592): avc:  denied  { read } for  pid=14676 comm="syz.1.2172" path="socket:[50214]" dev="sockfs" ino=50214 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  854.246820][   T29] audit: type=1326 audit(1737864461.606:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f749058cd29 code=0x7fc00000
[  854.428891][   T29] audit: type=1326 audit(1737864461.616:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749058cd29 code=0x7fc00000
[  855.971760][T14696] FAULT_INJECTION: forcing a failure.
[  855.971760][T14696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  856.128594][T14696] CPU: 0 UID: 0 PID: 14696 Comm: syz.1.2178 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  856.128617][T14696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  856.128624][T14696] Call Trace:
[  856.128629][T14696]  <TASK>
[  856.128635][T14696]  dump_stack_lvl+0x16c/0x1f0
[  856.128657][T14696]  should_fail_ex+0x497/0x5b0
[  856.128674][T14696]  _copy_from_user+0x2e/0xd0
[  856.128690][T14696]  ip_mroute_setsockopt+0xfc4/0x1440
[  856.128709][T14696]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  856.128724][T14696]  ? avc_has_perm_noaudit+0x119/0x3a0
[  856.128740][T14696]  ? trace_lock_acquire+0x14e/0x1f0
[  856.128758][T14696]  ? avc_has_perm_noaudit+0x143/0x3a0
[  856.128775][T14696]  do_ip_setsockopt+0x2e8/0x3680
[  856.128788][T14696]  ? __pfx_avc_has_perm+0x10/0x10
[  856.128803][T14696]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  856.128815][T14696]  ? hlock_class+0x4e/0x130
[  856.128827][T14696]  ? sock_has_perm+0x25a/0x2f0
[  856.128846][T14696]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  856.128861][T14696]  ip_setsockopt+0x59/0xf0
[  856.128873][T14696]  raw_setsockopt+0xb8/0x290
[  856.128886][T14696]  ? __pfx_raw_setsockopt+0x10/0x10
[  856.128898][T14696]  ? selinux_socket_setsockopt+0x6a/0x80
[  856.128913][T14696]  ? sock_common_setsockopt+0x2e/0xf0
[  856.128927][T14696]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  856.128940][T14696]  do_sock_setsockopt+0x222/0x480
[  856.128956][T14696]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  856.128969][T14696]  ? lock_acquire+0x2f/0xb0
[  856.128990][T14696]  __sys_setsockopt+0x1a0/0x230
[  856.129010][T14696]  __x64_sys_setsockopt+0xbd/0x160
[  856.129026][T14696]  ? do_syscall_64+0x91/0x250
[  856.129042][T14696]  ? lockdep_hardirqs_on+0x7c/0x110
[  856.129059][T14696]  do_syscall_64+0xcd/0x250
[  856.129076][T14696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.129091][T14696] RIP: 0033:0x7f749058cd29
[  856.129100][T14696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  856.129111][T14696] RSP: 002b:00007f7491303038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  856.129122][T14696] RAX: ffffffffffffffda RBX: 00007f74907a5fa0 RCX: 00007f749058cd29
[  856.129129][T14696] RDX: 00000000000000cf RSI: 0000000000000000 RDI: 0000000000000003
[  856.129135][T14696] RBP: 00007f7491303090 R08: 0000000000000004 R09: 0000000000000000
[  856.129142][T14696] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  856.129148][T14696] R13: 0000000000000000 R14: 00007f74907a5fa0 R15: 00007ffdfd2bc5a8
[  856.129167][T14696]  </TASK>
[  856.886378][   T29] audit: type=1400 audit(1737864464.296:595): avc:  denied  { getopt } for  pid=14711 comm="syz.5.2182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  856.915769][T14714] tap0: tun_chr_ioctl cmd 1074025678
[  856.928411][T14714] tap0: group set to 0
[  856.934712][T14714] QAT: Invalid ioctl -2147191718
[  858.033073][T14720] xt_CT: No such helper "netbios-ns"
[  858.832717][T14730] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2183'.
[  860.137786][T14745] SELinux:  Context system_u:object_r:systemd_passwd_var_run_t:s0 is not valid (left unmapped).
[  860.216396][ T5929] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  860.241483][   T29] audit: type=1400 audit(1737864467.656:596): avc:  denied  { relabelto } for  pid=14744 comm="syz.5.2188" name="346" dev="tmpfs" ino=1811 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  860.268749][    C0] vkms_vblank_simulate: vblank timer overrun
[  860.395172][ T5929] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  860.403319][   T29] audit: type=1400 audit(1737864467.696:597): avc:  denied  { associate } for  pid=14744 comm="syz.5.2188" name="346" dev="tmpfs" ino=1811 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  860.444465][ T5929] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  860.462592][ T5929] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  860.516576][   T29] audit: type=1400 audit(1737864467.736:598): avc:  denied  { write } for  pid=14744 comm="syz.5.2188" name="346" dev="tmpfs" ino=1811 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  860.649452][ T5929] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  860.659249][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  860.667903][ T5929] usb 5-1: Product: syz
[  860.672187][ T5929] usb 5-1: Manufacturer: syz
[  860.677622][ T5929] usb 5-1: SerialNumber: syz
[  860.728648][T14757] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2193'.
[  860.848102][ T5929] cdc_ncm 5-1:1.0: skipping garbage
[  861.286449][   T29] audit: type=1400 audit(1737864467.736:599): avc:  denied  { add_name } for  pid=14744 comm="syz.5.2188" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  861.393169][ T5929] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  861.413519][ T5929] cdc_ncm 5-1:1.0: bind() failure
[  861.553219][ T5929] usb 5-1: USB disconnect, device number 52
[  861.568039][   T29] audit: type=1400 audit(1737864467.736:600): avc:  denied  { create } for  pid=14744 comm="syz.5.2188" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  861.901708][   T29] audit: type=1400 audit(1737864467.736:601): avc:  denied  { associate } for  pid=14744 comm="syz.5.2188" name=E91F7189591E9233614B scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  861.966762][   T29] audit: type=1400 audit(1737864467.896:602): avc:  denied  { remove_name } for  pid=7177 comm="syz-executor" name=E91F7189591E9233614B dev="tmpfs" ino=1816 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  861.997015][   T29] audit: type=1400 audit(1737864467.896:603): avc:  denied  { unlink } for  pid=7177 comm="syz-executor" name=E91F7189591E9233614B dev="tmpfs" ino=1816 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  862.023057][   T29] audit: type=1400 audit(1737864467.896:604): avc:  denied  { rmdir } for  pid=7177 comm="syz-executor" name="346" dev="tmpfs" ino=1811 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  862.071561][T14772] netlink: 'syz.5.2195': attribute type 10 has an invalid length.
[  862.114710][T14772] team0: Device hsr_slave_0 failed to register rx_handler
[  862.511529][   T29] audit: type=1400 audit(1737864469.926:605): avc:  denied  { mount } for  pid=14774 comm="syz.4.2196" name="/" dev="autofs" ino=50472 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  862.646383][   T29] audit: type=1400 audit(1737864470.056:606): avc:  denied  { unmount } for  pid=5813 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  863.340511][T14790] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2200'.
[  863.379548][T14789] vcan0: tx drop: invalid da for name 0x00000000000000ee
[  864.087432][T14309] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  864.811229][   T29] audit: type=1400 audit(1737864472.126:607): avc:  denied  { ioctl } for  pid=14794 comm="syz.6.2202" path="socket:[50506]" dev="sockfs" ino=50506 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  865.245607][T14807] FAULT_INJECTION: forcing a failure.
[  865.245607][T14807] name failslab, interval 1, probability 0, space 0, times 0
[  865.296694][T14807] CPU: 0 UID: 0 PID: 14807 Comm: syz.5.2205 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  865.296722][T14807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  865.296734][T14807] Call Trace:
[  865.296739][T14807]  <TASK>
[  865.296747][T14807]  dump_stack_lvl+0x16c/0x1f0
[  865.296777][T14807]  should_fail_ex+0x497/0x5b0
[  865.296799][T14807]  ? fs_reclaim_acquire+0xae/0x150
[  865.296826][T14807]  should_failslab+0xc2/0x120
[  865.296847][T14807]  __kmalloc_cache_noprof+0x68/0x410
[  865.296872][T14807]  ? __get_fs_type+0x21/0x170
[  865.296896][T14807]  alloc_fs_context+0x57/0x9c0
[  865.296928][T14807]  path_mount+0xb08/0x1f10
[  865.296948][T14807]  ? kmem_cache_free+0x152/0x4c0
[  865.296975][T14807]  ? __pfx_path_mount+0x10/0x10
[  865.296996][T14807]  ? putname+0x13c/0x180
[  865.297019][T14807]  __x64_sys_mount+0x28f/0x310
[  865.297037][T14807]  ? __pfx___x64_sys_mount+0x10/0x10
[  865.297063][T14807]  do_syscall_64+0xcd/0x250
[  865.297091][T14807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.297116][T14807] RIP: 0033:0x7fda7c78cd29
[  865.297132][T14807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.297150][T14807] RSP: 002b:00007fda7d573038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  865.297168][T14807] RAX: ffffffffffffffda RBX: 00007fda7c9a5fa0 RCX: 00007fda7c78cd29
[  865.297180][T14807] RDX: 0000000020000080 RSI: 0000000020000100 RDI: 00000000200000c0
[  865.297192][T14807] RBP: 00007fda7d573090 R08: 0000000000000000 R09: 0000000000000000
[  865.297204][T14807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  865.297214][T14807] R13: 0000000000000000 R14: 00007fda7c9a5fa0 R15: 00007ffe1cf75808
[  865.297239][T14807]  </TASK>
[  865.306459][T14309] usb 8-1: Using ep0 maxpacket: 32
[  865.537558][T14309] usb 8-1: config 0 interface 0 has no altsetting 0
[  865.547427][T14309] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  865.557626][T14309] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  865.587351][T14309] usb 8-1: Product: syz
[  865.601349][T14309] usb 8-1: Manufacturer: syz
[  865.616060][T14309] usb 8-1: SerialNumber: syz
[  865.619698][T14309] usb 8-1: config 0 descriptor??
