last executing test programs:

10m5.924649698s ago: executing program 4 (id=690):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b67bcb1b997ce8b6325d151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6fc40b5d175e86ac0b7a9fd7f1748af98902340eb", 0xa4}, {&(0x7f0000000e40)="029993440c7a0c95d3bb8cf353fd63ca88ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c364fb7ac429e434ccb0320483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca001c470155ed985a179f87c9bc40206c86df9abc5be93ce0d96", 0x71}, {&(0x7f0000000f80)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce95704431153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a9d94e235a71b80fa7ef3bcd2179fee3518f3d2c6b4e7ee889c5827c7ad7e53ace3a253a5ddb477f09a58550a49a339e1acefcc69a3dab0b39c4087f78983e938babb909e104858a3914762f2471b43abf5928140d095689f5db1d348d151e12ebedeb2ae484da324e7d7881c34e717c17fda7c8f0f6f67415bd28b4e8bca86b336d8918eef0ea867a21455c1a6f187f86ffab6e306d536561acf0da3af725b56eef508902e3f052380e5da93b237f8c9dbc038b311befe94f9d9a97789", 0x186}, {0x0}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000700)="acc841985992b79554acfc", 0xb}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c54e708601", 0xcc}], 0x2}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf7478ec66ba", 0xfffffffffffffebe, 0x11, 0x0, 0x0)

10m4.82445953s ago: executing program 4 (id=693):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f041})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$KVM_SET_NR_MMU_PAGES(0xffffffffffffffff, 0xae44, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_usbip_server_init(0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r3, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

10m3.001398998s ago: executing program 4 (id=700):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r2)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r1, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_IFINDEX={0x8}]}, 0x24}}, 0x0)

10m2.898929986s ago: executing program 4 (id=701):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x129202, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000400)={r0, r2, 0x0, 0x0, @val=@uprobe_multi={&(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)=[0x6], &(0x7f0000000340)=[0x0, 0x2, 0x4, 0x1, 0x5, 0x5], 0x8bfcc3a, 0x1, 0x1}}, 0x40)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x12b0c0, 0x0)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r3}, 0x8)
io_uring_setup(0x30d5, &(0x7f0000000240)={0x0, 0x8b63c, 0x800, 0x0, 0x1c8})
pipe(&(0x7f0000000280))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=r7, @ANYBLOB="00000000000200000c00025b05000f0002000000"], 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = fsopen(&(0x7f0000000040)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r8, 0x4, &(0x7f0000000140)='ro\x00\x04\x05j3\xd6\xe3\x1f!9\x15d/\x19\x02E\x91\x14\xca<dBN\x8b\\\x85\xe7\xf3\xae\xa2(P\xdb\xaf\x06\x1c\v\xaa9\x8eL\x17\xa3\x9a\xa8_\xa1b\xca\xf1+\x04I\x13\xb3\xe5\ac\x13\b\x8fG*<\xab\x04\xea\x1e\xdd\xce\xed\x93\xeb\x87x,w\a\x93\\\xfe\xc8\xee\x13>\xfeT\x04\"\x00\xf7\x16\'\xe7\x1e+\x7f\x93\xb2\xe1\xb5\x04i]\xdd\xdd\xc3\xf6\xf7\xc4B\xf8\xd0\xa5+\xc3\x1amJ\x8c\x8aF\xb3\xb1O\xfbL%\xceI\xc7Od\xfe\xa0`I\x1d\xb0\x97\x1a$6\x96\xb8zF/\xd2:\x8fG\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000100)='./file1\x00', r9)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r8, 0x7, 0x0, 0x0, 0x0)

9m58.625990946s ago: executing program 4 (id=705):
r0 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)=ANY=[@ANYBLOB="280000002c00010000000000000000660400008014001600ff"], 0x28}], 0x1}, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1) (fail_nth: 1)
recvfrom(r3, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)
connect$unix(r5, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f00000000c0)={@random="195df410dc24", @random="77b6d4f11b32", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "aac4e0", 0x44, 0x3c, 0x0, @dev, @local}}}}, 0x0)

9m58.108814376s ago: executing program 4 (id=708):
ioperm(0x0, 0x2, 0x4)
ioperm(0x0, 0xb, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000200)={0x1})
connect$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getuid()
openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x41, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)

9m41.993942008s ago: executing program 32 (id=708):
ioperm(0x0, 0x2, 0x4)
ioperm(0x0, 0xb, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000200)={0x1})
connect$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getuid()
openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x41, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1m38.276427604s ago: executing program 2 (id=2305):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpgrp(0xffffffffffffffff)
ptrace$poke(0x5, r0, &(0x7f0000000100), 0x81f)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x24c}})
io_uring_enter(r2, 0x5464, 0x4040, 0x0, 0x0, 0xffffffffffffffa8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRESDEC], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r4)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r4)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYRES32, @ANYBLOB="24002d801a0001"], 0x64}}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r6 = timerfd_create(0x1, 0x0)
timerfd_settime(r6, 0x3, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004000)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x4}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8512}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x400000}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x30, 0x32, 0x6dd711a25f4cb68b, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x100}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x30}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
ioctl$USBDEVFS_ALLOC_STREAMS(0xffffffffffffffff, 0xc0105500, &(0x7f0000000140)=ANY=[@ANYRESOCT])

1m37.689183215s ago: executing program 2 (id=2309):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f000085a000/0x4000)=nil, 0x4000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x110)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000e00000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r5}, 0x10)
clock_getres(0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000017c0)=r1, 0x4)
r7 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r7, 0x118, 0x0, &(0x7f0000000000)=0x10009, 0x4)
sendmsg$AUDIT_SET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x10}, 0x3c}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r9, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe94, 0x30, 0x25, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x100}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0)
read$FUSE(r0, &(0x7f0000002e80)={0x2020}, 0x2020)

1m37.324099855s ago: executing program 2 (id=2310):
r0 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x68, 0x14, 0xf0b, 0x0, 0xfffffffd, {0x2}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}, {0x4}}, {{0x1c, 0x1, {0x3, 0xcd, 0x1a, 0x2, 0x1, 0x4, 0x8}}, {0x4}}]}]}, 0x68}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000001940), 0x0, 0x0)
ioctl$I2C_PEC(r2, 0x703, 0x60)
setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, "43a6fd2a46b19078", "ca83ca1c6e988477b83c7687ea7303a3", "9d072494", "1f5e0dfdbe0c0086"}, 0x28)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0xd2)
accept4$unix(r3, &(0x7f00000003c0), &(0x7f0000000040)=0x6e, 0x80800)
read$FUSE(0xffffffffffffffff, &(0x7f0000001980)={0x2020, 0x0, <r4=>0x0}, 0x2020)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000640)=<r5=>0x0)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setgroups(0x1, &(0x7f0000000000)=[r7])
setregid(0xffffffffffffffff, r7)
fstat(r2, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
fstat(r1, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
getresuid(&(0x7f00000007c0)=<r10=>0x0, &(0x7f0000000800), &(0x7f0000000840))
r11 = getgid()
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000880)={0x298, 0xffffffffffffffda, r4, [{{0x1, 0x2, 0x0, 0x51b, 0x7fff, 0xbd, {0x5, 0x6, 0xffffffffffffffff, 0x800, 0x7, 0x7, 0x80000001, 0x5, 0x6, 0x8000, 0x7f, r5, r7, 0x0, 0x8}}, {0x2, 0x800000000, 0xa, 0x9, '/dev/uhid\x00'}}, {{0x4, 0x1, 0xffffffffffff0001, 0xc40000000000, 0x1, 0x9, {0x0, 0x8, 0x7, 0x7, 0x400, 0x0, 0xc1a2, 0x5, 0x9, 0xc000, 0x5, 0xee01, r8, 0x5, 0x1}}, {0x0, 0x7fff, 0xa, 0x9, '/dev/uhid\x00'}}, {{0x3, 0x3, 0xcb8, 0x6, 0x10000, 0x7, {0x0, 0x1, 0x8, 0x81, 0x2, 0x6b32, 0x0, 0x4, 0x15, 0xe000, 0xc, r9, 0xffffffffffffffff, 0x80, 0x7ff}}, {0x6, 0x4, 0x1, 0x9, '^'}}, {{0x2, 0x2, 0x6, 0x0, 0xc, 0x80000001, {0x4, 0x4, 0x7, 0x100000001, 0x94, 0x2, 0x6, 0x4, 0x1f3, 0x1000, 0x6, r10, r11, 0x4, 0x8000}}, {0x4, 0x8, 0x0, 0xffffffc0}}]}, 0x298)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x13, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x60}}, 0x41)
r12 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r13 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r13, 0xc0d05640, &(0x7f0000000340)={0x1, @pix={0x0, 0x0, 0x33565348, 0x3, 0xffffffff, 0x0, 0x3, 0xfeedcafe, 0x3, 0x0, 0x2, 0x2}})
r14 = landlock_create_ruleset(&(0x7f0000000100)={0x2000}, 0x18, 0x0)
syz_open_pts(0xffffffffffffffff, 0x4880)
landlock_restrict_self(r14, 0x0)
write$UHID_CREATE(r12, &(0x7f0000000500)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x0, 0x0, 0x0, 0xf392, 0x4, 0xe, 0x200}}, 0x120)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000240)=""/252, 0xfc}], 0x1)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x13, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_USERDATA={0x28, 0x8, "e2c64b719d7eb95b3afafcd328ba483eef9d01c726d830126badd76d829ef76168079389"}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040040}, 0x40000)

1m37.05994779s ago: executing program 2 (id=2312):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x8001, 0x4)
listen(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000280), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000200)='./file0/file0\x00', 0x0, 0x89901a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="0180c20000ddffffffae65ff86dd60ecff8000181100fc000000000000000000000000000000ff02000000000000000000000000000100004e22001890780300"/78], 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x14d882, 0x0)
r5 = dup(r4)
sendfile(r4, r5, 0x0, 0x80006)

1m34.292861412s ago: executing program 2 (id=2323):
socket$tipc(0x1e, 0x5, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000100008003000000fcffffff00040000", @ANYRES32=0x1, @ANYBLOB="ff03000000000000000000000000004e00000000e12c7758ae78c113fadb608d7b959f676afd3d60bf59f4a81bfaa27fb35a0f801e08de474ecd187b184c994e8c205504202edd3a05c79d0c2bcf79620b3713ff9b3504172259b8f446d2d1fa5d9bb6238d78e99be9846a148c04c32752adc2dfdb0cc998961b8ab4034a666b1d0afac34e1e33b193dc622741c8c1b92e1bf65591ebee5d204232d018a5048c1278a08cd0fc985e63122d1364e36ffe60a7ffb03c863866edded430b3e8b08e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000050000000200"/28], 0x50)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e0007"], 0xfe33)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x80000400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x5)
sched_setscheduler(0x0, 0x6, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in=@local, @in6=@loopback}}, {{@in6=@initdev}, 0x0, @in6=@private2}}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffc}})

1m34.205413123s ago: executing program 2 (id=2324):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x231)

1m33.879250154s ago: executing program 33 (id=2324):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x231)