[  866.116885][T14309] gs_usb 8-1:0.0: Configuring for 1 interfaces
[  866.371699][T14309] usb 8-1: USB disconnect, device number 10
[  866.508040][T14820] lo speed is unknown, defaulting to 1000
[  867.050245][T14831] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2211'.
[  867.203724][T14834] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2212'.
[  867.482490][T14841] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2214'.
[  870.276765][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  870.312741][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  870.991092][   T29] audit: type=1400 audit(1737864478.406:608): avc:  denied  { bind } for  pid=14866 comm="syz.5.2222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  871.409077][T14868] netlink: 'syz.1.2220': attribute type 21 has an invalid length.
[  871.555933][T14880] netlink: 'syz.6.2224': attribute type 10 has an invalid length.
[  871.584697][T14880] team0: Device hsr_slave_0 failed to register rx_handler
[  871.788720][T14309] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  871.812178][T14884] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2225'.
[  872.953700][T14891] xt_CT: No such helper "netbios-ns"
[  873.833130][T14309] usb 5-1: device descriptor read/all, error -71
[  874.381004][T14904] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2228'.
[  874.623104][T14907] ALSA: mixer_oss: invalid OSS volume 'RA'
[  874.935676][T14909] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2232'.
[  874.945296][T14909] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  874.962554][T14909] batman_adv: batadv0: Removing interface: batadv_slave_0
[  874.981328][T14909] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  875.029716][T14909] batman_adv: batadv0: Removing interface: batadv_slave_1
[  875.034538][T14913] misc userio: Invalid payload size
[  875.070047][T14913] misc userio: No port type given on /dev/userio
[  875.085341][T14913] misc userio: No port type given on /dev/userio
[  875.305051][T14921] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  875.620158][ T5929] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  875.956445][ T5929] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  875.965457][ T5929] usb 7-1: config 0 has no interface number 0
[  876.090448][ T5929] usb 7-1: config 0 interface 12 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  876.141666][T14926] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2238'.
[  876.151067][ T5929] usb 7-1: config 0 interface 12 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  876.206430][ T5929] usb 7-1: config 0 interface 12 has no altsetting 0
[  876.218198][ T5929] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  876.237377][ T5929] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.245415][ T5929] usb 7-1: Product: syz
[  876.264302][ T5929] usb 7-1: Manufacturer: syz
[  876.289572][ T5929] usb 7-1: SerialNumber: syz
[  876.331075][ T5929] usb 7-1: config 0 descriptor??
[  876.340621][T14916] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  876.370919][T14916] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  876.428243][ T5929] f81534 7-1:0.12: unsupported endpoint max packet size
[  877.396620][T14935] xt_CT: No such helper "netbios-ns"
[  877.799106][T14939] lo speed is unknown, defaulting to 1000
[  879.696506][T14309] usb 7-1: USB disconnect, device number 25
[  880.380229][T14962] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  880.724124][T14965] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  881.061817][T14967] binder: 14958:14967 ioctl c0306201 20000bc0 returned -14
[  881.376394][   T29] audit: type=1400 audit(1737864488.726:609): avc:  denied  { map } for  pid=14970 comm="syz.7.2249" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  881.505376][   T29] audit: type=1400 audit(1737864488.736:610): avc:  denied  { execute } for  pid=14970 comm="syz.7.2249" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  883.042438][T14995] fuse: Bad value for 'user_id'
[  883.074881][T14995] fuse: Bad value for 'user_id'
[  885.952607][T15017] xt_CT: No such helper "netbios-ns"
[  888.789795][T15039] RDS: rds_bind could not find a transport for ::ffff:172.30.0.7, load rds_tcp or rds_rdma?
[  889.522067][   T29] audit: type=1400 audit(1737864496.916:611): avc:  denied  { wake_alarm } for  pid=15042 comm="syz.1.2270" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  889.699958][T15051] binder: 15041:15051 ioctl c0306201 20000bc0 returned -14
[  890.561241][   T29] audit: type=1400 audit(1737864497.936:612): avc:  denied  { append } for  pid=15054 comm="syz.7.2272" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  891.989312][T15070] 9pnet_fd: Insufficient options for proto=fd
[  892.577657][T15072] PM: Enabling pm_trace changes system date and time during resume.
[  892.577657][T15072] PM: Correct system time has to be restored manually after resume.
[  892.876464][    T8] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  893.435279][T15092] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2278'.
[  893.514957][    T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  893.588777][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  894.006419][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  894.016198][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  894.057725][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  894.076884][    T8] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  894.088312][    T8] usb 5-1: Manufacturer: syz
[  894.119828][    T8] usb 5-1: config 0 descriptor??
[  894.604295][   T29] audit: type=1400 audit(1737864502.016:613): avc:  denied  { create } for  pid=15099 comm="syz.1.2285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  895.206992][T15102] xt_CT: No such helper "netbios-ns"
[  895.972922][    T8] appleir 0003:05AC:8243.0017: item fetching failed at offset 0/1
[  895.995212][    T8] appleir 0003:05AC:8243.0017: parse failed
[  896.001288][    T8] appleir 0003:05AC:8243.0017: probe with driver appleir failed with error -22
[  896.013185][    T8] usb 5-1: USB disconnect, device number 55
[  896.059855][   T29] audit: type=1400 audit(1737864503.466:614): avc:  denied  { add_name } for  pid=15106 comm="syz.1.2286" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  897.189885][   T29] audit: type=1400 audit(1737864503.506:615): avc:  denied  { create } for  pid=15106 comm="syz.1.2286" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  897.211528][   T29] audit: type=1400 audit(1737864503.506:616): avc:  denied  { associate } for  pid=15106 comm="syz.1.2286" name="memory.events" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  897.867699][T15112] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2287'.
[  899.222886][T15138] binder: 15120:15138 ioctl c0306201 20000bc0 returned -14
[  899.836585][ T5916] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  900.076356][ T5916] usb 7-1: Using ep0 maxpacket: 32
[  900.089131][ T5916] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  900.120948][ T5916] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.138660][ T5916] usb 7-1: Product: syz
[  900.142868][ T5916] usb 7-1: Manufacturer: syz
[  900.173810][ T5916] usb 7-1: SerialNumber: syz
[  900.570354][ T5916] usb 7-1: config 0 descriptor??
[  900.811452][ T5916] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  901.551295][T15173] binder: BINDER_SET_CONTEXT_MGR already set
[  901.558927][T15173] binder: 15172:15173 ioctl 4018620d 20000040 returned -16
[  901.596579][ T5916] gspca_ov534_9: reg_w failed -71
[  901.666725][T15178] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[  902.046477][ T5916] gspca_ov534_9: Unknown sensor 0000
[  902.046529][ T5916] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22
[  902.079474][ T5916] usb 7-1: USB disconnect, device number 26
[  902.303256][T15184] xt_NFQUEUE: number of queues (3) out of range (got 65536)
[  902.906388][ T5929] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  903.162631][T15195] 9pnet_fd: Insufficient options for proto=fd
[  903.911452][ T5929] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  903.930434][ T5929] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  903.943130][ T5929] usb 8-1: config 0 descriptor??
[  903.957894][ T5929] cp210x 8-1:0.0: cp210x converter detected
[  904.363308][ T5929] cp210x 8-1:0.0: failed to get vendor val 0x000e size 3: -32
[  904.737028][ T5929] usb 8-1: cp210x converter now attached to ttyUSB0
[  904.922918][T15209] binder: 15187:15209 ioctl c0306201 20000bc0 returned -14
[  905.318742][T15213] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  905.832881][T14309] usb 8-1: USB disconnect, device number 11
[  905.838734][T15217] RDS: rds_bind could not find a transport for ::ffff:172.30.0.7, load rds_tcp or rds_rdma?
[  905.922765][T14309] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  906.426955][T14309] cp210x 8-1:0.0: device disconnected
[  907.843269][T15232] bond0: (slave syz_tun): Releasing backup interface
[  907.850265][   T46] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  908.741681][   T46] usb 8-1: Using ep0 maxpacket: 8
[  908.751510][   T46] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  908.765964][   T46] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  908.803153][   T46] usb 8-1: New USB device found, idVendor=056a, idProduct=0326, bcdDevice= 0.00
[  908.833774][   T46] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  908.889868][   T46] usb 8-1: config 0 descriptor??
[  910.434828][   T46] wacom 0003:056A:0326.0018: ignoring exceeding usage max
[  910.480254][   T46] wacom 0003:056A:0326.0018: Unknown device_type for 'HID 056a:0326'. Ignoring.
[  910.547806][   T46] usb 8-1: USB disconnect, device number 12
[  910.607830][T15260] FAULT_INJECTION: forcing a failure.
[  910.607830][T15260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  910.623768][T15260] CPU: 1 UID: 0 PID: 15260 Comm: syz.5.2329 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  910.623793][T15260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  910.623805][T15260] Call Trace:
[  910.623810][T15260]  <TASK>
[  910.623817][T15260]  dump_stack_lvl+0x16c/0x1f0
[  910.623847][T15260]  should_fail_ex+0x497/0x5b0
[  910.623874][T15260]  _copy_from_iter+0x2a1/0x1560
[  910.623897][T15260]  ? trace_lock_acquire+0x14e/0x1f0
[  910.623921][T15260]  ? __pfx__copy_from_iter+0x10/0x10
[  910.623943][T15260]  ? __virt_addr_valid+0x1a4/0x590
[  910.623967][T15260]  ? __virt_addr_valid+0x5e/0x590
[  910.623985][T15260]  ? __phys_addr_symbol+0x30/0x80
[  910.624002][T15260]  ? __check_object_size+0x488/0x710
[  910.624025][T15260]  file_tty_write.constprop.0+0x48d/0x9a0
[  910.624059][T15260]  vfs_write+0x5ae/0x1150
[  910.624086][T15260]  ? __pfx_tty_write+0x10/0x10
[  910.624126][T15260]  ? __pfx_vfs_write+0x10/0x10
[  910.624156][T15260]  ? __fget_files+0x40/0x3a0
[  910.624193][T15260]  ksys_write+0x12b/0x250
[  910.624215][T15260]  ? __pfx_ksys_write+0x10/0x10
[  910.624244][T15260]  do_syscall_64+0xcd/0x250
[  910.624270][T15260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.624296][T15260] RIP: 0033:0x7fda7c78cd29
[  910.624312][T15260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  910.624329][T15260] RSP: 002b:00007fda7d573038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  910.624345][T15260] RAX: ffffffffffffffda RBX: 00007fda7c9a5fa0 RCX: 00007fda7c78cd29
[  910.624358][T15260] RDX: 0000000000001006 RSI: 0000000020002080 RDI: 0000000000000004
[  910.624369][T15260] RBP: 00007fda7d573090 R08: 0000000000000000 R09: 0000000000000000
[  910.624380][T15260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.624389][T15260] R13: 0000000000000000 R14: 00007fda7c9a5fa0 R15: 00007ffe1cf75808
[  910.624413][T15260]  </TASK>
[  911.341778][T15264] binder: 15247:15264 ioctl c0306201 20000bc0 returned -14
[  911.589091][T15266] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2330'.
[  911.733537][   T29] audit: type=1326 audit(1737864519.096:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15268 comm="syz.1.2331" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f749058cd29 code=0x0
[  911.793002][   T29] audit: type=1400 audit(1737864519.206:618): avc:  denied  { ioctl } for  pid=15268 comm="syz.1.2331" path="socket:[51711]" dev="sockfs" ino=51711 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  911.941357][   T29] audit: type=1400 audit(1737864519.206:619): avc:  denied  { setopt } for  pid=15268 comm="syz.1.2331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  911.967098][   T46] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  912.093744][T15278] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2333'.
[  912.128625][   T29] audit: type=1400 audit(1737864519.546:620): avc:  denied  { mounton } for  pid=15275 comm="syz.4.2332" path="/483/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  912.128769][T15276] overlay: ./file0 is not a directory
[  912.177423][   T46] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB5, changing to 0x85
[  912.196555][   T46] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  912.218466][   T46] usb 8-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  912.229458][   T46] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  912.239881][   T46] usb 8-1: config 0 descriptor??
[  912.526625][T14309] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  912.553548][T15287] netlink: 'syz.1.2335': attribute type 10 has an invalid length.
[  912.562394][T15287] team0: Device hsr_slave_0 failed to register rx_handler
[  912.578901][T15284] xt_CT: No such helper "netbios-ns"
[  912.691735][   T46] appletouch 8-1:0.0: Geyser mode initialized.
[  912.710413][   T46] input: appletouch as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input23
[  912.729272][T14309] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  912.753839][T14309] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  912.797130][T14309] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  912.808294][T14309] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  912.828463][T14309] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  913.097051][    C0] appletouch 8-1:0.0: atp_complete: usb_submit_urb failed with result -1
[  913.180397][T14309] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  913.206482][T14309] usb 6-1: Manufacturer: syz
[  913.213652][T14309] usb 6-1: config 0 descriptor??
[  913.236939][ T5929] usb 8-1: USB disconnect, device number 13
[  913.236952][    C1] appletouch 8-1:0.0: atp_complete: usb_submit_urb failed with result -19
[  913.302621][T12685] udevd[12685]: Error opening device "/dev/input/event4": No such file or directory
[  913.315107][ T5929] appletouch 8-1:0.0: input: appletouch disconnected
[  913.337071][T12685] udevd[12685]: Unable to EVIOCGABS device "/dev/input/event4"
[  913.366645][T12685] udevd[12685]: Unable to EVIOCGABS device "/dev/input/event4"
[  913.652584][T14309] appleir 0003:05AC:8243.0019: unknown main item tag 0x0
[  913.696613][T14309] appleir 0003:05AC:8243.0019: No inputs registered, leaving
[  913.708188][T14309] appleir 0003:05AC:8243.0019: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[  915.662398][T15326] FAULT_INJECTION: forcing a failure.
[  915.662398][T15326] name failslab, interval 1, probability 0, space 0, times 0
[  915.675789][T15326] CPU: 1 UID: 0 PID: 15326 Comm: syz.1.2344 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  915.675813][T15326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  915.675824][T15326] Call Trace:
[  915.675831][T15326]  <TASK>
[  915.675839][T15326]  dump_stack_lvl+0x16c/0x1f0
[  915.675869][T15326]  should_fail_ex+0x497/0x5b0
[  915.675897][T15326]  should_failslab+0xc2/0x120
[  915.675916][T15326]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  915.675945][T15326]  ? trace_lock_acquire+0x14e/0x1f0
[  915.675966][T15326]  ? skb_clone+0x190/0x3f0
[  915.675990][T15326]  skb_clone+0x190/0x3f0
[  915.676010][T15326]  vxcan_xmit+0x1b2/0x850
[  915.676034][T15326]  ? do_raw_spin_lock+0x12d/0x2c0
[  915.676055][T15326]  dev_hard_start_xmit+0x9a/0x7b0
[  915.676086][T15326]  __dev_queue_xmit+0x7f0/0x43e0
[  915.676127][T15326]  ? __pfx___dev_queue_xmit+0x10/0x10
[  915.676176][T15326]  ? __asan_memcpy+0x3c/0x60
[  915.676203][T15326]  ? __asan_memcpy+0x3c/0x60
[  915.676228][T15326]  ? __skb_clone+0x570/0x760
[  915.676263][T15326]  can_send+0x7db/0xc10
[  915.676283][T15326]  ? __pfx_can_send+0x10/0x10
[  915.676307][T15326]  isotp_sendmsg+0xe14/0x1da0
[  915.676343][T15326]  ? __pfx_isotp_sendmsg+0x10/0x10
[  915.676379][T15326]  __sys_sendto+0x488/0x4f0
[  915.676405][T15326]  ? __pfx___sys_sendto+0x10/0x10
[  915.676427][T15326]  ? reacquire_held_locks+0x20b/0x4c0
[  915.676451][T15326]  ? do_user_addr_fault+0xdc7/0x13f0
[  915.676510][T15326]  __x64_sys_sendto+0xe0/0x1c0
[  915.676536][T15326]  ? do_syscall_64+0x91/0x250
[  915.676562][T15326]  ? lockdep_hardirqs_on+0x7c/0x110
[  915.676587][T15326]  do_syscall_64+0xcd/0x250
[  915.676614][T15326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.676643][T15326] RIP: 0033:0x7f749058ebbc
[  915.676666][T15326] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  915.676683][T15326] RSP: 002b:00007f7491301ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  915.676701][T15326] RAX: ffffffffffffffda RBX: 00007f7491301fc0 RCX: 00007f749058ebbc
[  915.676713][T15326] RDX: 0000000000000020 RSI: 00007f7491302010 RDI: 0000000000000003
[  915.676725][T15326] RBP: 0000000000000000 R08: 00007f7491301f14 R09: 000000000000000c
[  915.676736][T15326] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  915.676747][T15326] R13: 00007f7491301f68 R14: 00007f7491302010 R15: 0000000000000000
[  915.676772][T15326]  </TASK>
[  915.967533][   T29] audit: type=1400 audit(1737864523.386:621): avc:  denied  { read } for  pid=15323 comm="syz.1.2344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  916.192905][ T5929] usb 6-1: USB disconnect, device number 41
[  916.207838][T14309] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  916.825181][T15334] syz.6.2346 (15334): drop_caches: 2
[  917.023848][T14309] usb 5-1: Using ep0 maxpacket: 32
[  917.106347][T14309] usb 5-1: config 0 has an invalid interface number: 91 but max is 0
[  917.114493][T14309] usb 5-1: config 0 has no interface number 0
[  917.128892][T14309] usb 5-1: New USB device found, idVendor=1011, idProduct=3198, bcdDevice=98.35
[  917.142190][T14309] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  917.146510][ T5929] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  917.390380][ T5929] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  917.435889][ T5929] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3
[  917.525939][ T5929] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  917.616236][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.726929][T14309] usb 5-1: Product: syz
[  917.731222][T14309] usb 5-1: Manufacturer: syz
[  917.735084][ T5929] usb 6-1: config 0 descriptor??
[  917.735878][T14309] usb 5-1: SerialNumber: syz
[  917.755630][T14309] usb 5-1: config 0 descriptor??
[  918.010845][ T5929] Bluetooth: Can't get state to change to load ram patch err
[  918.036042][ T5929] Bluetooth: Loading patch file failed
[  918.043217][ T5929] ath3k 6-1:0.0: probe with driver ath3k failed with error -71
[  918.117830][ T5929] usb 6-1: USB disconnect, device number 42
[  918.426183][T14309] option 5-1:0.91: GSM modem (1-port) converter detected
[  918.446481][   T46] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  918.489192][T14309] usb 5-1: USB disconnect, device number 56
[  918.535602][T14309] option 5-1:0.91: device disconnected
[  918.616404][   T46] usb 8-1: Using ep0 maxpacket: 8
[  918.767618][   T46] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  918.778140][   T46] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  918.804203][   T46] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  919.523636][   T46] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  919.571680][   T46] usb 8-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7
[  919.581853][   T46] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  919.627228][   T29] audit: type=1400 audit(1737864527.046:622): avc:  denied  { accept } for  pid=15362 comm="syz.5.2354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  919.630231][   T46] usb 8-1: config 0 descriptor??