13.672772821s ago: executing program 1 (id=2563):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_clone(0x1800200, &(0x7f00000010c0)="3739104083ea09a5cd98455d4be3b9aaa2d40cc9ea1bde954e5058f97810f67cfa6e6352c20ee0901e8588062c9f4d50283bc2310b7a6bfc92c29055eb4cc4032c344aaa6a7b89e5913f718f472929f242c52908d302b3481175bd5a03c398e691e5081aba8bc33836f93441090cb69d972c30483bf644b61626340b6a68958309ae79acf510e0b3024084c3d2ee4a5fae7c0990fedcbf0ac63d1888279b0b9023843a11b714b5", 0xa7, &(0x7f00000011c0), &(0x7f0000001200), &(0x7f0000001240)="a928296b77972fd43b036e0b6602971941b2ac24242e60db150f40fb3759af6c34a71854ac9cb95109fd97a2ec49793bb4a7b9bd2e24abd6dfaab7ec63cecbec0a34d813247eda8028")
r0 = syz_pidfd_open(0x0, 0x0)
syz_usb_connect(0x0, 0xb, &(0x7f00000010c0)=ANY=[], 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0x40085503, &(0x7f00000000c0)={{}, "c4005a51cf48a456fe399e96793568de827d6e3af15928143f77a2c2bf19506fac2c94a8808e7365569e94b6012f452ddbdb4acaadf3199a4fa57eab4549a87e05bb9a155f3d08704dc753cff79d5128dc113e58ecd5a19e0bc7bef139e74acaed4f126be4cc57e22d44a734c7f2c44b2b2dc3ecfb59318827549e5b2679b3cc4f9e5df2bc30b674fb5f8e181e7dab6cc37989c9911a3d5b32ac444ebf78c76d68c313ed1bcaa4bfcdddc200878c72704b48f4cda8c86a41c703694c1e57aaf73751f45d5ed54010c14c30ea8ca2f620ab57b6ad6bdf3263aeab2de44576b10a1040f0b284fcf2cb5037e025b227baf26e0c5bda231531365c778ef42bc49fd603b98b7b5173f2f1669834e8cd5167092f5d56e6c2623165710ec863179f143dba38551641ea77676773f3a18e97ada500fe448f172e6e714e16079d8233626d4c5c08c9117c5872c5d815ae0d481c25f2cfd2c76c6723e5ee78d5941b7d49e3d123294dd4c04c2691c5d086393047e3fd027daebf2114d1e9da89a36a49f7a411638060e87593ed8e45fb4292ff888e2eb7b776c9428623a34454fb2f11a47b43707e4b161faa8b8dc0d9cb2a0ac253ab41d0172190749ae06af564cabff5a0ba5df004c44138b49d2e17944f6588839fdedcf6ddef583df85490fa3a956e416e02943d56f734c3d3aa8b4898544e8f417c79bb5532b4ab2393c6723488c627a285686a0dac4cd6df370ab806b80f251256cfc058f8c2c2b46dca533048a18315caca12ad5915f077285ffbe1a4b5f46f2af4e45695348200e1f5a57a698aca5cb4f6124fc076af5f40c3461e91b2639a84be51abe62d27cde1642731d31ae1264d20a21011bd221f8d0e4fc9835ccb61405e1ba6fcd48b9d3487909f89a0f40f91abfd3d33876b707d908bd2b076d37f5b2e2d530210e3930cf0418c3a7d8d4ac8cd16b4d2b2d4ebf6134c88813a808d82c86a20b7beb6534bb112b374d5b0a2beacb4e37872a2df879ebd568f0b20ce7d4aeb5ef6c960093b8a3d0e0332d821fdd099269364539d876caf78e60232baf7cc26589453666f17f94ac05fc2b752546a9586f9f18288e5944effa6f912709652113377ee14d949842910b0af467706b42d969908840fe55857f526694cdacb7735f2e0bdc49ca50ca57193aec63535f679e1486185bae007a7cd345bf8d7428e1a2881f6d327ee34ef0bbd67b51d25000fc59ed894c001ca327898dc4a3e7c33e20542772f31e7f125eedec11604b6569f051e643bff91d616284d2ea0f25320c22caba4d681781a13bf341dc22f882540aaab75d5bba9bbfe8aa960705d1d903a7ed8b7a14cc18b2ec9d1640ba3b6cf9c2a6cde4f7b23d1eb42fa57d2b2206c6cd6f84a5b7d682a09064e341c844edd3361f2e457a5057e1c3d97916190d9749adbadb70797f1729cc01c6146a23942e245021fe02748e2235582b36df8236c8b25fa94d1ed7e495f0df447b36f609b17526b2c8c43f1ded38f99344f2553fd911deed701d89fdf92ed6368d74f6f09ce2d26a3916f28eda4fac022f043aff14bab96f3841979533b2f935cfe7e40ad9cc77557d50a32a73aa71ae37a0cece6580887608d028b55fa7a1a1cf214098fe13c1a32ee5890e3d2c9a4d23041f89bac353aa1641df4375080b2181555e9667082a35b041645be39a47288b747eed9d127d8d342b620d0ecd2a48a86bd7dbfa04b3cfad62f5b1055b2259dc64b02d27599fff87c8303b47174e3ee66645d1eaaa05d63bad90ef4fdb97d21b478b37c313571d5776495460b57ba25dc2a5def286c8e81a3fdaa3dfb1dfb9deec86aa3629a03b9722bd95a96972a32552ba5d74f03989c73598b3ba0ef19151631ba4cf90d1bcc35c7cd2fecd6c271564df5ed232581417488454f5878f09523ce1b966162808d13a86872ad04bc777544ae4477459d197c6aaecf52e229a6cc94d151e014b589311f8e5bb7eb57605a80c11a7df2110b70735ae34a21e467f7bd8c3f81c1f9dfcf9464365566786b086637717df597c05b45249b04faa2269ca5a3fca2f1797682f24a34c9f70c27b6dd47fe9f6f006c934481524985afeec903f160c4e2c36c2bbe2081ff33733ca17ca2a2d794fd3af80d5a1adcbfa384e1ba851f4a554433e532f321b332d640513c9df326ddaa4691201f94d1b4b82b82f9bb986e00242fce6588d906cd820640a59707cecf78533496fdc49d90effde5769812ae474ef31adb849542ef23359a640eeeadecf273713a46e96c836823012fc190c8d1dd88d965fbe11074da36375c11fedc648160b55b8b8bc830b72a6f98b1396a72d96f06fab40ddd4729dc162d30e8a34c4041cc22fd62eb501fa685ae7d53376cca12e40f53edd0ae8abbb666c75a6ca8658b4ef8810931158868afb757831d14e81cdadc995fcb98e2da29300480ca03494f81b59985dbe3da8634a3c4a00626d08d6f1f997ccd63a1a103d292d29cdf15b2c4bca2f34ba406a47d9a184ed712356257ec45aa9a8ed8b8daca20f6a2edb1494a2af100000000000000006f1bfeb0edfdb1f10b66753f3fe900b95be3aafbfb5e2976de8b2c6b485243770da0cdc8f4d7384b6f39817f5661429442b20cab08cc28cf814ebf10d7ad4de140241ec169d70781524127a9454e5f1ee9fd5652818683a2f7ff0b11c8fea2ff7398e01df48c8eb62123f2630d561470003d020f4cc8923654fcf65d400ed0792af6bf1876099951e938adc275f47b9ba178b8ae3e9b295fab66c144ad8ad2fd29bced367833b76b2f0ded8dfead5dfccfc9ba2d658688abeb41f53eaf6efa82e5947f8d7a6e1010517032443507f5bd4193170104000000000000cb985f8f11149496bfe54629f3f759c3100e0ab50c95446fd390a87b884930763ac810bdcdaee81b64343b955eba24d34d816bcf3eb5df1b6b44317e033a9015640942da607e3ea61727b97eab7511ff680dc5f4e54fa19e07c0023152272edc066010e661de98f73f913bc04983b325ff62134b41081dce65528af69b5206f9522b3e09f78dea218621e60f5ca9c58212526d96aace431133528b8a5354b213ef4883ef271e488bf629284c277843202bf7a41dbe2616e8338ab14f83bd6da1d1c4a4b50b6372564187a497036f2040f77c099bd0d98d3e4eebd4bf433360c518fc965e966642a22a335f3a9688336bd254dc9fe32632d4c1599c6b72fca290d9cae38548f4ad5d2a165053b7d392276d81ff26e97ebcfa210eddc832240de22bbfc6623929aa2d8bad6c41db54e2125063f9153e98b2316ae5e9d51a3a9efe5a81242f7045dbafa8db63cafad19e32b767dcd5adfd5e5459dce45c71f61a18a3e6a7de43bd61d6015fac48dcecb60795e02b30dc04cc4a408abc2dee10a97fb387a229ba5c07cebc63037c0102c846393b2bf865db38e51ce44b5cede8d530cb6496e5a34b9b0b060b8bd6f98cd53169518a1732d92af494c351f8ce753754f7d944865de345d8520a9232a1c5e516e61f23c39e09bac5d7c70a478e0b7a3208f61f090f69b9ab33da7a8ae16626c3d26f11065fd46851eff2c5968f937e90abe02555cad9e54b4bcaf3ee55aba96406cd457e27c1ad5b9cc640afff1d94d7d5f854fd50a66bf37355c548f840129ae0d81dc23202e4d7921236172d1c4920c1bf5e7bfad21740acd8f5fa278b6de2336276e271045d0ef0a9a566ae988269cb16f7eee941941d3a9f05d754cbb92a27ad9cb374872c3566a9db35920d63f0cfa69ef8dfc41f307f7c1f1ae712e3f6001e57e1de99777212ede107b692182c507b168c77a3824f0cd663f6d2ffe73e3d90587b3444e9a3cb093ddefd2869db927938ecf6cbd16a85d0849b7c829a37b70b24868e7ab1aa2adc012d85a8bf374225281b50882a40e6bed667f0538d8c85768cc9d8537bedfebe64cddf937a150c565e3824a75f5e7a173fed0ed3b3aa8750fde47ce1c219d5fc1977abc24c7a28aa8251e29a17eee3405d4c1f1f5e8b53df9425d6dde4b9de4715097c58062a977637b42974a40f0bf24dcca060871b759e5f42a12da7d89a494468f6c91c47ac17e7bfd61e62872541fd5d3941c0f0ebca3de06ca63cb52b186737fc61ade4eaed0fd5dd1eb4b8e2d2ebb689741fb354c8bbdc9092f68a156952395585113d78254ec826ba49204d76b8dcd854c4cf942c50c38ad5f8db2bf032d5eced178b25e56f9b39961aea03785119cab42fffbbbeaa15f0c21511f441fd72ab25014dbe5a35dfe295486e0d2e5803304deff8736e1d8df7886e4725321bc450c68459f01b5b3014735e81f989945e59b4c5e367976e90124e9cf422cc0f0d624627ab83ccd65ac7ffb91424672ebb3d91d932994c6e215a9d60efb6ed87eb579951668273e9a38f9089179459d2f670a21bd999a97c968891c59402d188dc601ef033fb9af3291b8778f2a38d379913a02d2215f2960f80847afe4d65f1fc7bcd1995e83fc88d87d799af0bf16060780efc8dbd08b041d8c2f646ca18ea18d3d295e172b344b6aea8d2a2620b6379c5c368459fee07bfcc83c83acaf3dc67755bbe8fe58b1a39051ef2327b30c894deade3262ea5ffa559b789da10f2948e135ce5858e1b016c153b14795a085b5bef350f95487a3f748afa943179d87a1e8828edc33804c2ea49979074fe162a8a36689286c390585d9f83645be3b921c4a6678b8ffd7edfb7a85265d5796ce4f12595b364fcc81b58c267beaa85dd47ad8c55783fe526d6dd0e3cc1f70a7e88d6f826b18aeab8282ff8e2a13ee8f03fab41be97af13c87883f87e6f0bdda04deebc05e35b601a55cc984478a997725d3faab2101cd9596c757c659e6b6c9178f620fbdcb87e399404f4bcd9b57dd1013818e58a785bed0a7fd1f5e5e355816ceba6745a42e10a145c87aedede2e0bed7bc75015a8354ba95a226c87df41d41e4ae368c4e84e8a032c48977602d71eae547f95375746e1f9c86135481bd09a08fee04db26b96cc9327bbde61cec27a56d114cc0e6459170e6cc44d846a2a55046b505e14dbdac32aa759e5d0268fe819a3dc503247b6c24c1607b4742671f5ad63c21812b1904b3c39ec8734fb1ee77a124a29c50154f53c89754f5e4719cc0279c851a63fc33e16f2393e5134568b78126b5680664fcd1fbf9d88f4efdadc120bbb4f21ddd7bf4c445a534631c5f2c4b51d7842743493b4a13bb99f160987284bc7960aaa6d40dbe05e20f42ff48425d1c8166b7fd457d33d808b456b7b11d3d3c1f445a9698ee8a473fb116c5c4824fa224088fa6f031f07f2972e62592d59536dc4cbe3c1cb33e922b0f35f79f1df10ab43e1d3e5dc480bdd8a7039f71ee9c73f976809ec2853ad0c18e4f0ee73fd1361591375d3db6c822e7baae597fc454aae7b426922e9fd9a87fe52a25d5cd03434d7ffb9f319fbeb403c0836f2117cf851bf7660ecb567a6cd918e85190683c1c0a79da1cd92b8527400008f047a436a4859be0e7b9469c6830881d81f93ea8ba1b614de4386296089c9b34f4b8116ae7afedd43f6a82abf4302e4d8a9fba0b87347df1f5bb676f496bf29bf9ea9e3ea4bd1dd3f3d4feb7609f96424f35035b5a13fd6efd0441dea1c1f17feae7d5a1ef77aa05537fc87cc2021c92d5cbbbd159258a45972e112e123e306ef0daa36e1ff069be815c5d0b74b6b41c6d5b76c04057de0a43c2e40b04fc11b60f0f1e7ff0b88fb600d79e03cc8b73fed0af95601acca00"})
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000014c0)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYBLOB="1100"/12, @ANYRES32=r1, @ANYBLOB="4580e8d4a6d855eee014922282a48ed1c12af667fcda5a47c85efa0778e226016af7efea58b4a80ca2b474c724e09bcbb7ca0f300ab69d8f3b134cb04ac08a69b27292410f1459ea69a720d2693f225dde46fdf5615ce48a5b7a1c461544", @ANYRES64=0x0], 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x181900, 0x0)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x10}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

12.168333707s ago: executing program 0 (id=2567):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000002030104000000f4ffffffff000000000800010001"], 0x28}}, 0x40000)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="2000000003030500000000000000000000d600000c0002"], 0x20}}, 0x0) (fail_nth: 1)

12.059869763s ago: executing program 5 (id=2568):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x69c, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7c2c)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCAX25GETINFOOLD(0xffffffffffffffff, 0x89e9, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x8, 0x1, 0x3, "a701f6dd566a4ab69e1f83b4051d09a83971e3aece62c53bb500", 0x20385655})

11.640798704s ago: executing program 0 (id=2570):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={r3, 0x1, 0x6, @local}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4f549b, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x32]})
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, 0x0, 0x0, 0x1c, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r8, 0x0, 0x0)
sendmmsg$sock(r8, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32], 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040))

10.960670232s ago: executing program 5 (id=2571):
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_G_EDID(r1, 0xc0285628, &(0x7f0000000440)={0x0, 0x3, 0x6, '\x00', 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0xfea7)
r3 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205649, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90a, 0x8000, '\x00', @ptr=0x20002000}})

10.732430534s ago: executing program 3 (id=2572):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x8001, 0x4)
listen(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000280), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000200)='./file0/file0\x00', 0x0, 0x89901a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="0180c20000ddffffffae65ff86dd60ecff8000181100fc000000000000000000000000000000ff02000000000000000000000000000100004e22001890780300"/78], 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x14d882, 0x0)
r5 = dup(r4)
sendfile(r4, r5, 0x0, 0x80006)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
umount2(&(0x7f00000001c0)='./file0/file0\x00', 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000100))
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r8 = dup3(r7, r6, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)

10.589107755s ago: executing program 0 (id=2573):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec8500000050000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000480)=""/2, 0x2}, {&(0x7f0000000540)=""/105, 0x69}, {&(0x7f00000005c0)=""/139, 0x8b}, {&(0x7f00000004c0)=""/30, 0x1e}, {&(0x7f0000000680)=""/36, 0x24}], 0x5, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet(0x2, 0x3, 0x100)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000100)=<r5=>0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r7], 0x1c}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)=<r10=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000240)=<r11=>0x0)
r12 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r12, 0x0, &(0x7f00000000c0)=<r13=>0x0)
r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r14)
sendmsg$NFC_CMD_DEV_UP(r14, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r15, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r13}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
sendmsg$NFC_CMD_DEP_LINK_DOWN(r4, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r13}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44000}, 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r16=>0x0})
r17 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000780), r8)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000800)={'wpan4\x00', <r18=>0x0})
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x44, r17, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0xfe}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r18}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040011}, 0x1)
sendmmsg$inet(r3, &(0x7f00000033c0)=[{{&(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r16, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x40}}], 0x1, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

9.911587186s ago: executing program 5 (id=2574):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r1 = dup(r0)
socket$nl_route(0x10, 0x3, 0x0)
userfaultfd(0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x7fff, 0x0)
connect$unix(r4, &(0x7f0000000680)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d07000000374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000780)=ANY=[@ANYBLOB="14010000330001000000000000000000010100800c000100000000000000000014000300fe"], 0x114}], 0x1, 0x0, 0x0, 0x200400c0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x26fb63d934f3cb6f, &(0x7f00000000c0)={[{@uuid_off}, {@metacopy_on}, {@index_on}, {@default_permissions}, {@verity_off}, {@default_permissions}, {@xino_auto}, {@metacopy_on}, {@xino_auto}], [{@smackfshat={'smackfshat', 0x3d, '/dev\x00\x00\x00\x00\x00\x00\x00\x10'}}]})
syz_open_dev$midi(&(0x7f0000000040), 0x7733, 0x10280)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000000000))
ioctl$BLKRRPART(r1, 0x125f, 0x0)

8.91817173s ago: executing program 5 (id=2575):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x15, 0x5, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x3f, 0x7a, 0x7e, 0x40, 0xc72, 0x12, 0x2296, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x72, 0x0, 0x0, 0xab, 0x38, 0x48}}]}}]}}, 0x0)
getsockopt$nfc_llcp(r1, 0x114, 0x2721, 0x0, 0x20000000)
socket$inet_sctp(0x2, 0x1, 0x84)
pipe2$watch_queue(0x0, 0x80)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
io_uring_setup(0x26ce, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
syz_emit_ethernet(0x4e, &(0x7f0000000440)=ANY=[@ANYBLOB="b8a3eb209aa0aaaaaaaaaa0086dd6000010000183afffe800000000000000000000000000000ff020000000000000000000000000001860090780000000000000000000000000000010021000000c0a5f7e42c"], 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
sendmmsg$inet(r5, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=';', 0xfffffdef}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000400)="bb", 0x1}], 0x1, 0x0, 0xfffffffffffffd96}}], 0x2, 0x16da)
getsockopt$packet_int(r0, 0x107, 0xb, 0x0, &(0x7f0000000040)=0x3a)

8.847600294s ago: executing program 6 (id=2576):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f000085a000/0x4000)=nil, 0x4000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x110)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r6}, 0x10)
clock_getres(0x2, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f00000017c0)=r1, 0x4)
r8 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r8, 0x118, 0x0, &(0x7f0000000000)=0x10009, 0x4)
sendmsg$AUDIT_SET(r7, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r10, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe94, 0x30, 0x25, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x100}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0)
read$FUSE(r0, &(0x7f0000002e80)={0x2020}, 0x2020)

8.765532352s ago: executing program 1 (id=2577):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x40400)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000080)={0x8000, 0x0, 0x0, 0x1, 0x0, "000100"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x1)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0xba, 0x0, 0x0, [<r7=>0x0], [0x0, 0x0, 0x0, 0x67], [0xffffffff], [0x0, 0x3]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r7, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r8})
close_range(r0, 0xffffffffffffffff, 0x0)
r9 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b00010100000009040000010701010009050102"], 0x0)
syz_usb_control_io$printer(r9, 0x0, &(0x7f0000000b40)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)={0x20, 0x0, 0x1}})
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x21, 0x0, 0x1)
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r10, 0xc020f509, &(0x7f0000000080)={0xffffffffffffffff, 0x8, 0x0, 0x7})

8.683335743s ago: executing program 0 (id=2578):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x18, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66945ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e6ffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a2915bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01"], &(0x7f0000000380)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @multicast2, @local}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84, 0x0, @private, @empty}}}}}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = fcntl$dupfd(r2, 0x0, r2)
getsockopt$MRT6(r3, 0x29, 0xd0, 0x0, &(0x7f0000000040)) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
syz_emit_ethernet(0x8a, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
syz_open_dev$hidraw(&(0x7f00000011c0), 0x4, 0x400000) (async)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r7, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$char_usb(r8, &(0x7f00000001c0)=""/4068, 0xfe4) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_tcp(0xa, 0x1, 0x0)

8.171244792s ago: executing program 6 (id=2579):
r0 = syz_open_dev$sndctrl(0x0, 0xde, 0x0)
r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a471000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddb357f7adf97affffffff7d1800"})
r8 = syz_open_pts(r7, 0x0)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r7, r8, 0x0)
ioctl$TCSETA(r8, 0x5406, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x12, "0700f362368300"})
ioctl$TIOCGPTPEER(r7, 0x5441, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000200928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb0f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686, @ANYRES16=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r2, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.34773583s ago: executing program 6 (id=2580):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x20301, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
add_key(&(0x7f0000002000)='logon\x00', &(0x7f0000001000), &(0x7f0000001000)="2e989cc9f58ec796be4720e6160291a2fb7c6445e84b8e9e349ead029fe38d5810bf992b5d51f406a51cc339021268aed6f767582af42dbc8ea1110e4353fcf3", 0x40, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$VT_WAITACTIVE(r1, 0x5607)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d3, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
write$binfmt_script(r0, &(0x7f0000000500)={'#! ', '\xe9\x1fq\x89Y\x1e\x923aK', [], 0xa, "6fa3743c8f6ba7349a7b000000000006000000000000009412d55eda80d4255cc09419d4aec3d1bfadee0c70d0d4bafedd85a8d6e3eb8449e30009fa854e4c66d120ad598d1f4e"}, 0x55)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
io_setup(0x5, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000002400)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}])
r5 = dup(r3)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000080))
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r5, 0xc018937d, &(0x7f0000002440)={{0x1, 0x1, 0x18, <r6=>r2, {0x7000}}, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r6)

6.113580641s ago: executing program 3 (id=2581):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x69c, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7c2c)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCAX25GETINFOOLD(0xffffffffffffffff, 0x89e9, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x8, 0x1, 0x3, "a701f6dd566a4ab69e1f83b4051d09a83971e3aece62c53bb500", 0x20385655})

5.103451504s ago: executing program 6 (id=2582):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$vsock_stream(r0, &(0x7f0000000000)={0x10}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/netlink\x00')
connect$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b80)=ANY=[], 0x20)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xdc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_RESET_STATS(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
preadv(r1, &(0x7f0000000ac0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000d40)=""/164, 0xa4}, {&(0x7f0000000900)=""/236, 0xec}, {&(0x7f0000000280)=""/45, 0x2d}, {&(0x7f0000000a00)=""/130, 0x82}, {&(0x7f0000002ec0)=""/4096, 0x1000}], 0x8, 0x0, 0x0) (fail_nth: 1)