[  919.720416][   T46] metro_usb 8-1:0.0: Metrologic USB to Serial converter detected
[  919.795719][   T46] usb 8-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  919.970035][   T46] usb 8-1: USB disconnect, device number 14
[  920.047220][  T924] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  920.054793][   T46] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  920.055681][   T46] metro_usb 8-1:0.0: device disconnected
[  920.237792][  T924] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  920.256722][  T924] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  920.295155][  T924] usb 6-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  920.323548][  T924] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.356640][  T924] usb 6-1: config 0 descriptor??
[  920.804806][  T924] cougar 0003:060B:700A.001A: hidraw0: USB HID vff.fc Device [HID 060b:700a] on usb-dummy_hcd.5-1/input0
[  922.092034][T15366] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2355'.
[  922.112573][   T46] usb 6-1: USB disconnect, device number 43
[  925.215054][T15410] xt_CT: No such helper "netbios-ns"
[  926.100651][T15418] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  926.178053][T15418] No such timeout policy "syz1"
[  926.386457][   T29] audit: type=1400 audit(1737864533.796:623): avc:  denied  { ioctl } for  pid=15403 comm="syz.5.2366" path="socket:[52782]" dev="sockfs" ino=52782 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  926.879752][  T924] usb 6-1: new full-speed USB device number 44 using dummy_hcd
[  927.130233][  T924] usb 6-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  927.140261][  T924] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  927.163894][  T924] usb 6-1: Product: syz
[  927.176820][  T924] usb 6-1: Manufacturer: syz
[  927.187898][  T924] usb 6-1: SerialNumber: syz
[  927.198260][  T924] usb 6-1: config 0 descriptor??
[  927.218539][  T924] usb 6-1: selecting invalid altsetting 3
[  927.224489][  T924] comedi comedi0: could not set alternate setting 3 in high speed
[  927.239404][  T924] usbdux 6-1:0.0: driver 'usbdux' failed to auto-configure device.
[  927.251951][  T924] usbdux 6-1:0.0: probe with driver usbdux failed with error -22
[  927.424453][   T29] audit: type=1400 audit(1737864534.836:624): avc:  denied  { mounton } for  pid=15426 comm="syz.5.2371" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  927.426796][T15427] binder: Unknown parameter 'seclabel>'
[  927.516913][ T5929] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  927.559841][   T29] audit: type=1400 audit(1737864534.956:625): avc:  denied  { read } for  pid=15437 comm="syz.6.2375" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  927.617940][  T924] usb 6-1: USB disconnect, device number 44
[  927.686457][   T29] audit: type=1400 audit(1737864534.956:626): avc:  denied  { open } for  pid=15437 comm="syz.6.2375" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  927.692779][ T5929] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  927.755855][ T5929] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  927.767393][ T5929] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  927.789947][ T5929] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  927.811586][ T5929] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  927.821616][ T5929] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  927.837803][ T5929] usb 5-1: Manufacturer: syz
[  927.865585][ T5929] usb 5-1: config 0 descriptor??
[  928.615823][T15450] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2379'.
[  928.639746][ T5929] usbhid 5-1:0.0: can't add hid device: -71
[  928.646750][ T5929] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  929.112304][ T5929] usb 5-1: USB disconnect, device number 57
[  929.349055][   T29] audit: type=1400 audit(1737864536.416:627): avc:  denied  { listen } for  pid=15449 comm="syz.5.2379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  929.462974][   T29] audit: type=1400 audit(1737864536.546:628): avc:  denied  { read } for  pid=15449 comm="syz.5.2379" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  929.656408][   T29] audit: type=1400 audit(1737864536.546:629): avc:  denied  { open } for  pid=15449 comm="syz.5.2379" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  929.942746][T15462] xt_CT: No such helper "netbios-ns"
[  930.000041][   T29] audit: type=1400 audit(1737864536.546:630): avc:  denied  { ioctl } for  pid=15449 comm="syz.5.2379" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  930.909819][T15481] Invalid ELF header magic: != ELF
[  931.672079][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  931.686367][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  932.487828][T15490] fuse: Unknown parameter 'ÿ'
[  932.487828][   T29] audit: type=1400 audit(1737864539.906:631): avc:  denied  { mounton } for  pid=15488 comm="syz.1.2387" path="/530/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  932.514740][    C0] vkms_vblank_simulate: vblank timer overrun
[  933.706942][T15501] xt_CONNSECMARK: invalid mode: 0
[  933.716015][T15509] binder: BINDER_SET_CONTEXT_MGR already set
[  933.722472][T15509] binder: 15505:15509 ioctl 4018620d 20000040 returned -16
[  934.166389][  T924] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  934.338163][  T924] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  934.374139][  T924] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  934.411946][  T924] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  934.437741][  T924] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  934.470539][  T924] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  934.562612][  T924] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  934.576402][  T924] usb 6-1: Manufacturer: syz
[  934.587122][  T924] usb 6-1: config 0 descriptor??
[  935.084975][T15530] geneve3: entered promiscuous mode
[  935.090368][T15530] geneve3: entered allmulticast mode
[  935.580753][  T924] usbhid 6-1:0.0: can't add hid device: -71
[  935.615350][T15528] xt_CT: No such helper "syz0"
[  935.697898][  T924] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  935.742401][  T924] usb 6-1: USB disconnect, device number 45
[  935.985841][T15536] netlink: 'syz.4.2398': attribute type 10 has an invalid length.
[  936.145066][T15536] team0: Device hsr_slave_0 failed to register rx_handler
[  936.306681][T15517] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  937.342551][T15551] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2401'.
[  937.401001][T15551] fuse: Bad value for 'user_id'
[  937.427541][T15551] fuse: Bad value for 'user_id'
[  937.508935][T15554] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  938.661939][   T29] audit: type=1400 audit(1737864546.076:632): avc:  denied  { ioctl } for  pid=15567 comm="syz.5.2406" path="socket:[53123]" dev="sockfs" ino=53123 ioctlcmd=0x5336 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  938.687335][    C0] vkms_vblank_simulate: vblank timer overrun
[  939.393233][   T29] audit: type=1400 audit(1737864546.806:633): avc:  denied  { write } for  pid=15576 comm="syz.4.2409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  940.725794][   T29] audit: type=1400 audit(1737864548.136:634): avc:  denied  { append } for  pid=15589 comm="syz.6.2412" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  941.304316][T15604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2415'.
[  941.476907][T15606] fuse: Bad value for 'user_id'
[  941.481966][T15606] fuse: Bad value for 'user_id'
[  941.542232][T15606] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  942.700099][   T46] usb 8-1: new low-speed USB device number 15 using dummy_hcd
[  943.651543][   T46] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  943.833155][T15628] xt_CT: No such helper "netbios-ns"
[  943.956538][   T46] usb 8-1: config 246 descriptor has 1 excess byte, ignoring
[  943.976498][   T46] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42
[  944.015077][   T46] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  944.047146][   T46] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  944.390539][   T46] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  944.471381][   T46] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  944.507940][   T46] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  945.928488][   T46] usb 8-1: config 246 descriptor has 1 excess byte, ignoring
[  945.937983][   T46] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42
[  946.055005][   T46] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  946.066864][   T46] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  946.077676][   T46] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  946.131327][   T46] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  946.143274][   T46] usb 8-1: unable to read config index 2 descriptor/start: -71
[  946.154711][   T46] usb 8-1: can't read configurations, error -71
[  946.650319][T15666] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2430'.
[  946.864297][T15672] fuse: Bad value for 'user_id'
[  946.880855][T15672] fuse: Bad value for 'user_id'
[  947.204163][T15675] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2432'.
[  947.237370][T15675] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2432'.
[  947.255258][T15677] overlay: ./file0 is not a directory
[  947.312947][T15675] vlan2: entered allmulticast mode
[  948.330276][T15690] FAULT_INJECTION: forcing a failure.
[  948.330276][T15690] name failslab, interval 1, probability 0, space 0, times 0
[  948.378341][T15690] CPU: 1 UID: 0 PID: 15690 Comm: syz.6.2436 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  948.378370][T15690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  948.378382][T15690] Call Trace:
[  948.378388][T15690]  <TASK>
[  948.378396][T15690]  dump_stack_lvl+0x16c/0x1f0
[  948.378429][T15690]  should_fail_ex+0x497/0x5b0
[  948.378452][T15690]  ? fs_reclaim_acquire+0xae/0x150
[  948.378479][T15690]  should_failslab+0xc2/0x120
[  948.378499][T15690]  __kmalloc_cache_noprof+0x68/0x410
[  948.378532][T15690]  tc_new_tfilter+0xef5/0x2360
[  948.378563][T15690]  ? avc_has_perm_noaudit+0xa1/0x3a0
[  948.378600][T15690]  ? __pfx_tc_new_tfilter+0x10/0x10
[  948.378630][T15690]  ? __pfx___lock_acquire+0x10/0x10
[  948.378658][T15690]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  948.378697][T15690]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  948.378724][T15690]  ? __pfx_lock_release+0x10/0x10
[  948.378747][T15690]  ? trace_lock_acquire+0x14e/0x1f0
[  948.378775][T15690]  ? __pfx_tc_new_tfilter+0x10/0x10
[  948.378803][T15690]  rtnetlink_rcv_msg+0x95b/0xea0
[  948.378834][T15690]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  948.378876][T15690]  netlink_rcv_skb+0x16b/0x440
[  948.378901][T15690]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  948.378930][T15690]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  948.378973][T15690]  ? netlink_deliver_tap+0x1ae/0xd30
[  948.379004][T15690]  netlink_unicast+0x53c/0x7f0
[  948.379035][T15690]  ? __pfx_netlink_unicast+0x10/0x10
[  948.379070][T15690]  netlink_sendmsg+0x8b8/0xd70
[  948.379101][T15690]  ? __pfx_netlink_sendmsg+0x10/0x10
[  948.379139][T15690]  ____sys_sendmsg+0xaaf/0xc90
[  948.379162][T15690]  ? copy_msghdr_from_user+0x10b/0x160
[  948.379180][T15690]  ? __pfx_____sys_sendmsg+0x10/0x10
[  948.379217][T15690]  ___sys_sendmsg+0x135/0x1e0
[  948.379237][T15690]  ? __pfx____sys_sendmsg+0x10/0x10
[  948.379268][T15690]  ? __pfx_lock_release+0x10/0x10
[  948.379291][T15690]  ? trace_lock_acquire+0x14e/0x1f0
[  948.379320][T15690]  ? __fget_files+0x206/0x3a0
[  948.379353][T15690]  __sys_sendmsg+0x16e/0x220
[  948.379375][T15690]  ? __pfx___sys_sendmsg+0x10/0x10
[  948.379412][T15690]  do_syscall_64+0xcd/0x250
[  948.379441][T15690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.379466][T15690] RIP: 0033:0x7fca58b8cd29
[  948.379482][T15690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  948.379501][T15690] RSP: 002b:00007fca59a7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  948.379518][T15690] RAX: ffffffffffffffda RBX: 00007fca58da5fa0 RCX: 00007fca58b8cd29
[  948.379531][T15690] RDX: 0000000000000800 RSI: 0000000020006040 RDI: 0000000000000003
[  948.379541][T15690] RBP: 00007fca59a7b090 R08: 0000000000000000 R09: 0000000000000000
[  948.379553][T15690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  948.379563][T15690] R13: 0000000000000000 R14: 00007fca58da5fa0 R15: 00007ffc8a4f6298
[  948.379589][T15690]  </TASK>
[  949.442472][T15703] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2440'.
[  949.725404][T15705] binder: 15700:15705 ioctl c0306201 20000bc0 returned -14
[  950.614505][T14309] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  951.679416][T15715] FAULT_INJECTION: forcing a failure.
[  951.679416][T15715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  951.698458][T14309] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  951.716466][T14309] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  951.728461][T15715] CPU: 1 UID: 0 PID: 15715 Comm: syz.6.2443 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[  951.728486][T15715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  951.728498][T15715] Call Trace:
[  951.728503][T15715]  <TASK>
[  951.728511][T15715]  dump_stack_lvl+0x16c/0x1f0
[  951.728542][T15715]  should_fail_ex+0x497/0x5b0
[  951.728568][T15715]  _copy_from_iter+0x465/0x1560
[  951.728600][T15715]  ? __pfx__copy_from_iter+0x10/0x10
[  951.728629][T15715]  ? __virt_addr_valid+0x1a4/0x590
[  951.728653][T15715]  ? __virt_addr_valid+0x5e/0x590
[  951.728671][T15715]  ? __phys_addr+0xc6/0x150
[  951.728687][T15715]  ? __phys_addr_symbol+0x30/0x80
[  951.728706][T15715]  ? __check_object_size+0x488/0x710
[  951.728730][T15715]  tcp_sendmsg_locked+0x1979/0x37c0
[  951.728772][T15715]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  951.728795][T15715]  ? tcp_sendmsg+0x20/0x50
[  951.728814][T15715]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  951.728835][T15715]  ? mark_held_locks+0x9f/0xe0
[  951.728860][T15715]  ? __local_bh_enable_ip+0xa4/0x120
[  951.728891][T15715]  tcp_sendmsg+0x2e/0x50
[  951.728909][T15715]  ? __pfx_tcp_sendmsg+0x10/0x10
[  951.728929][T15715]  inet_sendmsg+0xb9/0x140
[  951.728949][T15715]  ____sys_sendmsg+0x98c/0xc90
[  951.728973][T15715]  ? copy_msghdr_from_user+0x10b/0x160
[  951.728991][T15715]  ? __pfx_____sys_sendmsg+0x10/0x10
[  951.729015][T15715]  ? __lock_acquire+0xcc5/0x3c40
[  951.729052][T15715]  ___sys_sendmsg+0x135/0x1e0
[  951.729073][T15715]  ? __pfx____sys_sendmsg+0x10/0x10
[  951.729103][T15715]  ? trace_lock_acquire+0x14e/0x1f0
[  951.729143][T15715]  __sys_sendmmsg+0x201/0x420
[  951.729165][T15715]  ? __pfx___sys_sendmmsg+0x10/0x10
[  951.729194][T15715]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  951.729232][T15715]  ? fput+0x67/0x440
[  951.729252][T15715]  ? ksys_write+0x1ba/0x250
[  951.729277][T15715]  ? __pfx_ksys_write+0x10/0x10
[  951.729306][T15715]  __x64_sys_sendmmsg+0x9c/0x100
[  951.729325][T15715]  ? lockdep_hardirqs_on+0x7c/0x110
[  951.729349][T15715]  do_syscall_64+0xcd/0x250
[  951.729377][T15715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.729402][T15715] RIP: 0033:0x7fca58b8cd29
[  951.729417][T15715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  951.729435][T15715] RSP: 002b:00007fca59a7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  951.729452][T15715] RAX: ffffffffffffffda RBX: 00007fca58da5fa0 RCX: 00007fca58b8cd29
[  951.729465][T15715] RDX: 0000000000000002 RSI: 0000000020000cc0 RDI: 0000000000000003
[  951.729476][T15715] RBP: 00007fca59a7b090 R08: 0000000000000000 R09: 0000000000000000
[  951.729487][T15715] R10: 00000000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  951.729498][T15715] R13: 0000000000000000 R14: 00007fca58da5fa0 R15: 00007ffc8a4f6298
[  951.729524][T15715]  </TASK>
[  952.011456][    C1] vkms_vblank_simulate: vblank timer overrun
[  952.018366][T14309] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  952.028164][T14309] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  952.087555][T14309] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  952.096792][T14309] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  952.105638][T14309] usb 8-1: Manufacturer: syz
[  952.112411][T14309] usb 8-1: config 0 descriptor??
[  952.189632][T14309] usbhid 8-1:0.0: can't add hid device: -71
[  952.196486][T14309] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  952.205991][T14309] usb 8-1: USB disconnect, device number 17
[  953.334766][T15727] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2447'.
[  953.677845][T15727] fuse: Bad value for 'user_id'
[  953.682739][T15727] fuse: Bad value for 'user_id'
[  955.543598][T15726] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  955.946445][T14895] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  956.488003][T14895] usb 6-1: Using ep0 maxpacket: 16
[  956.501577][T14895] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  956.522266][T14895] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  956.550193][T14895] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  956.607190][T14895] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  956.629558][T14895] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  956.812083][T14895] usb 6-1: config 0 descriptor??
[  956.887629][T15772] binder: 15767:15772 ioctl c0306201 20000bc0 returned -14
[  959.021974][T15782] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2459'.
[  959.185903][T14895] usbhid 6-1:0.0: can't add hid device: -71
[  959.240217][T14895] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  959.273309][T15782] fuse: Bad value for 'user_id'
[  959.311100][T15782] fuse: Bad value for 'user_id'
[  959.326785][T14895] usb 6-1: USB disconnect, device number 46
[  962.869566][T15817] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2467'.
[  963.194896][T15801] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  965.690032][T15834] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2473'.
[  965.925060][T15834] fuse: Bad value for 'user_id'
[  965.942469][T15834] fuse: Bad value for 'user_id'
[  966.584552][T15849] xt_CT: No such helper "netbios-ns"
[  970.648179][T15877] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  973.957869][T15931] netlink: 'syz.4.2493': attribute type 10 has an invalid length.
[  974.046959][T15931] team0: Device hsr_slave_0 failed to register rx_handler
[  974.144567][T15936] netlink: 'syz.6.2494': attribute type 10 has an invalid length.
[  974.510902][T15936] team0: Device hsr_slave_0 failed to register rx_handler
[  976.994669][T15960] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2497'.
[  978.389101][T15975] xt_CT: No such helper "netbios-ns"
[  979.290332][T15989] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  981.707659][T16014] netlink: 'syz.1.2507': attribute type 10 has an invalid length.
[  981.766786][T16014] team0: Device hsr_slave_0 failed to register rx_handler
[  982.426737][   T29] audit: type=1400 audit(1737864589.846:635): avc:  denied  { read write } for  pid=16023 comm="syz.4.2509" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  982.450217][    C1] vkms_vblank_simulate: vblank timer overrun
[  983.256934][   T29] audit: type=1400 audit(1737864590.006:636): avc:  denied  { open } for  pid=16023 comm="syz.4.2509" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  983.280379][    C1] vkms_vblank_simulate: vblank timer overrun
[  983.846799][   T25] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  984.278934][T16044] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2513'.
[  984.587612][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  984.589726][T16058] fuse: Bad value for 'user_id'
[  984.625116][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  984.661411][   T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  984.701245][T16058] fuse: Bad value for 'user_id'
[  984.727895][   T25] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  984.737104][T16054] xt_CT: No such helper "netbios-ns"
[  984.758066][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  984.797084][   T25] usb 6-1: config 0 descriptor??
[  986.311918][   T25] usbhid 6-1:0.0: can't add hid device: -71
[  986.325998][   T25] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  986.432372][T16118] binder: 16116:16118 ioctl c0306201 20000bc0 returned -14
[  986.498990][   T25] usb 6-1: USB disconnect, device number 47
[  987.513915][T16142] binder: 16134:16142 ioctl c0306201 20000bc0 returned -14
[  990.389433][T16167] xt_CT: No such helper "netbios-ns"
[  990.905568][T16179] binder: 16176:16179 ioctl c0306201 20000bc0 returned -14
[  991.489606][T16195] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  993.296769][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  993.303097][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  995.372815][T16226] binder: 16213:16226 ioctl c0306201 20000bc0 returned -14
[  995.934436][T16232] xt_CT: No such helper "netbios-ns"
[  996.255751][T16239] binder: 16237:16239 ioctl c0306201 20000bc0 returned -14
[  998.598257][T16244] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1000.366521][   T29] audit: type=1400 audit(1737864607.776:637): avc:  denied  { map } for  pid=16299 comm="syz.5.2551" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1000.518289][T16306] xt_CT: No such helper "netbios-ns"
[ 1003.916518][T16332] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1007.553067][T16412] binder: 16405:16412 ioctl c0306201 20000bc0 returned -14
[ 1007.608333][T16402] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1195212468 (152987195904 ns) > initial count (97416158336 ns). Using initial count to start timer.