5.009545626s ago: executing program 0 (id=2583):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x42)
r0 = syz_io_uring_setup(0x3a65, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='+'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
unshare(0x22040080)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4.967584942s ago: executing program 3 (id=2584):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9a452a9022485bb572dacb7aa25f748bc75918a16d9d5ae21004cd799ac4951beb2c6c9b5baf60081b86cc2e31c49f4ea055fb3639036c95c69b1ae60e685d486dbd1d5e7d0daacd73acfc80b9c9c92"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
mmap$IORING_OFF_SQ_RING(&(0x7f000085a000/0x4000)=nil, 0x4000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmmsg(r1, &(0x7f0000000180), 0x4000190, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x110)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000e0000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r5}, 0x10)
clock_getres(0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, 0x0, 0x0)
r7 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r7, 0x118, 0x0, &(0x7f0000000000)=0x10009, 0x4)
sendmsg$AUDIT_SET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x10}, 0x3c}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r9, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe94, 0x30, 0x25, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x100}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0)
read$FUSE(r0, &(0x7f0000002e80)={0x2020}, 0x2020)

4.417085739s ago: executing program 0 (id=2585):
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000600), &(0x7f0000000000)=0x8)
mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0xe5)
chdir(&(0x7f0000000140)='./bus\x00')
prlimit64(0x0, 0x0, &(0x7f0000000000)={0x1, 0x55c}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r2, 0xc04c5349, &(0x7f0000000180)={0x8, 0x4, 0x5052})
tkill(r1, 0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x0, 0x803, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r3, 0x0, 0x0)
getdents64(r3, &(0x7f0000002f40)=""/4098, 0x1002)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000240)={0x0, 0x8, 0x0, 0x0, 0x1d})
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000040000000073113900000000008510000002ff0000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
syz_emit_ethernet(0x9a, &(0x7f0000000640)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd60010100006411fe34c7712000fe8000000000000000000000f20000bbfe8000000000930000000000000000aa00000e2221c0efabe86c26006490780200000001000000020000006b92a137fbab6e3dffd37a67ee45cc2f77f8308a1f80139a799182d6725599e25082f89c0819b1de901baa65999d34cec64ee8d2233a"], 0x0)
splice(0xffffffffffffffff, 0x0, r4, 0x0, 0x10500, 0xc)

4.377634201s ago: executing program 3 (id=2586):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r1 = dup(r0)
socket$nl_route(0x10, 0x3, 0x0)
userfaultfd(0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x7fff, 0x0)
connect$unix(r4, &(0x7f0000000680)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d07000000374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000780)=ANY=[@ANYBLOB="14010000330001000000000000000000010100800c000100000000000000000014000300fe"], 0x114}], 0x1, 0x0, 0x0, 0x200400c0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x26fb63d934f3cb6f, &(0x7f00000000c0)={[{@uuid_off}, {@metacopy_on}, {@index_on}, {@default_permissions}, {@verity_off}, {@default_permissions}, {@xino_auto}, {@metacopy_on}, {@xino_auto}], [{@smackfshat={'smackfshat', 0x3d, '/dev\x00\x00\x00\x00\x00\x00\x00\x10'}}]})
syz_open_dev$midi(&(0x7f0000000040), 0x7733, 0x10280)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000000000))
ioctl$BLKRRPART(r1, 0x125f, 0x0)

4.005522789s ago: executing program 5 (id=2587):
r0 = io_uring_setup(0x28bc, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=0x0, @ANYBLOB="000000005d1a04e748893a196499afb72907c0865a0100000000"], 0x2c}}, 0x5000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x9)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r6, 0x0)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x41, &(0x7f0000000000)=0xff, 0x4)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r8, 0x4030ae7b, &(0x7f0000000100)={0x7, 0xe, 0x1, 0x1, 0x5})
r9 = fsopen(&(0x7f00000000c0)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x6, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280)=0x30)

2.903378669s ago: executing program 6 (id=2588):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12', 0x2)
ftruncate(r1, 0xffff)
fcntl$addseals(r1, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000140)={r1, 0x0, 0x0, 0x4000})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x4)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8929, &(0x7f0000000280)={'gre0\x00', 0x2000081})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$midi(&(0x7f0000000040), 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000100)=0x3)
mount$bpf(0x0, &(0x7f00000003c0)='./cgroup\x00', &(0x7f0000000280), 0x18, &(0x7f0000000480)=ANY=[@ANYBLOB='eode=00000000000000000000010,\x00'])
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002bbd7000fedbdf252600000008000300", @ANYRES32=r8], 0x24}, 0x1, 0x0, 0x0, 0x4000815}, 0x850)

2.463544319s ago: executing program 3 (id=2589):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000005c00)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
clock_getres(0xfffffffffffffff1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r2 = msgget$private(0x0, 0x20)
msgrcv(r2, 0x0, 0x0, 0x2, 0x1000)
msgsnd(r2, 0x0, 0x8, 0x0)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x271e, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_MODE_GETFB(0xffffffffffffffff, 0xc01c64ad, &(0x7f0000000240))
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_emit_ethernet(0x6e, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r3 = openat$cgroup_pressure(r0, 0x0, 0x2, 0x0)
openat$cgroup_pressure(r0, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f0000000180)=[{r3}], 0x1, 0x0, 0x0, 0x0)

1.571199843s ago: executing program 1 (id=2590):
r0 = socket$inet(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

1.501466004s ago: executing program 1 (id=2591):
openat$cuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) (async)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
gettid() (async)
r1 = gettid()
timer_create(0x0, &(0x7f0000000140)={0x0, 0xb, 0x4, @tid=r1}, &(0x7f00000020c0)) (async)
timer_create(0x0, &(0x7f0000000140)={0x0, 0xb, 0x4, @tid=r1}, &(0x7f00000020c0)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r3, 0xc2604110, &(0x7f0000000280)={0x0, [[0x7ff], [0x400, 0x2], [0xfff]], '\x00', [{0x0, 0x1, 0x1}]})
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/oss_mixer\x00', 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x700000e, 0x50032, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140)) (async)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_ZEROPAGE(r6, 0xc018aa06, &(0x7f0000000380)={{&(0x7f00007db000/0x2000)=nil, 0x2000}, 0x300})
statfs(0x0, 0x0)
ioperm(0x0, 0x12e, 0x8000000000008) (async)
ioperm(0x0, 0x12e, 0x8000000000008)
modify_ldt$write2(0x11, 0x0, 0x0)
r7 = fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCSIFBR(r8, 0x890c, 0x0) (async)
ioctl$sock_SIOCSIFBR(r8, 0x890c, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='limits\x00')
lseek(r9, 0x80, 0x0)
splice(r0, 0x0, r7, 0x0, 0x2000, 0x0)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000002100)={{&(0x7f0000b15000/0x2000)=nil, 0x2000}, 0x4}) (async)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000002100)={{&(0x7f0000b15000/0x2000)=nil, 0x2000}, 0x4})

1.435713559s ago: executing program 6 (id=2592):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_clone(0x1800200, &(0x7f00000010c0)="3739104083ea09a5cd98455d4be3b9aaa2d40cc9ea1bde954e5058f97810f67cfa6e6352c20ee0901e8588062c9f4d50283bc2310b7a6bfc92c29055eb4cc4032c344aaa6a7b89e5913f718f472929f242c52908d302b3481175bd5a03c398e691e5081aba8bc33836f93441090cb69d972c30483bf644b61626340b6a68958309ae79acf510e0b3024084c3d2ee4a5fae7c0990fedcbf0ac63d1888279b0b9023843a11b714b5", 0xa7, &(0x7f00000011c0), &(0x7f0000001200), &(0x7f0000001240)="a928296b77972fd43b036e0b6602971941b2ac24242e60db150f40fb3759af6c34a71854ac9cb95109fd97a2ec49793bb4a7b9bd2e24abd6dfaab7ec63cecbec0a34d813247eda8028")
r0 = syz_pidfd_open(0x0, 0x0)
syz_usb_connect(0x0, 0xb, &(0x7f00000010c0)=ANY=[], 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0x40085503, &(0x7f00000000c0)={{}, "c4005a51cf48a456fe399e96793568de827d6e3af15928143f77a2c2bf19506fac2c94a8808e7365569e94b6012f452ddbdb4acaadf3199a4fa57eab4549a87e05bb9a155f3d08704dc753cff79d5128dc113e58ecd5a19e0bc7bef139e74acaed4f126be4cc57e22d44a734c7f2c44b2b2dc3ecfb59318827549e5b2679b3cc4f9e5df2bc30b674fb5f8e181e7dab6cc37989c9911a3d5b32ac444ebf78c76d68c313ed1bcaa4bfcdddc200878c72704b48f4cda8c86a41c703694c1e57aaf73751f45d5ed54010c14c30ea8ca2f620ab57b6ad6bdf3263aeab2de44576b10a1040f0b284fcf2cb5037e025b227baf26e0c5bda231531365c778ef42bc49fd603b98b7b5173f2f1669834e8cd5167092f5d56e6c2623165710ec863179f143dba38551641ea77676773f3a18e97ada500fe448f172e6e714e16079d8233626d4c5c08c9117c5872c5d815ae0d481c25f2cfd2c76c6723e5ee78d5941b7d49e3d123294dd4c04c2691c5d086393047e3fd027daebf2114d1e9da89a36a49f7a411638060e87593ed8e45fb4292ff888e2eb7b776c9428623a34454fb2f11a47b43707e4b161faa8b8dc0d9cb2a0ac253ab41d0172190749ae06af564cabff5a0ba5df004c44138b49d2e17944f6588839fdedcf6ddef583df85490fa3a956e416e02943d56f734c3d3aa8b4898544e8f417c79bb5532b4ab2393c6723488c627a285686a0dac4cd6df370ab806b80f251256cfc058f8c2c2b46dca533048a18315caca12ad5915f077285ffbe1a4b5f46f2af4e45695348200e1f5a57a698aca5cb4f6124fc076af5f40c3461e91b2639a84be51abe62d27cde1642731d31ae1264d20a21011bd221f8d0e4fc9835ccb61405e1ba6fcd48b9d3487909f89a0f40f91abfd3d33876b707d908bd2b076d37f5b2e2d530210e3930cf0418c3a7d8d4ac8cd16b4d2b2d4ebf6134c88813a808d82c86a20b7beb6534bb112b374d5b0a2beacb4e37872a2df879ebd568f0b20ce7d4aeb5ef6c960093b8a3d0e0332d821fdd099269364539d876caf78e60232baf7cc26589453666f17f94ac05fc2b752546a9586f9f18288e5944effa6f912709652113377ee14d949842910b0af467706b42d969908840fe55857f526694cdacb7735f2e0bdc49ca50ca57193aec63535f679e1486185bae007a7cd345bf8d7428e1a2881f6d327ee34ef0bbd67b51d25000fc59ed894c001ca327898dc4a3e7c33e20542772f31e7f125eedec11604b6569f051e643bff91d616284d2ea0f25320c22caba4d681781a13bf341dc22f882540aaab75d5bba9bbfe8aa960705d1d903a7ed8b7a14cc18b2ec9d1640ba3b6cf9c2a6cde4f7b23d1eb42fa57d2b2206c6cd6f84a5b7d682a09064e341c844edd3361f2e457a5057e1c3d97916190d9749adbadb70797f1729cc01c6146a23942e245021fe02748e2235582b36df8236c8b25fa94d1ed7e495f0df447b36f609b17526b2c8c43f1ded38f99344f2553fd911deed701d89fdf92ed6368d74f6f09ce2d26a3916f28eda4fac022f043aff14bab96f3841979533b2f935cfe7e40ad9cc77557d50a32a73aa71ae37a0cece6580887608d028b55fa7a1a1cf214098fe13c1a32ee5890e3d2c9a4d23041f89bac353aa1641df4375080b2181555e9667082a35b041645be39a47288b747eed9d127d8d342b620d0ecd2a48a86bd7dbfa04b3cfad62f5b1055b2259dc64b02d27599fff87c8303b47174e3ee66645d1eaaa05d63bad90ef4fdb97d21b478b37c313571d5776495460b57ba25dc2a5def286c8e81a3fdaa3dfb1dfb9deec86aa3629a03b9722bd95a96972a32552ba5d74f03989c73598b3ba0ef19151631ba4cf90d1bcc35c7cd2fecd6c271564df5ed232581417488454f5878f09523ce1b966162808d13a86872ad04bc777544ae4477459d197c6aaecf52e229a6cc94d151e014b589311f8e5bb7eb57605a80c11a7df2110b70735ae34a21e467f7bd8c3f81c1f9dfcf9464365566786b086637717df597c05b45249b04faa2269ca5a3fca2f1797682f24a34c9f70c27b6dd47fe9f6f006c934481524985afeec903f160c4e2c36c2bbe2081ff33733ca17ca2a2d794fd3af80d5a1adcbfa384e1ba851f4a554433e532f321b332d640513c9df326ddaa4691201f94d1b4b82b82f9bb986e00242fce6588d906cd820640a59707cecf78533496fdc49d90effde5769812ae474ef31adb849542ef23359a640eeeadecf273713a46e96c836823012fc190c8d1dd88d965fbe11074da36375c11fedc648160b55b8b8bc830b72a6f98b1396a72d96f06fab40ddd4729dc162d30e8a34c4041cc22fd62eb501fa685ae7d53376cca12e40f53edd0ae8abbb666c75a6ca8658b4ef8810931158868afb757831d14e81cdadc995fcb98e2da29300480ca03494f81b59985dbe3da8634a3c4a00626d08d6f1f997ccd63a1a103d292d29cdf15b2c4bca2f34ba406a47d9a184ed712356257ec45aa9a8ed8b8daca20f6a2edb1494a2af100000000000000006f1bfeb0edfdb1f10b66753f3fe900b95be3aafbfb5e2976de8b2c6b485243770da0cdc8f4d7384b6f39817f5661429442b20cab08cc28cf814ebf10d7ad4de140241ec169d70781524127a9454e5f1ee9fd5652818683a2f7ff0b11c8fea2ff7398e01df48c8eb62123f2630d561470003d020f4cc8923654fcf65d400ed0792af6bf1876099951e938adc275f47b9ba178b8ae3e9b295fab66c144ad8ad2fd29bced367833b76b2f0ded8dfead5dfccfc9ba2d658688abeb41f53eaf6efa82e5947f8d7a6e1010517032443507f5bd4193170104000000000000cb985f8f11149496bfe54629f3f759c3100e0ab50c95446fd390a87b884930763ac810bdcdaee81b64343b955eba24d34d816bcf3eb5df1b6b44317e033a9015640942da607e3ea61727b97eab7511ff680dc5f4e54fa19e07c0023152272edc066010e661de98f73f913bc04983b325ff62134b41081dce65528af69b5206f9522b3e09f78dea218621e60f5ca9c58212526d96aace431133528b8a5354b213ef4883ef271e488bf629284c277843202bf7a41dbe2616e8338ab14f83bd6da1d1c4a4b50b6372564187a497036f2040f77c099bd0d98d3e4eebd4bf433360c518fc965e966642a22a335f3a9688336bd254dc9fe32632d4c1599c6b72fca290d9cae38548f4ad5d2a165053b7d392276d81ff26e97ebcfa210eddc832240de22bbfc6623929aa2d8bad6c41db54e2125063f9153e98b2316ae5e9d51a3a9efe5a81242f7045dbafa8db63cafad19e32b767dcd5adfd5e5459dce45c71f61a18a3e6a7de43bd61d6015fac48dcecb60795e02b30dc04cc4a408abc2dee10a97fb387a229ba5c07cebc63037c0102c846393b2bf865db38e51ce44b5cede8d530cb6496e5a34b9b0b060b8bd6f98cd53169518a1732d92af494c351f8ce753754f7d944865de345d8520a9232a1c5e516e61f23c39e09bac5d7c70a478e0b7a3208f61f090f69b9ab33da7a8ae16626c3d26f11065fd46851eff2c5968f937e90abe02555cad9e54b4bcaf3ee55aba96406cd457e27c1ad5b9cc640afff1d94d7d5f854fd50a66bf37355c548f840129ae0d81dc23202e4d7921236172d1c4920c1bf5e7bfad21740acd8f5fa278b6de2336276e271045d0ef0a9a566ae988269cb16f7eee941941d3a9f05d754cbb92a27ad9cb374872c3566a9db35920d63f0cfa69ef8dfc41f307f7c1f1ae712e3f6001e57e1de99777212ede107b692182c507b168c77a3824f0cd663f6d2ffe73e3d90587b3444e9a3cb093ddefd2869db927938ecf6cbd16a85d0849b7c829a37b70b24868e7ab1aa2adc012d85a8bf374225281b50882a40e6bed667f0538d8c85768cc9d8537bedfebe64cddf937a150c565e3824a75f5e7a173fed0ed3b3aa8750fde47ce1c219d5fc1977abc24c7a28aa8251e29a17eee3405d4c1f1f5e8b53df9425d6dde4b9de4715097c58062a977637b42974a40f0bf24dcca060871b759e5f42a12da7d89a494468f6c91c47ac17e7bfd61e62872541fd5d3941c0f0ebca3de06ca63cb52b186737fc61ade4eaed0fd5dd1eb4b8e2d2ebb689741fb354c8bbdc9092f68a156952395585113d78254ec826ba49204d76b8dcd854c4cf942c50c38ad5f8db2bf032d5eced178b25e56f9b39961aea03785119cab42fffbbbeaa15f0c21511f441fd72ab25014dbe5a35dfe295486e0d2e5803304deff8736e1d8df7886e4725321bc450c68459f01b5b3014735e81f989945e59b4c5e367976e90124e9cf422cc0f0d624627ab83ccd65ac7ffb91424672ebb3d91d932994c6e215a9d60efb6ed87eb579951668273e9a38f9089179459d2f670a21bd999a97c968891c59402d188dc601ef033fb9af3291b8778f2a38d379913a02d2215f2960f80847afe4d65f1fc7bcd1995e83fc88d87d799af0bf16060780efc8dbd08b041d8c2f646ca18ea18d3d295e172b344b6aea8d2a2620b6379c5c368459fee07bfcc83c83acaf3dc67755bbe8fe58b1a39051ef2327b30c894deade3262ea5ffa559b789da10f2948e135ce5858e1b016c153b14795a085b5bef350f95487a3f748afa943179d87a1e8828edc33804c2ea49979074fe162a8a36689286c390585d9f83645be3b921c4a6678b8ffd7edfb7a85265d5796ce4f12595b364fcc81b58c267beaa85dd47ad8c55783fe526d6dd0e3cc1f70a7e88d6f826b18aeab8282ff8e2a13ee8f03fab41be97af13c87883f87e6f0bdda04deebc05e35b601a55cc984478a997725d3faab2101cd9596c757c659e6b6c9178f620fbdcb87e399404f4bcd9b57dd1013818e58a785bed0a7fd1f5e5e355816ceba6745a42e10a145c87aedede2e0bed7bc75015a8354ba95a226c87df41d41e4ae368c4e84e8a032c48977602d71eae547f95375746e1f9c86135481bd09a08fee04db26b96cc9327bbde61cec27a56d114cc0e6459170e6cc44d846a2a55046b505e14dbdac32aa759e5d0268fe819a3dc503247b6c24c1607b4742671f5ad63c21812b1904b3c39ec8734fb1ee77a124a29c50154f53c89754f5e4719cc0279c851a63fc33e16f2393e5134568b78126b5680664fcd1fbf9d88f4efdadc120bbb4f21ddd7bf4c445a534631c5f2c4b51d7842743493b4a13bb99f160987284bc7960aaa6d40dbe05e20f42ff48425d1c8166b7fd457d33d808b456b7b11d3d3c1f445a9698ee8a473fb116c5c4824fa224088fa6f031f07f2972e62592d59536dc4cbe3c1cb33e922b0f35f79f1df10ab43e1d3e5dc480bdd8a7039f71ee9c73f976809ec2853ad0c18e4f0ee73fd1361591375d3db6c822e7baae597fc454aae7b426922e9fd9a87fe52a25d5cd03434d7ffb9f319fbeb403c0836f2117cf851bf7660ecb567a6cd918e85190683c1c0a79da1cd92b8527400008f047a436a4859be0e7b9469c6830881d81f93ea8ba1b614de4386296089c9b34f4b8116ae7afedd43f6a82abf4302e4d8a9fba0b87347df1f5bb676f496bf29bf9ea9e3ea4bd1dd3f3d4feb7609f96424f35035b5a13fd6efd0441dea1c1f17feae7d5a1ef77aa05537fc87cc2021c92d5cbbbd159258a45972e112e123e306ef0daa36e1ff069be815c5d0b74b6b41c6d5b76c04057de0a43c2e40b04fc11b60f0f1e7ff0b88fb600d79e03cc8b73fed0af95601acca00"})
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000014c0)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYBLOB="1100"/12, @ANYRES32=r1, @ANYBLOB="4580e8d4a6d855eee014922282a48ed1c12af667fcda5a47c85efa0778e226016af7efea58b4a80ca2b474c724e09bcbb7ca0f300ab69d8f3b134cb04ac08a69b27292410f1459ea69a720d2693f225dde46fdf5615ce48a5b7a1c461544", @ANYRES64=0x0], 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x181900, 0x0)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x10}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