[ 1007.718542][T16418] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[ 1009.846745][    T9] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 1010.124661][    T9] usb 8-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1010.440278][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1010.497254][    T9] usb 8-1: config 0 descriptor??
[ 1011.241882][    T9] usb 8-1: Cannot read MAC address
[ 1011.250367][    T9] MOSCHIP usb-ethernet driver 8-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1011.287364][    T9] usb 8-1: USB disconnect, device number 18
[ 1011.348117][T16472] xt_CT: No such helper "netbios-ns"
[ 1012.485594][T16486] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2586'.
[ 1012.656004][T16491] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1015.078805][T16533] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2593'.
[ 1015.925772][T16541] xt_CT: No such helper "netbios-ns"
[ 1019.441796][T16590] 9pnet_fd: Insufficient options for proto=fd
[ 1020.438261][T16604] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2607'.
[ 1020.543924][T16610] binder: BINDER_SET_CONTEXT_MGR already set
[ 1020.549997][T16610] binder: 16605:16610 ioctl 4018620d 20000040 returned -16
[ 1023.847473][T16651] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2619'.
[ 1024.060346][T16660] 9pnet_fd: Insufficient options for proto=fd
[ 1024.721161][T16651] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2619'.
[ 1027.694947][   T29] audit: type=1400 audit(1737864635.096:638): avc:  denied  { ioctl } for  pid=16697 comm="syz.1.2630" path="socket:[57630]" dev="sockfs" ino=57630 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1027.939154][T16701] binder: 16700:16701 ioctl c0306201 20000bc0 returned -14
[ 1030.391098][T16725] FAULT_INJECTION: forcing a failure.
[ 1030.391098][T16725] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.403821][T16725] CPU: 0 UID: 0 PID: 16725 Comm: syz.1.2636 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[ 1030.403845][T16725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1030.403855][T16725] Call Trace:
[ 1030.403861][T16725]  <TASK>
[ 1030.403870][T16725]  dump_stack_lvl+0x16c/0x1f0
[ 1030.403901][T16725]  should_fail_ex+0x497/0x5b0
[ 1030.403923][T16725]  ? fs_reclaim_acquire+0xae/0x150
[ 1030.403951][T16725]  should_failslab+0xc2/0x120
[ 1030.403971][T16725]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1030.404000][T16725]  ? sk_prot_alloc+0x60/0x2a0
[ 1030.404025][T16725]  sk_prot_alloc+0x60/0x2a0
[ 1030.404048][T16725]  sk_alloc+0x36/0xb90
[ 1030.404073][T16725]  inet_create+0x3a1/0x10a0
[ 1030.404093][T16725]  ? inet_create+0x90/0x10a0
[ 1030.404120][T16725]  __sock_create+0x335/0x8d0
[ 1030.404147][T16725]  mptcp_subflow_create_socket+0xf6/0x10a0
[ 1030.404174][T16725]  ? __lock_acquire+0x15a9/0x3c40
[ 1030.404203][T16725]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[ 1030.404230][T16725]  ? hlock_class+0x4e/0x130
[ 1030.404248][T16725]  ? __lock_acquire+0x15a9/0x3c40
[ 1030.404278][T16725]  __mptcp_nmpc_sk+0x184/0x7d0
[ 1030.404295][T16725]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[ 1030.404313][T16725]  ? hlock_class+0x4e/0x130
[ 1030.404330][T16725]  ? mark_lock+0xb5/0xc60
[ 1030.404350][T16725]  ? __pfx___lock_acquire+0x10/0x10
[ 1030.404375][T16725]  mptcp_connect+0x7f/0xee0
[ 1030.404396][T16725]  __inet_stream_connect+0x3c7/0x1020
[ 1030.404413][T16725]  ? find_held_lock+0x2d/0x110
[ 1030.404435][T16725]  ? __pfx___inet_stream_connect+0x10/0x10
[ 1030.404452][T16725]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1030.404470][T16725]  ? __pfx_inet_stream_connect+0x10/0x10
[ 1030.404486][T16725]  ? mark_held_locks+0x9f/0xe0
[ 1030.404509][T16725]  ? __local_bh_enable_ip+0xa4/0x120
[ 1030.404536][T16725]  ? __pfx_inet_stream_connect+0x10/0x10
[ 1030.404552][T16725]  inet_stream_connect+0x57/0xa0
[ 1030.404572][T16725]  __sys_connect_file+0x13e/0x1a0
[ 1030.404600][T16725]  __sys_connect+0x14f/0x170
[ 1030.404623][T16725]  ? __pfx___sys_connect+0x10/0x10
[ 1030.404655][T16725]  ? __pfx_ksys_write+0x10/0x10
[ 1030.404685][T16725]  __x64_sys_connect+0x72/0xb0
[ 1030.404708][T16725]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1030.404732][T16725]  do_syscall_64+0xcd/0x250
[ 1030.404759][T16725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1030.404783][T16725] RIP: 0033:0x7f749058cd29
[ 1030.404799][T16725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1030.404816][T16725] RSP: 002b:00007f748e3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1030.404833][T16725] RAX: ffffffffffffffda RBX: 00007f74907a6080 RCX: 00007f749058cd29
[ 1030.404846][T16725] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000006
[ 1030.404856][T16725] RBP: 00007f748e3f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1030.404867][T16725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.404878][T16725] R13: 0000000000000000 R14: 00007f74907a6080 R15: 00007ffdfd2bc5a8
[ 1030.404902][T16725]  </TASK>
[ 1030.700992][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1032.587264][   T29] audit: type=1400 audit(1737864639.886:639): avc:  denied  { execmem } for  pid=16748 comm="syz.6.2640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1034.482346][T16757] FAULT_INJECTION: forcing a failure.
[ 1034.482346][T16757] name failslab, interval 1, probability 0, space 0, times 0
[ 1034.521000][T16757] CPU: 1 UID: 0 PID: 16757 Comm: syz.4.2642 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[ 1034.521029][T16757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1034.521040][T16757] Call Trace:
[ 1034.521046][T16757]  <TASK>
[ 1034.521054][T16757]  dump_stack_lvl+0x16c/0x1f0
[ 1034.521086][T16757]  should_fail_ex+0x497/0x5b0
[ 1034.521109][T16757]  ? fs_reclaim_acquire+0xae/0x150
[ 1034.521137][T16757]  should_failslab+0xc2/0x120
[ 1034.521159][T16757]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[ 1034.521181][T16757]  ? ethnl_default_set_doit+0x32c/0x8b0
[ 1034.521211][T16757]  kmemdup_noprof+0x29/0x60
[ 1034.521236][T16757]  ethnl_default_set_doit+0x32c/0x8b0
[ 1034.521262][T16757]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[ 1034.521290][T16757]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1034.521312][T16757]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1034.521338][T16757]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1034.521361][T16757]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1034.521391][T16757]  ? bpf_lsm_capable+0x9/0x10
[ 1034.521412][T16757]  ? security_capable+0x7e/0x260
[ 1034.521442][T16757]  ? ns_capable+0xd7/0x110
[ 1034.521471][T16757]  genl_rcv_msg+0x565/0x800
[ 1034.521495][T16757]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1034.521515][T16757]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[ 1034.521551][T16757]  netlink_rcv_skb+0x16b/0x440
[ 1034.521579][T16757]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1034.521600][T16757]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1034.521640][T16757]  ? down_read+0xc9/0x330
[ 1034.521667][T16757]  ? __pfx_down_read+0x10/0x10
[ 1034.521694][T16757]  ? rcu_is_watching+0x12/0xc0
[ 1034.521720][T16757]  genl_rcv+0x28/0x40
[ 1034.521736][T16757]  netlink_unicast+0x53c/0x7f0
[ 1034.521768][T16757]  ? __pfx_netlink_unicast+0x10/0x10
[ 1034.521804][T16757]  netlink_sendmsg+0x8b8/0xd70
[ 1034.521836][T16757]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1034.521874][T16757]  ____sys_sendmsg+0xaaf/0xc90
[ 1034.521899][T16757]  ? copy_msghdr_from_user+0x10b/0x160
[ 1034.521918][T16757]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1034.521963][T16757]  ___sys_sendmsg+0x135/0x1e0
[ 1034.521984][T16757]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1034.522015][T16757]  ? __pfx_lock_release+0x10/0x10
[ 1034.522040][T16757]  ? trace_lock_acquire+0x14e/0x1f0
[ 1034.522070][T16757]  ? __fget_files+0x206/0x3a0
[ 1034.522105][T16757]  __sys_sendmsg+0x16e/0x220
[ 1034.522125][T16757]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1034.522164][T16757]  do_syscall_64+0xcd/0x250
[ 1034.522192][T16757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1034.522218][T16757] RIP: 0033:0x7f6a0b78cd29
[ 1034.522233][T16757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1034.522251][T16757] RSP: 002b:00007f6a0c6a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1034.522269][T16757] RAX: ffffffffffffffda RBX: 00007f6a0b9a5fa0 RCX: 00007f6a0b78cd29
[ 1034.522282][T16757] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000003
[ 1034.522293][T16757] RBP: 00007f6a0c6a5090 R08: 0000000000000000 R09: 0000000000000000
[ 1034.522304][T16757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1034.522315][T16757] R13: 0000000000000000 R14: 00007f6a0b9a5fa0 R15: 00007ffed9a4f328
[ 1034.522342][T16757]  </TASK>
[ 1035.559478][T16774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1035.573107][T16774] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1035.583514][T16774] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1035.595698][T16774] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1035.603340][T16774] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1035.610696][T16774] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1035.621498][T10766] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1035.629530][T10766] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1035.637827][T10766] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1035.645509][T10766] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1035.653917][T10766] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1035.661310][T10766] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1036.074827][T16770] lo speed is unknown, defaulting to 1000