1.42881295s ago: executing program 3 (id=2593):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x15, 0x5, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x3f, 0x7a, 0x7e, 0x40, 0xc72, 0x12, 0x2296, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x72, 0x0, 0x0, 0xab, 0x38, 0x48}}]}}]}}, 0x0)
getsockopt$nfc_llcp(r1, 0x114, 0x2721, 0x0, 0x20000000)
socket$inet_sctp(0x2, 0x1, 0x84)
pipe2$watch_queue(0x0, 0x80)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
io_uring_setup(0x26ce, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=';', 0xfffffdef}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000400)="bb", 0x1}], 0x1, 0x0, 0xfffffffffffffd96}}], 0x2, 0x16da)
getsockopt$packet_int(r0, 0x107, 0xb, 0x0, &(0x7f0000000040)=0x3a)

1.067328444s ago: executing program 1 (id=2594):
r0 = syz_open_dev$sndctrl(0x0, 0xde, 0x0)
r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a471000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddb357f7adf97affffffff7d1800"})
r8 = syz_open_pts(r7, 0x0)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r7, r8, 0x0)
ioctl$TCSETA(r8, 0x5406, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x12, "0700f362368300"})
ioctl$TIOCGPTPEER(r7, 0x5441, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000200928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb0f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686, @ANYRES16=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r2, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

251.695542ms ago: executing program 5 (id=2595):
socket$nl_xfrm(0x10, 0x3, 0x6)
pipe(&(0x7f00000001c0))
syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000))
syz_io_uring_setup(0xa94, &(0x7f0000000400), &(0x7f00000003c0), &(0x7f00000005c0))
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x7}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x1)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
write$binfmt_misc(r1, 0x0, 0x0)
sigaltstack(0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r3 = openat$dma_heap(0xffffffffffffff9c, 0x0, 0x521002, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
syz_emit_ethernet(0x3e, &(0x7f0000000280)=ANY=[@ANYBLOB="ffffff45000030000000000067907800000000e00000012100907812000228250000240000000000000000e0000002e000000048ecb4a55003ceaecee9a988545ece2ba405ef9c5224cc13abab3c58c5ae46ca8aee3aea33d40f30b0066dff4f3e9db005d1aa3ccfc0dbd07dbf456a190a203040da8278b3182191b500"/135], 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x7)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x13, r5, 0xd2a6a000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000140)={0x0, 0x518, 0x9, 0x7}, 0x10)

0s ago: executing program 1 (id=2596):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000000)={'wpan1\x00'})
sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0xc084)
ioctl$VHOST_VDPA_GET_VRING_GROUP(r1, 0xc008af7b, &(0x7f0000000100)={0x1, 0x5})
fstat(r1, &(0x7f00000025c0))
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r3 = io_uring_setup(0x5236, &(0x7f00000002c0)={0x0, 0x1d19, 0x400, 0xfffffff9})
io_uring_register$IORING_UNREGISTER_RING_FDS(r3, 0x15, &(0x7f0000002840)=[{0x3, 0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000000240)=""/67, 0x43}, {&(0x7f0000000340)=""/248, 0xf8}], &(0x7f0000000440)=[0x80]}, {0x6, 0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000000980)=""/205, 0xcd}, {&(0x7f0000000a80)=""/237, 0xed}, {&(0x7f0000002640)=""/123, 0x7b}, {&(0x7f0000000500)=""/61, 0x3d}, {&(0x7f0000000c40)=""/214, 0xd6}, {&(0x7f0000002180)=""/148, 0x94}], &(0x7f00000022c0)}, {0x0, 0x0, 0x0, &(0x7f00000024c0), &(0x7f0000002500)=[0x0, 0x80000000, 0x4, 0x3]}, {0x5, 0x1, 0x0, &(0x7f0000002780)=[{0x0}, {&(0x7f0000000480)=""/74, 0x4a}, {&(0x7f00000024c0)=""/45, 0x2d}, {0x0}, {0x0}], &(0x7f0000002800)=[0x9, 0x5]}], 0x4)

kernel console output (not intermixed with test programs):

t:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  718.708748][   T29] audit: type=1400 audit(2000000436.513:615): avc:  denied  { name_bind } for  pid=14123 comm="syz.1.2180" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  718.932909][T14130] FAULT_INJECTION: forcing a failure.
[  718.932909][T14130] name failslab, interval 1, probability 0, space 0, times 0
[  718.957106][T14130] CPU: 0 UID: 0 PID: 14130 Comm: syz.2.2182 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  718.967892][T14130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  718.977941][T14130] Call Trace:
[  718.981213][T14130]  <TASK>
[  718.984135][T14130]  dump_stack_lvl+0x16c/0x1f0
[  718.988812][T14130]  should_fail_ex+0x497/0x5b0
[  718.993487][T14130]  ? fs_reclaim_acquire+0xae/0x150
[  718.998625][T14130]  should_failslab+0xc2/0x120
[  719.003315][T14130]  __kmalloc_noprof+0xcb/0x510
[  719.008080][T14130]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  719.013714][T14130]  tomoyo_realpath_from_path+0xb9/0x720
[  719.019260][T14130]  ? tomoyo_path_number_perm+0x235/0x590
[  719.024889][T14130]  ? tomoyo_path_number_perm+0x235/0x590
[  719.030526][T14130]  tomoyo_path_number_perm+0x248/0x590
[  719.035984][T14130]  ? tomoyo_path_number_perm+0x235/0x590
[  719.041616][T14130]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  719.047615][T14130]  ? __pfx_lock_release+0x10/0x10
[  719.052636][T14130]  ? trace_lock_acquire+0x14e/0x1f0
[  719.057857][T14130]  ? lock_acquire+0x2f/0xb0
[  719.062369][T14130]  ? __fget_files+0x40/0x3a0
[  719.066966][T14130]  ? __fget_files+0x206/0x3a0
[  719.071641][T14130]  security_file_ioctl+0x9b/0x240
[  719.076673][T14130]  __x64_sys_ioctl+0xb7/0x200
[  719.081352][T14130]  do_syscall_64+0xcd/0x250
[  719.085858][T14130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.091749][T14130] RIP: 0033:0x7f497657ff19
[  719.096161][T14130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  719.115763][T14130] RSP: 002b:00007f49743f6058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  719.124172][T14130] RAX: ffffffffffffffda RBX: 00007f4976745fa0 RCX: 00007f497657ff19
[  719.132139][T14130] RDX: 0000000020000040 RSI: 0000000000002285 RDI: 0000000000000004
[  719.140114][T14130] RBP: 00007f49743f60a0 R08: 0000000000000000 R09: 0000000000000000
[  719.148085][T14130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.156048][T14130] R13: 0000000000000000 R14: 00007f4976745fa0 R15: 00007ffccc0f0488
[  719.164026][T14130]  </TASK>
[  719.184261][T14130] ERROR: Out of memory at tomoyo_realpath_from_path.
[  719.258230][   T29] audit: type=1400 audit(2000000437.215:616): avc:  denied  { execmem } for  pid=14128 comm="syz.1.2181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  720.330426][T14134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2184'.
[  720.339790][T14134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2184'.
[  720.411303][ T5871] usb 1-1: USB disconnect, device number 40
[  720.854302][ T5902] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  721.293627][ T5902] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  721.305076][ T5875] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  721.626779][ T5902] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  721.643989][ T5902] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  721.653920][ T5902] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  721.663116][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.704731][ T5875] usb 2-1: Using ep0 maxpacket: 32
[  721.739939][ T5902] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  722.128852][ T5902] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -12
[  722.140684][ T5875] usb 2-1: unable to get BOS descriptor or descriptor too short
[  722.186806][ T8499] udevd[8499]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  722.338253][ T5871] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  722.506344][ T5871] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  722.519437][ T5871] usb 1-1: config 0 has no interface number 0
[  722.530511][ T5871] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  722.572697][ T5871] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  722.581340][ T5871] usb 1-1: Product: syz
[  722.598745][ T5871] usb 1-1: Manufacturer: syz
[  722.603677][ T5871] usb 1-1: SerialNumber: syz
[  722.617194][ T5871] usb 1-1: config 0 descriptor??
[  722.675917][ T5871] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  722.806788][ T5902] usb 4-1: USB disconnect, device number 44
[  722.814629][ T5875] usb 2-1: config 253 has an invalid interface number: 227 but max is 0
[  722.823053][ T5875] usb 2-1: config 253 has no interface number 0
[  722.829329][ T5875] usb 2-1: config 253 interface 227 has no altsetting 0
[  722.840928][ T5875] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  722.849982][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  722.858077][ T5875] usb 2-1: Product: syz
[  722.863459][ T5875] usb 2-1: Manufacturer: syz
[  722.868072][ T5875] usb 2-1: SerialNumber: syz
[  723.096737][T14174] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2193'.
[  723.562125][ T5875] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  723.573608][ T5875] usb 2-1: USB disconnect, device number 45
[  723.890916][   T29] audit: type=1400 audit(2000000441.462:617): avc:  denied  { getopt } for  pid=14181 comm="syz.3.2194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  724.148891][T14188] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2195'.
[  724.260208][   T29] audit: type=1800 audit(2000000441.892:618): pid=14191 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2196" name="bus" dev="overlay" ino=1476 res=0 errno=0
[  724.561837][ T5836] usb 6-1: new full-speed USB device number 49 using dummy_hcd
[  724.744715][ T5836] usb 6-1: config 0 has an invalid interface number: 133 but max is 0
[  724.764786][ T5871] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  724.774159][ T5836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  724.838890][ T5836] usb 6-1: config 0 has no interface number 0
[  724.866488][ T5836] usb 6-1: config 0 interface 133 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  724.931205][ T5836] usb 6-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[  724.947959][ T5836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  724.952452][ T5871] usb 4-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=7d.08
[  724.991140][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  725.009655][ T5836] usb 6-1: Product: syz
[  725.018438][ T5871] usb 4-1: Product: syz
[  725.020246][ T5836] usb 6-1: Manufacturer: syz
[  725.037309][ T5871] usb 4-1: Manufacturer: syz
[  725.043825][ T5836] usb 6-1: SerialNumber: syz
[  725.045441][ T5871] usb 4-1: SerialNumber: syz
[  725.078865][ T5871] usb 4-1: config 0 descriptor??
[  725.079025][ T5836] usb 6-1: config 0 descriptor??
[  725.093331][ T5871] gm12u320 4-1:0.0: [drm:gm12u320_misc_request.constprop.0] *ERROR* Misc. req. error -22
[  725.115001][ T5871] gm12u320 4-1:0.0: probe with driver gm12u320 failed with error -5
[  725.145828][ T5871] usb-storage 4-1:0.0: USB Mass Storage device detected
[  725.188266][ T5871] usb-storage 4-1:0.0: device ignored
[  725.404577][ T5836] usb 6-1: probing VID:PID(0424:012C)   
[  725.422233][ T5836] usb 6-1: Could not find two sets of bulk-in/out endpoint pairs
[  725.429388][ T5871] usb 4-1: USB disconnect, device number 45
[  725.547787][ T5836] vub300 6-1:0.133: probe with driver vub300 failed with error -22
[  725.565544][ T5836] usb 6-1: USB disconnect, device number 49
[  725.751492][ T5871] usb 1-1: USB disconnect, device number 41
[  726.072374][   T29] audit: type=1400 audit(2000000443.566:619): avc:  denied  { create } for  pid=14210 comm="syz.0.2200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  726.193659][T14214] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2201'.
[  726.296694][   T29] audit: type=1400 audit(2000000443.800:620): avc:  denied  { bind } for  pid=14213 comm="syz.3.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  726.419476][   T29] audit: type=1400 audit(2000000443.912:621): avc:  denied  { read } for  pid=14217 comm="syz.5.2202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  726.731785][ T5872] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  726.945599][ T5872] usb 6-1: Using ep0 maxpacket: 8
[  727.093664][ T5872] usb 6-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  727.111779][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.119898][ T5872] usb 6-1: Product: syz
[  727.124080][ T5872] usb 6-1: Manufacturer: syz
[  727.128991][ T5872] usb 6-1: SerialNumber: syz
[  727.137877][ T5872] usb 6-1: config 0 descriptor??
[  727.216976][T14226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2204'.
[  727.664601][   T29] audit: type=1400 audit(2000000445.082:622): avc:  denied  { ioctl } for  pid=14217 comm="syz.5.2202" path="socket:[39998]" dev="sockfs" ino=39998 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  727.941294][ T5872] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  727.950430][ T5872] gspca_sunplus: reg_w_riv err -71
[  727.960924][ T5872] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  728.325887][   T12] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 1
[  728.553866][ T5872] usb 6-1: USB disconnect, device number 50
[  728.699798][   T68] Bluetooth: hci1: Frame reassembly failed (-84)
[  728.862450][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  728.870957][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  729.008028][T14245] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2210'.
[  729.170183][ T5872] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  729.329560][ T5872] usb 6-1: Using ep0 maxpacket: 16
[  729.337895][ T5872] usb 6-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  729.351042][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.359372][ T5872] usb 6-1: Product: syz
[  729.363673][ T5872] usb 6-1: Manufacturer: syz
[  729.368550][ T5872] usb 6-1: SerialNumber: syz
[  729.376556][ T5872] usb 6-1: config 0 descriptor??
[  729.384587][ T5872] hub 6-1:0.0: bad descriptor, ignoring hub
[  729.390874][ T5872] hub 6-1:0.0: probe with driver hub failed with error -5
[  729.400118][ T5872] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  729.431540][ T5872] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -2
[  729.503967][ T9504] udevd[9504]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  729.781575][ T5875] usb 6-1: USB disconnect, device number 51
[  730.048560][T14254] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2213'.
[  730.398687][T13959] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  731.362083][T14266] netlink: 'syz.5.2215': attribute type 3 has an invalid length.
[  731.369856][T14266] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2215'.
[  731.805089][T14277] FAULT_INJECTION: forcing a failure.
[  731.805089][T14277] name failslab, interval 1, probability 0, space 0, times 0
[  731.821780][T14277] CPU: 1 UID: 0 PID: 14277 Comm: syz.5.2222 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  731.832567][T14277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  731.842627][T14277] Call Trace:
[  731.845907][T14277]  <TASK>
[  731.848838][T14277]  dump_stack_lvl+0x16c/0x1f0
[  731.852647][ T5872] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  731.853515][T14277]  should_fail_ex+0x497/0x5b0
[  731.865717][T14277]  ? fs_reclaim_acquire+0xae/0x150
[  731.870849][T14277]  should_failslab+0xc2/0x120
[  731.875545][T14277]  __kmalloc_noprof+0xcb/0x510
[  731.880322][T14277]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  731.885377][T14277]  video_usercopy+0x1ac/0x1620
[  731.890161][T14277]  ? __pfx___video_do_ioctl+0x10/0x10
[  731.895550][T14277]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  731.902416][T14277]  ? __pfx_video_usercopy+0x10/0x10
[  731.907651][T14277]  v4l2_ioctl+0x1ba/0x250
[  731.911995][T14277]  ? __pfx_v4l2_ioctl+0x10/0x10
[  731.916861][T14277]  __x64_sys_ioctl+0x190/0x200
[  731.921639][T14277]  do_syscall_64+0xcd/0x250
[  731.926157][T14277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.932065][T14277] RIP: 0033:0x7fcccff7ff19
[  731.936485][T14277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.956102][T14277] RSP: 002b:00007fccd0d0d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  731.964526][T14277] RAX: ffffffffffffffda RBX: 00007fccd0145fa0 RCX: 00007fcccff7ff19
[  731.972503][T14277] RDX: 0000000020000080 RSI: 00000000c0d05605 RDI: 0000000000000003
[  731.980480][T14277] RBP: 00007fccd0d0d0a0 R08: 0000000000000000 R09: 0000000000000000
[  731.988454][T14277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  731.996431][T14277] R13: 0000000000000000 R14: 00007fccd0145fa0 R15: 00007ffc63c0a8a8
[  732.004421][T14277]  </TASK>
[  732.030508][ T5872] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  732.042107][ T5872] usb 1-1: config 0 has no interface number 0
[  732.053354][ T5872] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  732.063661][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.082913][ T5872] usb 1-1: Product: syz
[  732.087154][ T5872] usb 1-1: Manufacturer: syz
[  732.097945][ T5872] usb 1-1: SerialNumber: syz
[  732.122215][ T5872] usb 1-1: config 0 descriptor??
[  732.128613][ T5872] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  732.144862][   T29] audit: type=1400 audit(2000000449.272:623): avc:  denied  { write } for  pid=14280 comm="syz.5.2224" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  732.168293][   T29] audit: type=1400 audit(2000000449.272:624): avc:  denied  { remove_name } for  pid=14280 comm="syz.5.2224" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  732.191288][   T29] audit: type=1400 audit(2000000449.272:625): avc:  denied  { unlink } for  pid=14280 comm="syz.5.2224" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  732.307574][ T5875] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  732.310331][T14288] program syz.1.2227 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  732.322428][   T25] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  732.404104][T14291] overlay: filesystem on ./bus is read-only
[  732.410173][   T29] audit: type=1400 audit(2000000449.515:626): avc:  denied  { mounton } for  pid=14289 comm="syz.5.2226" path="/bus" dev="sysfs" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  732.431951][    C0] vkms_vblank_simulate: vblank timer overrun
[  732.555732][ T5875] usb 3-1: Using ep0 maxpacket: 32
[  732.562800][ T5875] usb 3-1: unable to get BOS descriptor or descriptor too short
[  732.572695][ T5875] usb 3-1: config 123 has an invalid interface number: 146 but max is 0
[  732.579539][ T5872] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  732.581126][ T5875] usb 3-1: config 123 has no interface number 0
[  732.594950][ T5875] usb 3-1: config 123 interface 146 has no altsetting 0
[  732.604574][ T5875] usb 3-1: language id specifier not provided by device, defaulting to English
[  732.636286][   T25] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  732.645545][   T25] usb 4-1: config 0 has no interface number 0
[  732.790900][ T5875] usb 3-1: New USB device found, idVendor=0bb4, idProduct=0a1a, bcdDevice=35.e8
[  732.830376][   T25] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  732.868747][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.887138][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.929044][ T5875] usb 3-1: Manufacturer: ４ዴ䩋葯鶾⩠调䟂伿㜥檶㴷뿿앖쉌뙤翠뻾⼯䢶壃뺒깯ₓ⬲莹��⽔ᠡ盤鳃᧟厊뢭쓖鞶�Ꭻ㡋꙲摣쪡媬㔓຺뜩녘ᄽ沴回�騺䰾᳦ᘰ╦᭟㢕〲ᴮDZ钨姿犯틀ᾶ휻�帇͑쮲鸔똛脿ꋬḟ♕뤹��崑ἑ땡훲⒃ꭺ㪟쮎
[  732.974173][   T25] usb 4-1: Product: syz
[  733.018256][   T25] usb 4-1: Manufacturer: syz
[  733.038806][   T25] usb 4-1: SerialNumber: syz
[  733.046980][   T25] usb 4-1: config 0 descriptor??
[  733.054893][   T25] peak_usb 4-1:0.114: probe with driver peak_usb failed with error 114
[  733.116666][ T5872] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  733.126989][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.139725][ T5872] usb 2-1: config 0 descriptor??
[  733.147236][ T5872] cp210x 2-1:0.0: cp210x converter detected
[  733.370296][T14288] libceph: resolve '00.' (ret=-3): failed
[  733.547342][    T9] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  733.620586][ T5872] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  733.636331][ T5872] usb 2-1: cp210x converter now attached to ttyUSB0
[  733.715398][    T9] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  733.730159][    T9] usb 6-1: config 0 has no interface number 0
[  733.751550][    T9] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  733.764408][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.787220][    T9] usb 6-1: Product: syz
[  733.796661][    T9] usb 6-1: Manufacturer: syz
[  733.805682][    T9] usb 6-1: SerialNumber: syz
[  733.819326][    T9] usb 6-1: config 0 descriptor??
[  733.836795][    T9] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  733.852512][ T5872] usb 2-1: USB disconnect, device number 46
[  733.877411][ T5872] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  733.910639][ T5872] cp210x 2-1:0.0: device disconnected
[  734.971817][ T5872] usb 1-1: USB disconnect, device number 42
[  734.989303][ T5875] usb 3-1: USB disconnect, device number 62
[  735.167549][ T5872] usb 4-1: USB disconnect, device number 46
[  735.174892][T14309] netlink: 'syz.1.2229': attribute type 3 has an invalid length.
[  735.183096][T14309] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2229'.
[  735.970314][ T6688] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 1
[  736.166616][ T3507] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  736.346734][ T3507] Bluetooth: hci1: Frame reassembly failed (-84)
[  736.819193][T14324] program syz.1.2234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  736.854749][ T5871] usb 6-1: USB disconnect, device number 52
[  737.133712][   T25] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  737.306907][   T25] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  737.316390][   T25] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  737.325979][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.335449][   T25] usb 2-1: config 0 descriptor??
[  737.475809][ T5836] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  737.529297][ T5875] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  737.567934][T14324] libceph: resolve '00.' (ret=-3): failed
[  737.659430][ T5836] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  737.667700][ T5836] usb 1-1: config 0 has no interface number 0
[  737.676277][ T5836] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  737.685432][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.696243][ T5836] usb 1-1: Product: syz
[  737.700711][ T5836] usb 1-1: Manufacturer: syz
[  737.705476][ T5836] usb 1-1: SerialNumber: syz
[  737.710661][ T5875] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  737.721981][ T5875] usb 6-1: config 0 has no interface number 0
[  737.729959][ T5836] usb 1-1: config 0 descriptor??
[  737.735156][ T5875] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  737.744366][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.752855][ T5875] usb 6-1: Product: syz
[  737.758020][ T5836] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  737.766316][ T5875] usb 6-1: Manufacturer: syz
[  737.770890][ T5875] usb 6-1: SerialNumber: syz
[  737.785090][ T5875] usb 6-1: config 0 descriptor??
[  737.795327][ T5875] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  738.087554][   T29] audit: type=1400 audit(2000000454.828:627): avc:  denied  { setopt } for  pid=14337 comm="syz.2.2240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  738.170928][T13959] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  740.192239][ T5872] usb 2-1: USB disconnect, device number 47
[  740.298203][ T5875] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  740.669243][ T5836] usb 1-1: USB disconnect, device number 43
[  740.946462][ T5875] usb 3-1: config 0 has an invalid interface number: 114 but max is 0
[  740.954969][ T5875] usb 3-1: config 0 has no interface number 0
[  740.964448][ T5875] usb 3-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  740.974726][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  740.992103][ T5875] usb 3-1: Product: syz
[  740.999029][ T5875] usb 3-1: Manufacturer: syz
[  741.014369][ T5875] usb 3-1: SerialNumber: syz
[  741.021255][ T5875] usb 3-1: config 0 descriptor??
[  741.043500][ T5875] peak_usb 3-1:0.114: probe with driver peak_usb failed with error 114
[  741.652689][ T5872] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  743.068408][ T5872] usb 2-1: Using ep0 maxpacket: 32
[  743.079010][ T5872] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[  743.082360][ T5836] usb 6-1: USB disconnect, device number 53
[  743.114933][ T5872] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  743.188176][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.199102][ T5872] usb 2-1: Product: syz
[  743.203534][ T5872] usb 2-1: Manufacturer: syz
[  743.211311][ T5872] usb 2-1: SerialNumber: syz
[  743.216285][T14380] FAULT_INJECTION: forcing a failure.
[  743.216285][T14380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  743.231123][T14380] CPU: 0 UID: 0 PID: 14380 Comm: syz.5.2248 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  743.241896][T14380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  743.251947][T14380] Call Trace:
[  743.255385][T14380]  <TASK>
[  743.258302][T14380]  dump_stack_lvl+0x16c/0x1f0
[  743.262968][T14380]  should_fail_ex+0x497/0x5b0
[  743.267651][T14380]  _copy_from_user+0x2e/0xd0
[  743.272228][T14380]  drm_ioctl+0x501/0xc00