[ 1036.713512][T16770] chnl_net:caif_netlink_parms(): no params data found
[ 1037.442741][T16770] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1037.478224][T16770] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1037.518615][T16770] bridge_slave_0: entered allmulticast mode
[ 1037.572761][T16770] bridge_slave_0: entered promiscuous mode
[ 1037.598615][T16770] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1037.634662][T16770] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1037.652306][T16770] bridge_slave_1: entered allmulticast mode
[ 1037.666498][T16770] bridge_slave_1: entered promiscuous mode
[ 1037.757957][T16774] Bluetooth: hci2: command tx timeout
[ 1037.807190][T16770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1037.877791][T16770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1039.106198][T16770] team0: Port device team_slave_0 added
[ 1039.114357][T16770] team0: Port device team_slave_1 added
[ 1144.196279][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1144.203272][    C0] rcu: 	1-...!: (1 GPs behind) idle=ab8c/1/0x4000000000000000 softirq=60898/60899 fqs=0
[ 1144.214548][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5969/1:b..l
[ 1144.222467][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=65481, q=121 ncpus=2)
[ 1144.230188][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1144.230216][    C1] NMI backtrace for cpu 1
[ 1144.230229][    C1] CPU: 1 UID: 0 PID: 5815 Comm: syz-executor Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[ 1144.230247][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1144.230257][    C1] RIP: 0010:__lock_acquire+0x662/0x3c40
[ 1144.230284][    C1] Code: 0f b6 0c 29 44 38 c1 7f 08 84 c9 0f 85 c9 23 00 00 0f b6 88 c4 00 00 00 84 c9 74 3a 48 8d b8 c6 00 00 00 41 38 ce 44 0f 47 f1 <49> 89 f8 49 89 f9 49 c1 e8 03 41 83 e1 07 45 0f b6 04 28 45 38 c8
[ 1144.230299][    C1] RSP: 0018:ffffc90000a18ab0 EFLAGS: 00000046
[ 1144.230311][    C1] RAX: ffffffff96ebd540 RBX: ffff88802fc40ae0 RCX: 0000000000000002
[ 1144.230321][    C1] RDX: fffffbfff2dd6f9a RSI: 0000000000000008 RDI: ffffffff96ebd606
[ 1144.230332][    C1] RBP: dffffc0000000000 R08: 0000000000000004 R09: fffffbfff2dd6f99
[ 1144.230342][    C1] R10: ffffffff96eb7ccf R11: 0000000000000003 R12: ffffed1005f8815b
[ 1144.230352][    C1] R13: ffff88802fc40000 R14: 0000000000000002 R15: 0000000000000003
[ 1144.230361][    C1] FS:  000055557f01c500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1144.230376][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1144.230387][    C1] CR2: 00007f305f80e870 CR3: 0000000060024000 CR4: 00000000003526f0
[ 1144.230396][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1144.230405][    C1] DR3: 0000000000000800 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1144.230415][    C1] Call Trace:
[ 1144.230421][    C1]  <NMI>
[ 1144.230429][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[ 1144.230450][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1144.230470][    C1]  ? nmi_handle+0x1ac/0x5d0
[ 1144.230491][    C1]  ? __lock_acquire+0x662/0x3c40
[ 1144.230510][    C1]  ? default_do_nmi+0x6a/0x160
[ 1144.230527][    C1]  ? exc_nmi+0x170/0x1e0
[ 1144.230543][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1144.230567][    C1]  ? __lock_acquire+0x662/0x3c40
[ 1144.230591][    C1]  ? __lock_acquire+0x662/0x3c40
[ 1144.230611][    C1]  ? __lock_acquire+0x662/0x3c40
[ 1144.230631][    C1]  </NMI>
[ 1144.230636][    C1]  <IRQ>
[ 1144.230644][    C1]  ? hlock_class+0x4e/0x130
[ 1144.230660][    C1]  ? __pfx___lock_acquire+0x10/0x10
[ 1144.230682][    C1]  lock_acquire.part.0+0x11b/0x380
[ 1144.230702][    C1]  ? debug_object_activate+0x149/0x4a0
[ 1144.230726][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1144.230747][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1144.230762][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[ 1144.230779][    C1]  ? debug_object_activate+0x149/0x4a0
[ 1144.230801][    C1]  ? lock_acquire+0x2f/0xb0
[ 1144.230820][    C1]  ? debug_object_activate+0x149/0x4a0
[ 1144.230843][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[ 1144.230862][    C1]  ? debug_object_activate+0x149/0x4a0
[ 1144.230884][    C1]  debug_object_activate+0x149/0x4a0
[ 1144.230906][    C1]  ? lock_acquire.part.0+0x11b/0x380
[ 1144.230927][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[ 1144.230952][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1144.230966][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1144.230981][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1144.230998][    C1]  enqueue_hrtimer+0x25/0x3c0
[ 1144.231013][    C1]  __hrtimer_run_queues+0x903/0xae0
[ 1144.231031][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1144.231045][    C1]  ? read_tsc+0x9/0x20
[ 1144.231063][    C1]  hrtimer_interrupt+0x392/0x8e0
[ 1144.231083][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[ 1144.231106][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1144.231126][    C1]  </IRQ>
[ 1144.231131][    C1]  <TASK>
[ 1144.231136][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1144.231157][    C1] RIP: 0010:lock_release+0x3e5/0x6f0
[ 1144.231177][    C1] Code: 7e 83 f8 01 0f 85 fe 01 00 00 9c 58 f6 c4 02 0f 85 e9 01 00 00 48 f7 04 24 00 02 00 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 c7 43 08 00 00 00 00 48 8b 84 24 88
[ 1144.231192][    C1] RSP: 0018:ffffc90003eaf8c8 EFLAGS: 00000206
[ 1144.231203][    C1] RAX: dffffc0000000000 RBX: 1ffff920007d5f1b RCX: ffffc90003eaf918
[ 1144.231213][    C1] RDX: 1ffff11005f8815a RSI: ffffffff8b6cdd40 RDI: ffffffff8bd2e9c0
[ 1144.231224][    C1] RBP: a9c7a3f3c9531e53 R08: 0000000000000000 R09: fffffbfff20c4642
[ 1144.231233][    C1] R10: ffffffff90623217 R11: 0000000000000003 R12: 0000000000000003
[ 1144.231243][    C1] R13: 0000000000000004 R14: ffff88802fc40ad8 R15: ffff88802fc40000
[ 1144.231258][    C1]  ? rcu_read_unlock+0x17/0x60
[ 1144.231275][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1144.231294][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[ 1144.231311][    C1]  ? __memcg_slab_post_alloc_hook+0x3ca/0x9b0
[ 1144.231328][    C1]  ? lock_acquire+0x2f/0xb0
[ 1144.231346][    C1]  ? __memcg_slab_post_alloc_hook+0x3ca/0x9b0
[ 1144.231363][    C1]  rcu_read_unlock+0x1c/0x60
[ 1144.231378][    C1]  __memcg_slab_post_alloc_hook+0x413/0x9b0
[ 1144.231396][    C1]  ? kasan_save_track+0x14/0x30
[ 1144.231419][    C1]  kmem_cache_alloc_noprof+0x366/0x3d0
[ 1144.231442][    C1]  ? percpu_counter_add_batch+0xb5/0x1e0
[ 1144.231459][    C1]  ? vm_area_dup+0x53/0x2f0
[ 1144.231482][    C1]  vm_area_dup+0x53/0x2f0
[ 1144.231502][    C1]  copy_process+0x78ba/0x8d60
[ 1144.231524][    C1]  ? __pfx_copy_process+0x10/0x10
[ 1144.231547][    C1]  kernel_clone+0xfd/0x960
[ 1144.231562][    C1]  ? __pfx_kernel_clone+0x10/0x10
[ 1144.231579][    C1]  ? find_held_lock+0x59/0x110
[ 1144.231598][    C1]  ? find_held_lock+0x2d/0x110
[ 1144.231615][    C1]  __do_sys_clone+0xba/0x100
[ 1144.231629][    C1]  ? __pfx___do_sys_clone+0x10/0x10
[ 1144.231647][    C1]  ? do_user_addr_fault+0x83d/0x13f0
[ 1144.231668][    C1]  do_syscall_64+0xcd/0x250
[ 1144.231690][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1144.231710][    C1] RIP: 0033:0x7f7490583593
[ 1144.231723][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[ 1144.231737][    C1] RSP: 002b:00007ffdfd2bc838 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1144.231751][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7490583593
[ 1144.231760][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1144.231769][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[ 1144.231778][    C1] R10: 000055557f01c7d0 R11: 0000000000000246 R12: 0000000000000000
[ 1144.231788][    C1] R13: 00000000000fcc92 R14: 00007ffdfd2bc9c0 R15: 000000000000024a
[ 1144.231802][    C1]  </TASK>
[ 1144.232211][    C0] task:kworker/u8:9    state:R  running task     stack:23840 pid:5969  tgid:5969  ppid:2      flags:0x00004000
[ 1144.851712][    C0] Workqueue: bat_events batadv_nc_worker
[ 1144.857361][    C0] Call Trace:
[ 1144.860636][    C0]  <TASK>
[ 1144.863575][    C0]  __schedule+0x1142/0x5b60
[ 1144.868083][    C0]  ? __pfx_mark_lock+0x10/0x10
[ 1144.872862][    C0]  ? __pfx___schedule+0x10/0x10
[ 1144.877719][    C0]  ? __pfx_mark_lock+0x10/0x10
[ 1144.882497][    C0]  ? mark_held_locks+0x9f/0xe0
[ 1144.887272][    C0]  preempt_schedule_irq+0x51/0x90
[ 1144.892306][    C0]  irqentry_exit+0x36/0x90
[ 1144.896725][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1144.902712][    C0] RIP: 0010:lock_acquire.part.0+0x155/0x380
[ 1144.908610][    C0] Code: b8 ff ff ff ff 65 0f c1 05 70 da 6b 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
[ 1144.928224][    C0] RSP: 0018:ffffc900045a7a40 EFLAGS: 00000206
[ 1144.934291][    C0] RAX: 0000000000000046 RBX: 1ffff920008b4f49 RCX: 00000000bd8b1b3f
[ 1144.942258][    C0] RDX: 0000000000000001 RSI: ffffffff8b6cdd40 RDI: ffffffff8bd2e9c0
[ 1144.950237][    C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dd6f98
[ 1144.958214][    C0] R10: ffffffff96eb7cc7 R11: 0000000000000002 R12: 0000000000000000
[ 1144.966191][    C0] R13: ffffffff8e1be140 R14: 0000000000000000 R15: 0000000000000000