[  743.276462][T14380]  ? __pfx_drm_mode_list_lessees_ioctl+0x10/0x10
[  743.282797][T14380]  ? __pfx_drm_ioctl+0x10/0x10
[  743.287544][T14380]  ? __pfx_lock_release+0x10/0x10
[  743.292574][T14380]  ? selinux_file_ioctl+0x180/0x270
[  743.297791][T14380]  ? selinux_file_ioctl+0xb4/0x270
[  743.302923][T14380]  ? __pfx_drm_ioctl+0x10/0x10
[  743.307702][T14380]  __x64_sys_ioctl+0x190/0x200
[  743.312482][T14380]  do_syscall_64+0xcd/0x250
[  743.316997][T14380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  743.323065][T14380] RIP: 0033:0x7fcccff7ff19
[  743.327721][T14380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  743.347320][T14380] RSP: 002b:00007fccd0d0d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  743.355748][T14380] RAX: ffffffffffffffda RBX: 00007fccd0145fa0 RCX: 00007fcccff7ff19
[  743.363697][T14380] RDX: 0000000020000240 RSI: 00000000c01064c7 RDI: 0000000000000003
[  743.371650][T14380] RBP: 00007fccd0d0d0a0 R08: 0000000000000000 R09: 0000000000000000
[  743.379601][T14380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  743.387727][T14380] R13: 0000000000000000 R14: 00007fccd0145fa0 R15: 00007ffc63c0a8a8
[  743.395687][T14380]  </TASK>
[  743.403529][T14362] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  743.505989][ T5872] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 48 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  743.522487][ T5872] usb 2-1: USB disconnect, device number 48
[  743.536713][T14384] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  743.543243][T14384] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  743.575594][T14384] vhci_hcd vhci_hcd.0: Device attached
[  743.577483][ T5872] usblp0: removed
[  743.804759][ T5836] vhci_hcd: vhci_device speed not set
[  743.860018][T14395] FAULT_INJECTION: forcing a failure.
[  743.860018][T14395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  743.879260][T14395] CPU: 1 UID: 0 PID: 14395 Comm: syz.1.2252 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  743.890049][T14395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  743.900109][T14395] Call Trace:
[  743.903396][T14395]  <TASK>
[  743.906330][T14395]  dump_stack_lvl+0x16c/0x1f0
[  743.911027][T14395]  should_fail_ex+0x497/0x5b0
[  743.915729][T14395]  _copy_to_user+0x32/0xd0
[  743.920159][T14395]  sctp_getsockopt+0x1b98/0x74a0
[  743.925111][T14395]  ? avc_has_perm_noaudit+0x119/0x3a0
[  743.930507][T14395]  ? __pfx_lock_release+0x10/0x10
[  743.935546][T14395]  ? trace_lock_acquire+0x14e/0x1f0
[  743.940766][T14395]  ? __pfx_sctp_getsockopt+0x10/0x10
[  743.946069][T14395]  ? __lock_acquire+0x15a9/0x3c40
[  743.951120][T14395]  ? __pfx___lock_acquire+0x10/0x10
[  743.956331][T14395]  ? hlock_class+0x4e/0x130
[  743.960857][T14395]  ? __lock_acquire+0xcc5/0x3c40
[  743.965808][T14395]  ? find_held_lock+0x2d/0x110
[  743.970576][T14395]  ? __might_fault+0x13b/0x190
[  743.975332][T14395]  ? __pfx_lock_release+0x10/0x10
[  743.980353][T14395]  ? trace_lock_acquire+0x14e/0x1f0
[  743.985542][T14395]  ? lock_acquire+0x2f/0xb0
[  743.990027][T14395]  ? __might_fault+0xe3/0x190
[  743.994691][T14395]  ? __might_fault+0xe3/0x190
[  743.999359][T14395]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  744.005239][T14395]  ? do_sock_getsockopt+0x3fe/0x800
[  744.010421][T14395]  do_sock_getsockopt+0x3fe/0x800
[  744.015433][T14395]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  744.020973][T14395]  ? lock_acquire+0x2f/0xb0
[  744.025485][T14395]  ? __fget_files+0x40/0x3a0
[  744.030079][T14395]  ? __fget_files+0x206/0x3a0
[  744.034746][T14395]  __sys_getsockopt+0x12f/0x260
[  744.039593][T14395]  __x64_sys_getsockopt+0xbd/0x160
[  744.044703][T14395]  ? do_syscall_64+0x91/0x250
[  744.049370][T14395]  ? lockdep_hardirqs_on+0x7c/0x110
[  744.054551][T14395]  do_syscall_64+0xcd/0x250
[  744.059042][T14395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.064919][T14395] RIP: 0033:0x7f654d57ff19
[  744.069309][T14395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.088897][T14395] RSP: 002b:00007f654e463058 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  744.097300][T14395] RAX: ffffffffffffffda RBX: 00007f654d745fa0 RCX: 00007f654d57ff19
[  744.105272][T14395] RDX: 0000000000000075 RSI: 0000000000000084 RDI: 0000000000000003
[  744.113220][T14395] RBP: 00007f654e4630a0 R08: 0000000020000040 R09: 0000000000000000
[  744.121170][T14395] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  744.129120][T14395] R13: 0000000000000000 R14: 00007f654d745fa0 R15: 00007fff9891a9c8
[  744.137078][T14395]  </TASK>
[  744.140195][    C1] vkms_vblank_simulate: vblank timer overrun
[  744.174350][ T5875] usb 3-1: USB disconnect, device number 63
[  744.180454][ T5836] usb 39-1: new low-speed USB device number 8 using vhci_hcd
[  744.464255][T14385] vhci_hcd: connection reset by peer
[  744.490867][   T12] vhci_hcd: stop threads
[  745.463372][   T12] vhci_hcd: release socket
[  745.467847][   T12] vhci_hcd: disconnect device
[  745.708055][T14409] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2256'.
[  746.677963][T14431] FAULT_INJECTION: forcing a failure.
[  746.677963][T14431] name failslab, interval 1, probability 0, space 0, times 0
[  746.690683][T14431] CPU: 0 UID: 0 PID: 14431 Comm: syz.5.2261 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  746.701447][T14431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  746.711499][T14431] Call Trace:
[  746.714774][T14431]  <TASK>
[  746.717703][T14431]  dump_stack_lvl+0x16c/0x1f0
[  746.722392][T14431]  should_fail_ex+0x497/0x5b0
[  746.727085][T14431]  ? fs_reclaim_acquire+0xae/0x150
[  746.732216][T14431]  should_failslab+0xc2/0x120
[  746.736901][T14431]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  746.742712][T14431]  ? __alloc_skb+0x2b1/0x380
[  746.747324][T14431]  __alloc_skb+0x2b1/0x380
[  746.751756][T14431]  ? __pfx___alloc_skb+0x10/0x10
[  746.756704][T14431]  ? irqentry_exit+0x3b/0x90
[  746.761305][T14431]  ? lockdep_hardirqs_on+0x7c/0x110
[  746.766518][T14431]  alloc_skb_with_frags+0xe4/0x850
[  746.771641][T14431]  sock_alloc_send_pskb+0x7f1/0x980
[  746.776851][T14431]  ? __might_fault+0xe3/0x190
[  746.781542][T14431]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  746.787275][T14431]  ? __pfx__copy_from_iter+0x10/0x10
[  746.792563][T14431]  ? release_sock+0x21/0x220
[  746.797154][T14431]  ? reacquire_held_locks+0x20b/0x4c0
[  746.802527][T14431]  ? release_sock+0x21/0x220
[  746.807123][T14431]  nfc_alloc_send_skb+0xa6/0x190
[  746.812074][T14431]  nfc_llcp_send_ui_frame+0x28a/0x520
[  746.817459][T14431]  ? __pfx_nfc_llcp_send_ui_frame+0x10/0x10
[  746.823369][T14431]  ? __local_bh_enable_ip+0xa4/0x120
[  746.828664][T14431]  llcp_sock_sendmsg+0x34b/0x460
[  746.833605][T14431]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  746.838898][T14431]  ____sys_sendmsg+0xaaf/0xc90
[  746.843672][T14431]  ? copy_msghdr_from_user+0x10b/0x160
[  746.849135][T14431]  ? __pfx_____sys_sendmsg+0x10/0x10
[  746.854427][T14431]  ? __lock_acquire+0xcc5/0x3c40
[  746.859381][T14431]  ___sys_sendmsg+0x135/0x1e0
[  746.864073][T14431]  ? __pfx____sys_sendmsg+0x10/0x10
[  746.869286][T14431]  ? trace_lock_acquire+0x14e/0x1f0
[  746.874515][T14431]  __sys_sendmmsg+0x201/0x420
[  746.879200][T14431]  ? __pfx___sys_sendmmsg+0x10/0x10
[  746.884424][T14431]  ? fput+0x67/0x440
[  746.888327][T14431]  ? ksys_write+0x1ba/0x250
[  746.892839][T14431]  __x64_sys_sendmmsg+0x9c/0x100
[  746.897782][T14431]  ? lockdep_hardirqs_on+0x7c/0x110
[  746.902980][T14431]  do_syscall_64+0xcd/0x250
[  746.907494][T14431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.913395][T14431] RIP: 0033:0x7fcccff7ff19
[  746.917810][T14431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.937427][T14431] RSP: 002b:00007fccd0ccb058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  746.945853][T14431] RAX: ffffffffffffffda RBX: 00007fccd0146160 RCX: 00007fcccff7ff19
[  746.953828][T14431] RDX: 0000000000000001 RSI: 0000000020000b00 RDI: 0000000000000007
[  746.961805][T14431] RBP: 00007fccd0ccb0a0 R08: 0000000000000000 R09: 0000000000000000
[  746.969780][T14431] R10: 000000000000c000 R11: 0000000000000246 R12: 0000000000000001
[  746.977746][T14431] R13: 0000000000000000 R14: 00007fccd0146160 R15: 00007ffc63c0a8a8
[  746.985724][T14431]  </TASK>
[  746.989581][T14431] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-105)
[  747.316442][ T5872] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  747.723845][ T5872] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  747.736411][ T5872] usb 4-1: config 7 has 1 interface, different from the descriptor's value: 2
[  747.759357][ T5872] usb 4-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  747.783790][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  747.791886][ T5872] usb 4-1: Product: syz
[  747.919607][ T5872] usb 4-1: SerialNumber: syz
[  747.942191][ T5872] option 4-1:7.0: GSM modem (1-port) converter detected
[  748.973683][ T5871] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  749.005761][T13959] Bluetooth: hci2: unexpected Set CIG Parameters response data
[  750.038155][T13959] Bluetooth: hci2: unexpected event for opcode 0x2062
[  752.056586][   T35] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 1
[  752.064831][   T12] Bluetooth: hci1: Frame reassembly failed (-84)
[  752.084796][ T5836] vhci_hcd: vhci_device speed not set
[  752.102984][ T5871] usb 6-1: device descriptor read/all, error -71
[  752.116570][  T827] usb 4-1: USB disconnect, device number 47
[  752.146292][  T827] option 4-1:7.0: device disconnected
[  752.484235][T14455] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2268'.
[  752.970185][T14457] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2269'.
[  752.979618][T14457] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2269'.
[  754.260642][T13959] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  754.260942][ T5831] Bluetooth: hci1: command 0x1003 tx timeout
[  754.351162][T13959] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  754.360554][T13959] Bluetooth: hci2: Injecting HCI hardware error event
[  754.370644][T13959] Bluetooth: hci2: hardware error 0x00
[  754.379401][   T29] audit: type=1400 audit(2000000470.075:628): avc:  denied  { ioctl } for  pid=14483 comm="syz.1.2277" path="socket:[41320]" dev="sockfs" ino=41320 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  754.729283][   T29] audit: type=1400 audit(2000000470.197:629): avc:  denied  { bind } for  pid=14487 comm="syz.1.2278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  755.286877][   T29] audit: type=1400 audit(2000000470.487:630): avc:  denied  { setopt } for  pid=14487 comm="syz.1.2278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  755.998221][T14490] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2279'.
[  756.007396][T14490] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2279'.
[  756.140084][T14503] hsr0: entered promiscuous mode
[  756.570204][T13112] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  756.618342][ T3507] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 0
[  757.024690][T13959] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  757.036187][   T35] Bluetooth: hci1: Frame reassembly failed (-84)
[  757.126581][T13112] usb 2-1: config index 0 descriptor too short (expected 4148, got 36)
[  757.134884][T13112] usb 2-1: config 0 has an invalid interface number: 161 but max is 0
[  757.143474][T13112] usb 2-1: config 0 has no interface number 0
[  757.149791][T13112] usb 2-1: config 0 interface 161 altsetting 0 endpoint 0xE has an invalid bInterval 172, changing to 11
[  757.175050][T13112] usb 2-1: config 0 interface 161 altsetting 0 endpoint 0xE has invalid maxpacket 1164, setting to 1024
[  757.197317][T13112] usb 2-1: config 0 interface 161 altsetting 0 endpoint 0xA has an invalid bInterval 177, changing to 7
[  757.229009][T13112] usb 2-1: config 0 interface 161 altsetting 0 endpoint 0xA has invalid maxpacket 9125, setting to 1024
[  757.275615][T13112] usb 2-1: New USB device found, idVendor=04f1, idProduct=3008, bcdDevice=4a.be
[  757.284825][T13112] usb 2-1: New USB device strings: Mfr=170, Product=233, SerialNumber=3
[  757.298872][T13112] usb 2-1: Product: syz
[  757.303051][T13112] usb 2-1: Manufacturer: syz
[  757.320892][T13112] usb 2-1: SerialNumber: syz
[  757.337931][T13112] usb 2-1: config 0 descriptor??
[  757.347044][T14500] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  757.737514][T13112] asix 2-1:0.161 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  758.399761][T13112] asix 2-1:0.161: probe with driver asix failed with error -71
[  758.424785][T13112] usb 2-1: USB disconnect, device number 49
[  758.468644][T14519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2286'.
[  758.477946][T14519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2286'.
[  759.221598][ T5831] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  759.233068][ T5129] Bluetooth: hci1: command 0x1003 tx timeout
[  760.180546][T14542] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2289'.
[  760.396594][T13112] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  760.679846][T13112] usb 6-1: Using ep0 maxpacket: 32
[  760.821276][T13112] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[  761.015085][T13112] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  761.024288][T13112] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  761.038065][T13112] usb 6-1: Product: syz
[  761.042244][T13112] usb 6-1: Manufacturer: syz
[  761.046844][T13112] usb 6-1: SerialNumber: syz
[  761.062716][T14541] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  761.063967][T14556] tc_dump_action: action bad kind
[  761.421696][T13112] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 56 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  761.616131][T13112] usb 6-1: USB disconnect, device number 56
[  761.762854][T13112] usblp0: removed
[  763.119535][T14590] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  763.912919][T14593] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2304'.
[  764.100892][T14598] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2305'.
[  764.234466][  T827] usb 1-1: new full-speed USB device number 44 using dummy_hcd
[  764.546599][  T827] usb 1-1: unable to get BOS descriptor or descriptor too short
[  764.554970][  T827] usb 1-1: not running at top speed; connect to a high speed hub
[  764.565559][  T827] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  764.580138][  T827] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  764.590752][  T827] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  764.604849][  T827] usb 1-1: config 1 has no interface number 1
[  764.611226][  T827] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x1 has invalid maxpacket 29443, setting to 64
[  764.630631][  T827] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  764.640364][  T827] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.653836][  T827] usb 1-1: Product: syz
[  764.671298][  T827] usb 1-1: Manufacturer: syz
[  764.691217][  T827] usb 1-1: SerialNumber: syz
[  764.802338][T14610] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2309'.
[  764.811345][T14610] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2309'.
[  764.970770][  T827] usb 1-1: USB disconnect, device number 44
[  765.032741][T14615] UHID_CREATE from different security context by process 1521 (syz.2.2310), this is not allowed.
[  765.853869][T14631] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2314'.
[  767.286153][T14645] program syz.0.2319 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  767.559236][  T827] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  767.711550][ T5836] usb 2-1: new full-speed USB device number 50 using dummy_hcd
[  767.736966][  T827] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  767.747549][  T827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.762691][T13112] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  767.803833][  T827] usb 1-1: config 0 descriptor??
[  767.813487][  T827] cp210x 1-1:0.0: cp210x converter detected
[  767.902523][ T5836] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  767.936479][ T5836] usb 2-1: config 0 has no interface number 0
[  767.942598][ T5836] usb 2-1: config 0 interface 41 has no altsetting 0
[  767.952675][ T5836] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  767.968754][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  767.979406][ T5836] usb 2-1: Product: syz
[  767.983802][ T5836] usb 2-1: Manufacturer: syz
[  767.996168][T13112] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  768.017918][T13112] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.028584][ T5836] usb 2-1: SerialNumber: syz
[  768.033766][T14645] overlayfs: overlapping lowerdir path
[  768.041384][T13112] usb 4-1: Product: syz
[  768.045563][T13112] usb 4-1: Manufacturer: syz
[  768.050343][T13112] usb 4-1: SerialNumber: syz
[  768.058806][T14645] libceph: resolve '00.' (ret=-3): failed
[  768.059544][ T5836] usb 2-1: config 0 descriptor??
[  768.088793][T13112] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  768.182370][ T5875] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  768.307596][  T827] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  768.325070][  T827] usb 1-1: cp210x converter now attached to ttyUSB0
[  768.539003][T14651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2320'.
[  768.566922][T14651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2320'.
[  768.580402][    T9] usb 1-1: USB disconnect, device number 45
[  768.588743][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  768.631815][    T9] cp210x 1-1:0.0: device disconnected
[  768.687100][ T5129] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  768.700656][ T5129] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  768.708495][ T5129] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  768.717131][ T5129] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  768.724710][ T5129] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  768.732431][ T5129] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  768.826929][   T29] audit: type=1326 audit(2000000483.583:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14647 comm="syz.1.2320" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x0
[  768.865109][    T9] usb 4-1: USB disconnect, device number 48
[  769.033818][T14655] chnl_net:caif_netlink_parms(): no params data found
[  769.157736][T14655] bridge0: port 1(bridge_slave_0) entered blocking state
[  769.172653][T14655] bridge0: port 1(bridge_slave_0) entered disabled state
[  769.181730][T14655] bridge_slave_0: entered allmulticast mode
[  769.213697][T14655] bridge_slave_0: entered promiscuous mode
[  769.254313][T14655] bridge0: port 2(bridge_slave_1) entered blocking state
[  769.269703][T14655] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.277379][T14655] bridge_slave_1: entered allmulticast mode
[  769.284183][T14655] bridge_slave_1: entered promiscuous mode
[  769.315303][T14655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  769.334691][T14655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  769.361452][T14655] team0: Port device team_slave_0 added
[  769.371314][T14655] team0: Port device team_slave_1 added
[  769.409405][T14655] batman_adv: batadv0: Adding interface: batadv_slave_0
[  769.423676][T14655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  769.480138][T14655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  769.496087][ T5875] usb 4-1: Service connection timeout for: 256
[  769.513684][ T5875] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[  769.528091][ T5875] ath9k_htc: Failed to initialize the device
[  769.695684][    T9] usb 4-1: ath9k_htc: USB layer deinitialized
[  769.716660][T14655] batman_adv: batadv0: Adding interface: batadv_slave_1
[  769.729062][T14655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  770.560631][ T5836] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  770.570286][ T5836] CoreChips 2-1:0.41: probe with driver CoreChips failed with error -71
[  770.604705][T14655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  770.817053][  T827] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  770.932811][ T5836] usb 2-1: USB disconnect, device number 50
[  770.947216][ T5831] Bluetooth: hci1: command tx timeout
[  771.463296][  T827] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  771.472248][  T827] usb 1-1: config 0 has no interface number 0
[  771.480118][  T827] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  771.491060][  T827] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.508502][  T827] usb 1-1: Product: syz
[  771.512683][  T827] usb 1-1: Manufacturer: syz
[  771.522223][  T827] usb 1-1: SerialNumber: syz
[  771.554088][  T827] usb 1-1: config 0 descriptor??
[  771.593377][T14655] hsr_slave_0: entered promiscuous mode
[  771.611474][T14680] netlink: 14 bytes leftover after parsing attributes in process `syz.5.2330'.
[  771.621487][T14655] hsr_slave_1: entered promiscuous mode
[  771.723530][   T29] audit: type=1400 audit(2000000486.248:632): avc:  denied  { read } for  pid=14679 comm="syz.5.2330" dev="sockfs" ino=40917 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  771.749438][  T827] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  771.872329][T14685] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2329'.
[  772.393171][T14680] random: crng reseeded on system resumption
[  772.412705][   T29] audit: type=1400 audit(2000000486.913:633): avc:  denied  { write } for  pid=14679 comm="syz.5.2330" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  772.506266][T14688] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2330'.
[  772.515932][   T29] audit: type=1400 audit(2000000486.913:634): avc:  denied  { open } for  pid=14679 comm="syz.5.2330" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  772.697654][T14655] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  772.720900][T14655] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  772.731017][T14655] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  772.745969][T14655] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  772.858459][T14655] 8021q: adding VLAN 0 to HW filter on device bond0
[  772.893462][T14655] 8021q: adding VLAN 0 to HW filter on device team0
[  772.907701][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  772.914860][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  772.954185][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  772.961348][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  772.974955][   T29] audit: type=1400 audit(2000000487.465:635): avc:  denied  { egress } for  pid=5836 comm="kworker/1:3" daddr=ff02::16 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  773.008409][   T29] audit: type=1400 audit(2000000487.465:636): avc:  denied  { sendto } for  pid=5836 comm="kworker/1:3" daddr=ff02::16 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  773.162724][ T5831] Bluetooth: hci1: command tx timeout
[  773.597780][ T5836] usb 1-1: USB disconnect, device number 46
[  773.722065][T14655] 8021q: adding VLAN 0 to HW filter on device batadv0
[  773.771367][T14706] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2335'.
[  775.187770][  T161] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1
[  775.447384][ T5129] Bluetooth: hci1: command tx timeout
[  775.486681][   T35] Bluetooth: hci4: Frame reassembly failed (-84)
[  776.220804][ T8484] Bluetooth: hci6: received HCILL_GO_TO_SLEEP_ACK in state 1
[  776.270465][ T8484] Bluetooth: hci6: Frame reassembly failed (-84)
[  776.613319][T14655] veth0_vlan: entered promiscuous mode
[  776.622885][T14655] veth1_vlan: entered promiscuous mode
[  776.740764][T14655] veth0_macvtap: entered promiscuous mode
[  776.755561][T14655] veth1_macvtap: entered promiscuous mode
[  776.793015][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  776.803752][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  776.846632][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  776.857543][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  776.867715][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  776.878620][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  776.888474][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  776.898929][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  776.909810][T14655] batman_adv: batadv0: Interface activated: batadv_slave_0
[  776.921041][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  776.992064][T14743] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2342'.
[  777.096335][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.171883][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.226515][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.298602][ T5831] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  777.458327][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.487641][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.503489][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.514171][ T5836] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  777.532905][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.543251][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.553856][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.569037][T14655] batman_adv: batadv0: Interface activated: batadv_slave_1
[  777.581745][T14655] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  777.590714][T14655] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  777.604419][T14655] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  777.614143][T14655] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  777.623853][ T5831] Bluetooth: hci1: command tx timeout
[  777.726409][  T161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  777.734309][  T161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  777.771078][ T5836] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  777.773093][  T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  777.780126][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  777.797811][  T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  777.800755][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  777.816925][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  777.824777][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  777.834095][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  777.845174][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  777.853136][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  777.868565][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  777.886401][   T29] audit: type=1400 audit(2000000492.039:637): avc:  denied  { mounton } for  pid=14655 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  777.898319][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  777.924858][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  777.934396][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  777.966931][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  777.982216][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  777.991313][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  777.992777][T14751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  778.007945][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  778.013633][T14751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  778.021285][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  778.029840][T14751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  778.050640][T14751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  778.052529][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  778.062697][T14751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  778.074013][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  778.089660][T14751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  778.099526][T14751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  778.111257][T14751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  778.121115][T14751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  778.132081][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  778.140975][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  778.152474][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  778.159132][T14751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  778.169060][T14751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  778.179922][T14751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  778.190057][ T5836] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  778.199548][ T5836] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  778.211548][ T5836] usb 2-1: config 0 interface 0 has no altsetting 0
[  778.246582][ T5836] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  778.271679][ T5836] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  778.280024][ T5836] usb 2-1: Product: syz
[  778.289791][ T5836] usb 2-1: Manufacturer: syz
[  778.296548][ T5836] usb 2-1: SerialNumber: syz
[  778.320461][ T5836] usb 2-1: config 0 descriptor??
[  778.330369][ T5836] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  778.379464][ T5129] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  778.579991][T14741] Invalid source name
[  778.612801][ T5902] usb 2-1: USB disconnect, device number 51
[  778.623861][ T5902] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  778.826093][ T5836] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  778.934014][ T5875] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  779.058706][ T5836] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  779.100359][ T5875] usb 6-1: device descriptor read/64, error -71
[  779.122576][ T5836] usb 1-1: config 0 has no interface number 0
[  779.143588][ T5836] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  779.156256][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.167823][ T5836] usb 1-1: Product: syz
[  779.186066][ T5836] usb 1-1: Manufacturer: syz
[  779.202193][ T5836] usb 1-1: SerialNumber: syz
[  779.223327][ T5836] usb 1-1: config 0 descriptor??
[  779.234887][ T5836] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  779.532720][ T5875] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  779.666389][   T35] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[  779.715946][ T5875] usb 6-1: device descriptor read/64, error -71
[  779.856299][ T3507] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  779.880822][ T3507] Bluetooth: hci4: Frame reassembly failed (-84)
[  779.973444][ T5875] usb usb6-port1: attempt power cycle
[  780.401737][ T5875] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  780.445916][ T5875] usb 6-1: device descriptor read/8, error -71
[  780.575954][T14782] tc_dump_action: action bad kind
[  780.622131][T14784] netlink: 'syz.1.2356': attribute type 4 has an invalid length.
[  780.815582][ T5875] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  780.939344][ T5875] usb 6-1: device descriptor read/8, error -71
[  781.075287][ T5875] usb usb6-port1: unable to enumerate USB device
[  781.727585][ T5875] usb 1-1: USB disconnect, device number 47
[  781.884666][ T5129] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  782.071480][ T5836] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  782.297054][ T5836] usb 2-1: config 0 has an invalid interface number: 114 but max is 0
[  782.408917][ T5836] usb 2-1: config 0 has no interface number 0
[  782.557568][ T5836] usb 2-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  782.574695][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.586277][ T5836] usb 2-1: Product: syz
[  782.590756][ T5836] usb 2-1: Manufacturer: syz
[  782.595581][ T5836] usb 2-1: SerialNumber: syz
[  782.603809][ T5836] usb 2-1: config 0 descriptor??
[  782.612420][ T5836] peak_usb 2-1:0.114: probe with driver peak_usb failed with error 114
[  782.842546][T14804] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2362'.
[  783.812221][   T25] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  783.991278][   T25] usb 6-1: Using ep0 maxpacket: 32
[  784.004037][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  784.015459][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  784.029856][   T25] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  784.049063][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.076833][   T25] usb 6-1: config 0 descriptor??
[  784.311704][ T5871] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  784.966216][ T5871] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  784.974604][ T5871] usb 1-1: config 0 has no interface number 0
[  784.992991][ T5871] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  784.997872][   T25] usbhid 6-1:0.0: can't add hid device: -71
[  785.002221][ T5871] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.015473][   T25] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  785.037730][ T5871] usb 1-1: Product: syz
[  785.046144][ T5871] usb 1-1: Manufacturer: syz
[  785.055293][ T5871] usb 1-1: SerialNumber: syz
[  785.075965][ T5871] usb 1-1: config 0 descriptor??
[  785.087005][   T25] usb 6-1: USB disconnect, device number 61
[  785.108071][ T5875] usb 2-1: USB disconnect, device number 52
[  785.135201][ T5871] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  786.213412][   T29] audit: type=1400 audit(2000000499.840:638): avc:  denied  { getopt } for  pid=14836 comm="syz.6.2369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  786.367945][T14839] bridge0: entered promiscuous mode
[  786.532290][   T25] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  786.703456][   T25] usb 2-1: Using ep0 maxpacket: 32
[  786.726261][   T25] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[  786.849732][   T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  786.948849][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.957107][   T25] usb 2-1: Product: syz
[  786.961404][   T25] usb 2-1: Manufacturer: syz
[  786.966113][   T25] usb 2-1: SerialNumber: syz
[  786.975345][T14834] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  787.209988][   T25] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 53 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  787.427151][    T9] usb 2-1: USB disconnect, device number 53
[  787.445368][T14838] bridge0: left promiscuous mode
[  787.477163][    T9] usblp0: removed
[  787.785891][ T5836] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[  788.187509][ T5836] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  788.196034][ T5836] usb 6-1: config 0 has no interface number 0
[  788.212874][ T5836] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  788.222704][ T5836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.233089][ T5836] usb 6-1: Product: syz
[  788.239501][ T5836] usb 6-1: Manufacturer: syz
[  788.244171][ T5836] usb 6-1: SerialNumber: syz
[  788.264811][   T25] usb 1-1: USB disconnect, device number 48
[  788.274206][ T5836] usb 6-1: config 0 descriptor??
[  788.282198][ T5836] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  788.364320][T14858] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1001 sclass=netlink_route_socket pid=14858 comm=syz.3.2375
[  788.382039][   T29] audit: type=1400 audit(2000000501.879:639): avc:  denied  { ioctl } for  pid=14857 comm="syz.3.2375" path="/dev/ptyqa" dev="devtmpfs" ino=129 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  788.472312][T14860] netlink: 'syz.3.2377': attribute type 4 has an invalid length.
[  789.493677][ T5871] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  791.087197][ T5871] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  791.096849][ T5871] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  791.110727][ T5871] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  791.119707][ T5871] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  791.131048][ T5871] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  791.179352][ T5871] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  791.188587][ T5871] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  791.196668][ T5871] usb 2-1: Product: syz
[  791.200906][ T5871] usb 2-1: Manufacturer: syz
[  791.362960][ T5871] cdc_wdm 2-1:1.0: skipping garbage
[  791.383906][ T5871] cdc_wdm 2-1:1.0: skipping garbage
[  791.406741][ T5871] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  791.421822][ T5871] cdc_wdm 2-1:1.0: Unknown control protocol
[  791.727328][ T5836] usb 2-1: USB disconnect, device number 54
[  792.790731][    T9] usb 6-1: USB disconnect, device number 62
[  792.869079][T14894] program syz.0.2385 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  793.144851][ T5836] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  793.368531][ T5836] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  793.379102][ T5836] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.395865][ T5836] usb 1-1: config 0 descriptor??
[  793.404273][ T5836] cp210x 1-1:0.0: cp210x converter detected
[  793.410042][T14909] netlink: 'syz.1.2390': attribute type 4 has an invalid length.
[  793.537453][   T25] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[  793.620135][T14894] libceph: resolve '00.' (ret=-3): failed
[  794.280235][ T5836] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  794.291260][ T5836] usb 1-1: cp210x converter now attached to ttyUSB0
[  794.329917][   T25] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  794.338108][   T25] usb 6-1: config 0 has no interface number 0
[  794.352800][   T25] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  794.362170][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.387835][   T25] usb 6-1: Product: syz
[  794.403299][   T25] usb 6-1: Manufacturer: syz
[  794.418892][   T25] usb 6-1: SerialNumber: syz
[  794.436331][T14914] FAULT_INJECTION: forcing a failure.
[  794.436331][T14914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  794.437876][   T25] usb 6-1: config 0 descriptor??
[  794.454619][T14914] CPU: 0 UID: 0 PID: 14914 Comm: syz.1.2391 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  794.465660][T14914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  794.475723][T14914] Call Trace:
[  794.479006][T14914]  <TASK>
[  794.479129][   T25] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  794.481924][T14914]  dump_stack_lvl+0x16c/0x1f0
[  794.481959][T14914]  should_fail_ex+0x497/0x5b0
[  794.499509][T14914]  _copy_from_user+0x2e/0xd0
[  794.504105][T14914]  l2cap_sock_setsockopt+0x182c/0x2230
[  794.509575][T14914]  ? __pfx_sock_has_perm+0x10/0x10
[  794.514683][T14914]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  794.521094][T14914]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[  794.526915][T14914]  ? selinux_socket_setsockopt+0x6a/0x80
[  794.532541][T14914]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[  794.538343][T14914]  do_sock_setsockopt+0x222/0x480
[  794.543363][T14914]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  794.548904][T14914]  ? lock_acquire+0x2f/0xb0
[  794.553413][T14914]  __sys_setsockopt+0x1a0/0x230
[  794.558258][T14914]  __x64_sys_setsockopt+0xbd/0x160
[  794.563364][T14914]  ? do_syscall_64+0x91/0x250
[  794.568045][T14914]  ? lockdep_hardirqs_on+0x7c/0x110
[  794.573240][T14914]  do_syscall_64+0xcd/0x250
[  794.577740][T14914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.583632][T14914] RIP: 0033:0x7f654d57ff19
[  794.588035][T14914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.607632][T14914] RSP: 002b:00007f654e463058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  794.616038][T14914] RAX: ffffffffffffffda RBX: 00007f654d745fa0 RCX: 00007f654d57ff19
[  794.624001][T14914] RDX: 0000000000000004 RSI: 0000000000000112 RDI: 0000000000000004
[  794.631960][T14914] RBP: 00007f654e4630a0 R08: 0000000000000002 R09: 0000000000000000
[  794.639920][T14914] R10: 00000000200041c0 R11: 0000000000000246 R12: 0000000000000001
[  794.647881][T14914] R13: 0000000000000000 R14: 00007f654d745fa0 R15: 00007fff9891a9c8
[  794.655853][T14914]  </TASK>
[  794.676736][ T5836] usb 1-1: USB disconnect, device number 49
[  794.679772][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  794.687490][ T5836] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  794.688987][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  794.745709][ T5836] cp210x 1-1:0.0: device disconnected
[  796.015552][ T5871] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  796.265839][ T5871] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  796.278503][ T5871] usb 4-1: config 0 has no interface number 0
[  796.293522][ T5871] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  796.320769][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  796.339312][ T5871] usb 4-1: Product: syz
[  796.344331][ T5871] usb 4-1: Manufacturer: syz
[  796.349648][ T5871] usb 4-1: SerialNumber: syz
[  796.360695][ T5871] usb 4-1: config 0 descriptor??
[  796.376581][ T5871] peak_usb 4-1:0.114: probe with driver peak_usb failed with error 114
[  797.612598][    T8] usb 6-1: USB disconnect, device number 63
[  797.637565][T14940] syz.6.2398: attempt to access beyond end of device
[  797.637565][T14940] nbd6: rw=0, sector=64, nr_sectors = 1 limit=0
[  797.753222][T14940] syz.6.2398: attempt to access beyond end of device
[  797.753222][T14940] nbd6: rw=0, sector=256, nr_sectors = 1 limit=0
[  797.782558][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  797.820580][T14940] syz.6.2398: attempt to access beyond end of device
[  797.820580][T14940] nbd6: rw=0, sector=512, nr_sectors = 1 limit=0
[  797.872939][T14953] FAULT_INJECTION: forcing a failure.
[  797.872939][T14953] name failslab, interval 1, probability 0, space 0, times 0
[  797.887056][T14953] CPU: 0 UID: 0 PID: 14953 Comm: syz.5.2402 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  797.899534][T14953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  797.899554][T14953] Call Trace:
[  797.899562][T14953]  <TASK>
[  797.899571][T14953]  dump_stack_lvl+0x16c/0x1f0
[  797.920695][T14953]  should_fail_ex+0x497/0x5b0
[  797.925393][T14953]  ? fs_reclaim_acquire+0xae/0x150
[  797.930535][T14953]  should_failslab+0xc2/0x120
[  797.935227][T14953]  __kmalloc_noprof+0xcb/0x510
[  797.940003][T14953]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  797.945656][T14953]  tomoyo_realpath_from_path+0xb9/0x720
[  797.951218][T14953]  ? tomoyo_path_number_perm+0x235/0x590
[  797.956862][T14953]  ? tomoyo_path_number_perm+0x235/0x590
[  797.962518][T14953]  tomoyo_path_number_perm+0x248/0x590
[  797.967993][T14953]  ? tomoyo_path_number_perm+0x235/0x590
[  797.973638][T14953]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  797.979643][T14953]  ? __pfx_lock_release+0x10/0x10
[  797.984673][T14953]  ? trace_lock_acquire+0x14e/0x1f0
[  797.989877][T14953]  ? lock_acquire+0x2f/0xb0
[  797.994371][T14953]  ? __fget_files+0x40/0x3a0
[  797.998958][T14953]  ? __fget_files+0x206/0x3a0
[  798.003631][T14953]  security_file_ioctl+0x9b/0x240
[  798.008653][T14953]  __x64_sys_ioctl+0xb7/0x200
[  798.013331][T14953]  do_syscall_64+0xcd/0x250
[  798.017833][T14953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.023723][T14953] RIP: 0033:0x7fcccff7ff19
[  798.028128][T14953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.047734][T14953] RSP: 002b:00007fccd0d0d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  798.056146][T14953] RAX: ffffffffffffffda RBX: 00007fccd0145fa0 RCX: 00007fcccff7ff19
[  798.064113][T14953] RDX: 0000000020000540 RSI: 00000000c06864a2 RDI: 0000000000000003