[ 1144.974184][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1144.979849][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1144.984621][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[ 1144.989825][    C0]  ? batadv_nc_worker+0x164/0x1060
[ 1144.994950][    C0]  ? lock_acquire+0x2f/0xb0
[ 1144.999459][    C0]  ? batadv_nc_worker+0x164/0x1060
[ 1145.004588][    C0]  batadv_nc_worker+0x16a/0x1060
[ 1145.009541][    C0]  ? batadv_nc_worker+0x164/0x1060
[ 1145.014669][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1145.020053][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1145.024817][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[ 1145.030015][    C0]  ? process_one_work+0x921/0x1ba0
[ 1145.035132][    C0]  ? lock_acquire+0x2f/0xb0
[ 1145.039640][    C0]  ? process_one_work+0x921/0x1ba0
[ 1145.044869][    C0]  process_one_work+0x9c5/0x1ba0
[ 1145.049818][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1145.055198][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1145.060571][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1145.065347][    C0]  ? assign_work+0x1a0/0x250
[ 1145.069954][    C0]  worker_thread+0x6c8/0xf00
[ 1145.074581][    C0]  ? __kthread_parkme+0x148/0x220
[ 1145.079705][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1145.084828][    C0]  kthread+0x3af/0x750
[ 1145.088902][    C0]  ? __pfx_kthread+0x10/0x10
[ 1145.093494][    C0]  ? lock_acquire+0x2f/0xb0
[ 1145.098007][    C0]  ? __pfx_kthread+0x10/0x10
[ 1145.102598][    C0]  ret_from_fork+0x45/0x80
[ 1145.107022][    C0]  ? __pfx_kthread+0x10/0x10
[ 1145.111615][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1145.116395][    C0]  </TASK>
[ 1145.119412][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g65481 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1145.130601][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1145.140563][    C0] rcu: RCU grace-period kthread stack dump:
[ 1145.146444][    C0] task:rcu_preempt     state:R  running task     stack:27392 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1145.158199][    C0] Call Trace:
[ 1145.161475][    C0]  <TASK>
[ 1145.164409][    C0]  __schedule+0x1142/0x5b60
[ 1145.168925][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 1145.174139][    C0]  ? __pfx___schedule+0x10/0x10
[ 1145.178994][    C0]  ? schedule+0x298/0x350
[ 1145.183324][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1145.188356][    C0]  ? lock_acquire+0x2f/0xb0
[ 1145.192859][    C0]  ? schedule+0x1fd/0x350
[ 1145.197196][    C0]  schedule+0xe7/0x350
[ 1145.201271][    C0]  schedule_timeout+0x124/0x280
[ 1145.206122][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1145.211496][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1145.216783][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1145.222591][    C0]  ? prepare_to_swait_event+0xf3/0x470
[ 1145.228062][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[ 1145.232832][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1145.238122][    C0]  ? rcu_gp_init+0xc82/0x1630
[ 1145.242804][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1145.248009][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1145.253824][    C0]  rcu_gp_kthread+0x271/0x380
[ 1145.258505][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1145.263715][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1145.268919][    C0]  ? __kthread_parkme+0x148/0x220
[ 1145.273956][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1145.279161][    C0]  kthread+0x3af/0x750
[ 1145.283233][    C0]  ? __pfx_kthread+0x10/0x10
[ 1145.287829][    C0]  ? __pfx_kthread+0x10/0x10
[ 1145.292424][    C0]  ret_from_fork+0x45/0x80
[ 1145.296843][    C0]  ? __pfx_kthread+0x10/0x10
[ 1145.301436][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1145.306212][    C0]  </TASK>
[ 1145.309227][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1145.315541][    C0] CPU: 0 UID: 0 PID: 16836 Comm: syz.4.2653 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0
[ 1145.325952][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1145.336005][    C0] RIP: 0010:smp_call_function_many_cond+0x4c6/0x12c0
[ 1145.342682][    C0] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 fc 4c 89 fd 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 fc 04 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31
[ 1145.362293][    C0] RSP: 0018:ffffc9000e21f710 EFLAGS: 00000246
[ 1145.368359][    C0] RAX: 0000000000080000 RBX: ffff8880b8744a00 RCX: ffffc9000d873000
[ 1145.376330][    C0] RDX: 0000000000080000 RSI: ffffffff81adb2b4 RDI: 0000000000000005
[ 1145.384299][    C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[ 1145.392266][    C0] R10: 0000000000000001 R11: 0000000000000004 R12: ffffed10170e8941
[ 1145.400235][    C0] R13: 0000000000000001 R14: ffff8880b863fe00 R15: ffff8880b8744a08
[ 1145.408204][    C0] FS:  00007f6a0c6a56c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1145.417131][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1145.423711][    C0] CR2: 0000000020003c80 CR3: 0000000060c3a000 CR4: 00000000003526f0
[ 1145.431704][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1145.439667][    C0] DR3: 0000000000000800 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1145.447636][    C0] Call Trace:
[ 1145.450909][    C0]  <IRQ>
[ 1145.453750][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[ 1145.460082][    C0]  ? do_raw_spin_unlock+0x172/0x230
[ 1145.465278][    C0]  ? rcu_sched_clock_irq+0x247a/0x3310
[ 1145.470744][    C0]  ? timekeeping_advance+0x72e/0xa90
[ 1145.476029][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1145.481663][    C0]  ? __asan_memcpy+0x3c/0x60
[ 1145.486263][    C0]  ? cgroup_rstat_updated+0x2a/0xb20
[ 1145.491553][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1145.496318][    C0]  ? update_process_times+0x178/0x2d0
[ 1145.501699][    C0]  ? __pfx_update_process_times+0x10/0x10
[ 1145.507425][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1145.512890][    C0]  ? update_wall_time+0x1c/0x40
[ 1145.517749][    C0]  ? tick_nohz_handler+0x376/0x530
[ 1145.522868][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1145.528333][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
[ 1145.533710][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1145.539425][    C0]  ? read_tsc+0x9/0x20
[ 1145.543501][    C0]  ? hrtimer_interrupt+0x392/0x8e0
[ 1145.548622][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[ 1145.554786][    C0]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1145.560596][    C0]  </IRQ>
[ 1145.563520][    C0]  <TASK>
[ 1145.566446][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1145.572613][    C0]  ? smp_call_function_many_cond+0x4c4/0x12c0
[ 1145.578686][    C0]  ? smp_call_function_many_cond+0x4c6/0x12c0
[ 1145.584764][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1145.589799][    C0]  on_each_cpu_cond_mask+0x40/0x90
[ 1145.594911][    C0]  text_poke_bp_batch+0x22b/0x760
[ 1145.599944][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[ 1145.605488][    C0]  ? __jump_label_patch+0x1db/0x400
[ 1145.610699][    C0]  ? arch_jump_label_transform_queue+0xc0/0x120
[ 1145.616949][    C0]  text_poke_finish+0x30/0x40
[ 1145.621636][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 1145.627623][    C0]  jump_label_update+0x1d7/0x400
[ 1145.632572][    C0]  static_key_slow_inc_cpuslocked+0x82/0x120
[ 1145.638558][    C0]  static_key_slow_inc+0x1a/0x30
[ 1145.643502][    C0]  kvm_create_lapic+0x2cb/0x500
[ 1145.648358][    C0]  kvm_arch_vcpu_create+0x257/0xab0
[ 1145.653564][    C0]  kvm_vm_ioctl+0xf4f/0x3d70
[ 1145.658173][    C0]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1145.663213][    C0]  ? find_held_lock+0x2d/0x110
[ 1145.667985][    C0]  ? tomoyo_path_number_perm+0x298/0x590
[ 1145.673624][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1145.678663][    C0]  ? tomoyo_path_number_perm+0x46d/0x590
[ 1145.684305][    C0]  ? tomoyo_path_number_perm+0x190/0x590
[ 1145.689949][    C0]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1145.695937][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1145.701835][    C0]  ? do_vfs_ioctl+0x513/0x1990
[ 1145.706598][    C0]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1145.711632][    C0]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[ 1145.718144][    C0]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1145.725000][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1145.730041][    C0]  ? selinux_file_ioctl+0x180/0x270
[ 1145.735246][    C0]  ? selinux_file_ioctl+0xb4/0x270
[ 1145.740362][    C0]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1145.745402][    C0]  __x64_sys_ioctl+0x190/0x200
[ 1145.750174][    C0]  do_syscall_64+0xcd/0x250
[ 1145.754686][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.760582][    C0] RIP: 0033:0x7f6a0b78cd29
[ 1145.764994][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1145.784606][    C0] RSP: 002b:00007f6a0c6a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1145.793024][    C0] RAX: ffffffffffffffda RBX: 00007f6a0b9a5fa0 RCX: 00007f6a0b78cd29
[ 1145.800991][    C0] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[ 1145.808960][    C0] RBP: 00007f6a0b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.816926][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1145.824891][    C0] R13: 0000000000000000 R14: 00007f6a0b9a5fa0 R15: 00007ffed9a4f328
[ 1145.832874][    C0]  </TASK>