[  798.072075][T14953] RBP: 00007fccd0d0d0a0 R08: 0000000000000000 R09: 0000000000000000
[  798.080035][T14953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  798.087996][T14953] R13: 0000000000000000 R14: 00007fccd0145fa0 R15: 00007ffc63c0a8a8
[  798.095970][T14953]  </TASK>
[  798.100284][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  798.126191][T14940] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  798.133099][T14953] ERROR: Out of memory at tomoyo_realpath_from_path.
[  798.133747][T14940] UDF-fs: Scanning with blocksize 512 failed
[  798.160126][T14940] syz.6.2398: attempt to access beyond end of device
[  798.160126][T14940] nbd6: rw=0, sector=64, nr_sectors = 2 limit=0
[  798.184252][T14940] syz.6.2398: attempt to access beyond end of device
[  798.184252][T14940] nbd6: rw=0, sector=512, nr_sectors = 2 limit=0
[  798.198173][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  798.207860][T14940] syz.6.2398: attempt to access beyond end of device
[  798.207860][T14940] nbd6: rw=0, sector=1024, nr_sectors = 2 limit=0
[  798.221209][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  798.230859][T14940] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  798.238488][T14940] UDF-fs: Scanning with blocksize 1024 failed
[  798.245635][T14940] syz.6.2398: attempt to access beyond end of device
[  798.245635][T14940] nbd6: rw=0, sector=64, nr_sectors = 4 limit=0
[  798.251151][T14959] FAULT_INJECTION: forcing a failure.
[  798.251151][T14959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  798.258675][T14940] syz.6.2398: attempt to access beyond end of device
[  798.258675][T14940] nbd6: rw=0, sector=1024, nr_sectors = 4 limit=0
[  798.284682][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  798.296742][T14940] syz.6.2398: attempt to access beyond end of device
[  798.296742][T14940] nbd6: rw=0, sector=2048, nr_sectors = 4 limit=0
[  798.309808][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  798.319460][T14940] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  798.327219][T14940] UDF-fs: Scanning with blocksize 2048 failed
[  798.333444][T14959] CPU: 0 UID: 0 PID: 14959 Comm: syz.5.2404 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  798.335093][T14940] syz.6.2398: attempt to access beyond end of device
[  798.335093][T14940] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[  798.344205][T14959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  798.344220][T14959] Call Trace:
[  798.344226][T14959]  <TASK>
[  798.344235][T14959]  dump_stack_lvl+0x16c/0x1f0
[  798.357188][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  798.366995][T14959]  should_fail_ex+0x497/0x5b0
[  798.367030][T14959]  _copy_from_user+0x2e/0xd0
[  798.370451][T14940] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  798.373186][T14959]  copy_msghdr_from_user+0x99/0x160
[  798.377877][T14940] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  798.387261][T14959]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  798.387295][T14959]  ___sys_sendmsg+0xff/0x1e0
[  798.387317][T14959]  ? __pfx____sys_sendmsg+0x10/0x10
[  798.387348][T14959]  ? __pfx_lock_release+0x10/0x10
[  798.387369][T14959]  ? trace_lock_acquire+0x14e/0x1f0
[  798.392091][T14940] UDF-fs: Scanning with blocksize 4096 failed
[  798.396580][T14959]  ? __fget_files+0x206/0x3a0
[  798.396608][T14959]  __sys_sendmsg+0x16e/0x220
[  798.396630][T14959]  ? __pfx___sys_sendmsg+0x10/0x10
[  798.396665][T14959]  do_syscall_64+0xcd/0x250
[  798.396692][T14959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.396719][T14959] RIP: 0033:0x7fcccff7ff19
[  798.396737][T14959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.396757][T14959] RSP: 002b:00007fccd0d0d058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  798.396778][T14959] RAX: ffffffffffffffda RBX: 00007fccd0145fa0 RCX: 00007fcccff7ff19
[  798.396793][T14959] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[  798.396807][T14959] RBP: 00007fccd0d0d0a0 R08: 0000000000000000 R09: 0000000000000000
[  798.396820][T14959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  798.396834][T14959] R13: 0000000000000000 R14: 00007fccd0145fa0 R15: 00007ffc63c0a8a8
[  798.396860][T14959]  </TASK>
[  798.406619][T14940] UDF-fs: warning (device nbd6): udf_fill_super: No partition found (1)
[  798.988931][   T25] usb 4-1: USB disconnect, device number 49
[  800.197660][    T9] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  800.248305][T14976] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2409'.
[  800.258061][T14976] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2409'.
[  800.359972][    T9] usb 4-1: Using ep0 maxpacket: 32
[  800.367578][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[  800.416737][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  800.426281][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.434503][    T9] usb 4-1: Product: syz
[  800.438699][    T9] usb 4-1: Manufacturer: syz
[  800.454677][    T9] usb 4-1: SerialNumber: syz
[  800.499238][T14986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2407'.
[  800.536387][T14979] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  800.771624][    T9] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 50 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  801.557803][    T9] usb 4-1: USB disconnect, device number 50
[  801.567481][    T9] usblp0: removed
[  802.774139][   T29] audit: type=1400 audit(2000000515.330:640): avc:  denied  { ioctl } for  pid=15006 comm="syz.1.2418" path="socket:[42767]" dev="sockfs" ino=42767 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  802.859679][   T29] audit: type=1400 audit(2000000515.330:641): avc:  denied  { audit_write } for  pid=15006 comm="syz.1.2418" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  802.880830][    C0] vkms_vblank_simulate: vblank timer overrun
[  802.950172][T15016] binder: 15009:15016 ioctl 40a85323 20000240 returned -22
[  802.967236][T15016] binder: BINDER_SET_CONTEXT_MGR already set
[  802.973291][T15016] binder: 15009:15016 ioctl 4018620d 20000100 returned -16
[  803.366118][   T29] audit: type=1400 audit(2000000515.517:642): avc:  denied  { remount } for  pid=15009 comm="syz.0.2419" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  803.779332][ T5831] Bluetooth: hci5: command 0x0405 tx timeout
[  804.014371][ T5836] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  804.046280][   T25] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  804.123343][T15033] FAULT_INJECTION: forcing a failure.
[  804.123343][T15033] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  804.160708][T15033] CPU: 0 UID: 0 PID: 15033 Comm: syz.3.2425 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  804.171493][T15033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  804.181557][T15033] Call Trace:
[  804.184838][T15033]  <TASK>
[  804.187778][T15033]  dump_stack_lvl+0x16c/0x1f0
[  804.192473][T15033]  should_fail_ex+0x497/0x5b0
[  804.197171][T15033]  _copy_from_user+0x2e/0xd0
[  804.201778][T15033]  __sys_bpf+0x21c/0x49c0
[  804.206132][T15033]  ? __pfx_lock_release+0x10/0x10
[  804.211174][T15033]  ? __pfx___sys_bpf+0x10/0x10
[  804.215957][T15033]  ? vfs_write+0x306/0x1150
[  804.220478][T15033]  ? __mutex_unlock_slowpath+0x164/0x690
[  804.226144][T15033]  ? fput+0x67/0x440
[  804.230050][T15033]  ? ksys_write+0x1ba/0x250
[  804.234560][T15033]  ? __pfx_ksys_write+0x10/0x10
[  804.239432][T15033]  __x64_sys_bpf+0x78/0xc0
[  804.243868][T15033]  ? lockdep_hardirqs_on+0x7c/0x110
[  804.249081][T15033]  do_syscall_64+0xcd/0x250
[  804.253606][T15033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.259513][T15033] RIP: 0033:0x7f889197ff19
[  804.260369][   T25] usb 2-1: Using ep0 maxpacket: 32
[  804.263916][T15033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  804.263939][T15033] RSP: 002b:00007f889272c058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  804.263959][T15033] RAX: ffffffffffffffda RBX: 00007f8891b45fa0 RCX: 00007f889197ff19
[  804.263972][T15033] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  804.263985][T15033] RBP: 00007f889272c0a0 R08: 0000000000000000 R09: 0000000000000000
[  804.263999][T15033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  804.281798][ T5836] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  804.288658][T15033] R13: 0000000000000000 R14: 00007f8891b45fa0 R15: 00007ffc64b8bce8
[  804.288689][T15033]  </TASK>
[  804.288708][    C0] vkms_vblank_simulate: vblank timer overrun
[  804.366825][   T25] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[  804.392307][   T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  804.402364][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  804.420415][   T25] usb 2-1: Product: syz
[  804.424599][   T25] usb 2-1: Manufacturer: syz
[  804.429203][   T25] usb 2-1: SerialNumber: syz
[  804.440234][ T5836] usb 1-1: config 0 has no interface number 0
[  804.448725][ T5836] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  804.470788][T15026] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  804.481288][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  804.500167][ T5836] usb 1-1: Product: syz
[  804.507175][ T5836] usb 1-1: Manufacturer: syz
[  804.513719][ T5836] usb 1-1: SerialNumber: syz
[  804.531490][ T5836] usb 1-1: config 0 descriptor??
[  804.545708][ T5836] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  804.655588][    T8] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  804.694587][   T25] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 55 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  804.818120][    T8] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  804.829098][    T8] usb 4-1: config 0 has no interface number 0
[  804.837177][    T8] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  804.846717][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  804.855373][    T8] usb 4-1: Product: syz
[  804.860051][    T8] usb 4-1: Manufacturer: syz
[  804.864708][    T8] usb 4-1: SerialNumber: syz
[  804.876974][    T8] usb 4-1: config 0 descriptor??
[  804.896142][    T8] peak_usb 4-1:0.114: probe with driver peak_usb failed with error 114
[  804.913744][    T9] usb 2-1: USB disconnect, device number 55
[  804.926787][    T9] usblp0: removed
[  807.022794][   T25] usb 1-1: USB disconnect, device number 50
[  807.796686][   T25] usb 4-1: USB disconnect, device number 51
[  808.474921][T15065] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2432'.
[  808.484096][T15065] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2432'.
[  808.526755][T15068] FAULT_INJECTION: forcing a failure.
[  808.526755][T15068] name failslab, interval 1, probability 0, space 0, times 0
[  808.575468][T15068] CPU: 1 UID: 0 PID: 15068 Comm: syz.6.2434 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  808.586230][T15068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  808.596265][T15068] Call Trace:
[  808.599524][T15068]  <TASK>
[  808.602436][T15068]  dump_stack_lvl+0x16c/0x1f0
[  808.607098][T15068]  should_fail_ex+0x497/0x5b0
[  808.611762][T15068]  ? fs_reclaim_acquire+0xae/0x150
[  808.616869][T15068]  should_failslab+0xc2/0x120
[  808.621528][T15068]  __kmalloc_noprof+0xcb/0x510
[  808.626277][T15068]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  808.631893][T15068]  tomoyo_realpath_from_path+0xb9/0x720
[  808.637422][T15068]  ? tomoyo_path_number_perm+0x235/0x590
[  808.643035][T15068]  ? tomoyo_path_number_perm+0x235/0x590
[  808.648648][T15068]  tomoyo_path_number_perm+0x248/0x590
[  808.654090][T15068]  ? tomoyo_path_number_perm+0x235/0x590
[  808.659709][T15068]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  808.665688][T15068]  ? __pfx_lock_release+0x10/0x10
[  808.670706][T15068]  ? trace_lock_acquire+0x14e/0x1f0
[  808.675895][T15068]  ? lock_acquire+0x2f/0xb0
[  808.680376][T15068]  ? __fget_files+0x40/0x3a0
[  808.684945][T15068]  ? __fget_files+0x206/0x3a0
[  808.689606][T15068]  security_file_ioctl+0x9b/0x240
[  808.694614][T15068]  __x64_sys_ioctl+0xb7/0x200
[  808.699279][T15068]  do_syscall_64+0xcd/0x250
[  808.703764][T15068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.709638][T15068] RIP: 0033:0x7f50ba77ff19
[  808.714034][T15068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  808.733619][T15068] RSP: 002b:00007f50bb56f058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  808.742017][T15068] RAX: ffffffffffffffda RBX: 00007f50ba945fa0 RCX: 00007f50ba77ff19
[  808.749965][T15068] RDX: 0000000020000400 RSI: 00000000c008561c RDI: 0000000000000004
[  808.757919][T15068] RBP: 00007f50bb56f0a0 R08: 0000000000000000 R09: 0000000000000000
[  808.765882][T15068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  808.773834][T15068] R13: 0000000000000000 R14: 00007f50ba945fa0 R15: 00007fffceb275c8
[  808.781790][T15068]  </TASK>
[  809.055346][T15068] ERROR: Out of memory at tomoyo_realpath_from_path.
[  809.150505][T15070] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  809.239945][T15081] bridge0: entered promiscuous mode
[  809.302517][   T29] audit: type=1400 audit(2000000521.448:643): avc:  denied  { write } for  pid=15069 comm="syz.0.2435" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  809.498489][    T9] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[  809.553978][T15091] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2442'.
[  809.596984][T15091] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2442'.
[  809.637765][    T9] usb 6-1: device descriptor read/64, error -71
[  809.910379][    T9] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[  809.979714][   T29] audit: type=1400 audit(2000000522.084:644): avc:  denied  { write } for  pid=15097 comm="syz.3.2444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  810.080283][    T9] usb 6-1: device descriptor read/64, error -71
[  810.202122][T15102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2441'.
[  810.212027][    T9] usb usb6-port1: attempt power cycle
[  810.686546][T15080] bridge0: left promiscuous mode
[  810.940176][    T9] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[  810.966392][T15105] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2445'.
[  811.108929][    T9] usb 6-1: device descriptor read/8, error -71
[  811.247303][T15107] FAULT_INJECTION: forcing a failure.
[  811.247303][T15107] name failslab, interval 1, probability 0, space 0, times 0
[  811.264542][T15107] CPU: 1 UID: 0 PID: 15107 Comm: syz.3.2446 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  811.275312][T15107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  811.285379][T15107] Call Trace:
[  811.288670][T15107]  <TASK>
[  811.291608][T15107]  dump_stack_lvl+0x16c/0x1f0
[  811.296308][T15107]  should_fail_ex+0x497/0x5b0
[  811.300993][T15107]  ? fs_reclaim_acquire+0xae/0x150
[  811.306095][T15107]  should_failslab+0xc2/0x120
[  811.310763][T15107]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  811.316562][T15107]  ? __alloc_skb+0x2b1/0x380
[  811.321140][T15107]  __alloc_skb+0x2b1/0x380
[  811.325539][T15107]  ? __pfx___alloc_skb+0x10/0x10
[  811.330479][T15107]  ? inode_security+0x101/0x130
[  811.335329][T15107]  ? avc_policy_seqno+0x9/0x20
[  811.340071][T15107]  ? selinux_file_permission+0x11f/0x580
[  811.345690][T15107]  ppp_write+0xbd/0x3e0
[  811.349829][T15107]  ? rw_verify_area+0xd0/0x700
[  811.354580][T15107]  ? __pfx_ppp_write+0x10/0x10
[  811.359324][T15107]  vfs_writev+0x6da/0xdd0
[  811.363628][T15107]  ? __pfx___lock_acquire+0x10/0x10
[  811.368804][T15107]  ? find_held_lock+0x2d/0x110
[  811.373553][T15107]  ? __pfx_vfs_writev+0x10/0x10
[  811.378382][T15107]  ? __fget_files+0x1fc/0x3a0
[  811.383068][T15107]  ? __pfx_lock_release+0x10/0x10
[  811.388079][T15107]  ? __fget_files+0x206/0x3a0
[  811.392743][T15107]  ? do_pwritev+0x1b1/0x270
[  811.397233][T15107]  do_pwritev+0x1b1/0x270
[  811.401546][T15107]  ? __pfx_do_pwritev+0x10/0x10
[  811.406399][T15107]  do_syscall_64+0xcd/0x250
[  811.410887][T15107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.416761][T15107] RIP: 0033:0x7f889197ff19
[  811.421156][T15107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.440745][T15107] RSP: 002b:00007f889272c058 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  811.449144][T15107] RAX: ffffffffffffffda RBX: 00007f8891b45fa0 RCX: 00007f889197ff19
[  811.457103][T15107] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000003
[  811.465053][T15107] RBP: 00007f889272c0a0 R08: 0000000000000001 R09: 0000000000000000
[  811.473004][T15107] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[  811.480954][T15107] R13: 0000000000000000 R14: 00007f8891b45fa0 R15: 00007ffc64b8bce8
[  811.488913][T15107]  </TASK>
[  811.572129][T15112] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2449'.
[  811.593545][T15112] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  811.636872][    T9] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[  811.684177][    T9] usb 6-1: device descriptor read/8, error -71
[  811.808362][    T9] usb usb6-port1: unable to enumerate USB device
[  811.903963][ T5875] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  812.090399][ T5875] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  812.098747][ T5875] usb 1-1: config 0 has no interface number 0
[  812.115812][ T5875] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  812.133928][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.142407][ T5875] usb 1-1: Product: syz
[  812.148101][ T5875] usb 1-1: Manufacturer: syz
[  812.153299][ T5875] usb 1-1: SerialNumber: syz
[  812.159773][ T5875] usb 1-1: config 0 descriptor??
[  812.170189][ T5875] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  812.370953][T15123] tc_dump_action: action bad kind
[  813.565133][T15136] netlink: 'syz.3.2456': attribute type 4 has an invalid length.
[  814.626547][T15146] FAULT_INJECTION: forcing a failure.
[  814.626547][T15146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  814.640829][T15146] CPU: 0 UID: 0 PID: 15146 Comm: syz.1.2459 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  814.651617][T15146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  814.661676][T15146] Call Trace:
[  814.664938][T15146]  <TASK>
[  814.667849][T15146]  dump_stack_lvl+0x16c/0x1f0
[  814.672549][T15146]  should_fail_ex+0x497/0x5b0
[  814.677216][T15146]  _copy_from_user+0x2e/0xd0
[  814.681793][T15146]  __sys_bpf+0x21c/0x49c0
[  814.686108][T15146]  ? __pfx_lock_release+0x10/0x10
[  814.691134][T15146]  ? __pfx___sys_bpf+0x10/0x10
[  814.695885][T15146]  ? vfs_write+0x306/0x1150
[  814.700370][T15146]  ? __mutex_unlock_slowpath+0x164/0x690
[  814.706013][T15146]  ? fput+0x67/0x440
[  814.709925][T15146]  ? ksys_write+0x1ba/0x250
[  814.714436][T15146]  ? __pfx_ksys_write+0x10/0x10
[  814.719303][T15146]  __x64_sys_bpf+0x78/0xc0
[  814.723736][T15146]  ? lockdep_hardirqs_on+0x7c/0x110
[  814.728954][T15146]  do_syscall_64+0xcd/0x250
[  814.733474][T15146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.739384][T15146] RIP: 0033:0x7f654d57ff19
[  814.743808][T15146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  814.763422][T15146] RSP: 002b:00007f654e463058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  814.771845][T15146] RAX: ffffffffffffffda RBX: 00007f654d745fa0 RCX: 00007f654d57ff19
[  814.779829][T15146] RDX: 0000000000000094 RSI: 0000000020000680 RDI: 0000000000000005
[  814.787806][T15146] RBP: 00007f654e4630a0 R08: 0000000000000000 R09: 0000000000000000
[  814.795790][T15146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.803775][T15146] R13: 0000000000000000 R14: 00007f654d745fa0 R15: 00007fff9891a9c8
[  814.811771][T15146]  </TASK>
[  814.814848][    C0] vkms_vblank_simulate: vblank timer overrun
[  815.041768][ T5871] usb 1-1: USB disconnect, device number 51
[  815.677014][T15154] FAULT_INJECTION: forcing a failure.
[  815.677014][T15154] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  815.686379][T15155] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2461'.
[  815.690774][   T29] audit: type=1400 audit(2000000527.406:645): avc:  denied  { write } for  pid=15152 comm="syz.1.2461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  815.718123][T15154] CPU: 1 UID: 0 PID: 15154 Comm: syz.3.2462 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  815.730535][T15154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  815.740592][T15154] Call Trace:
[  815.743876][T15154]  <TASK>
[  815.746812][T15154]  dump_stack_lvl+0x16c/0x1f0
[  815.751502][T15154]  should_fail_ex+0x497/0x5b0
[  815.756195][T15154]  _copy_from_user+0x2e/0xd0
[  815.760782][T15154]  copy_msghdr_from_user+0x99/0x160
[  815.765975][T15154]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  815.771784][T15154]  ___sys_sendmsg+0xff/0x1e0
[  815.776366][T15154]  ? __pfx____sys_sendmsg+0x10/0x10
[  815.781565][T15154]  ? __pfx_lock_release+0x10/0x10
[  815.786582][T15154]  ? trace_lock_acquire+0x14e/0x1f0
[  815.791791][T15154]  ? __fget_files+0x206/0x3a0
[  815.796468][T15154]  __sys_sendmsg+0x16e/0x220
[  815.801055][T15154]  ? __pfx___sys_sendmsg+0x10/0x10
[  815.806178][T15154]  do_syscall_64+0xcd/0x250
[  815.810681][T15154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.816578][T15154] RIP: 0033:0x7f889197ff19
[  815.820984][T15154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.840584][T15154] RSP: 002b:00007f889272c058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  815.848992][T15154] RAX: ffffffffffffffda RBX: 00007f8891b45fa0 RCX: 00007f889197ff19
[  815.856953][T15154] RDX: 0000000000000000 RSI: 0000000020004f40 RDI: 0000000000000004
[  815.864914][T15154] RBP: 00007f889272c0a0 R08: 0000000000000000 R09: 0000000000000000
[  815.872875][T15154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.880835][T15154] R13: 0000000000000000 R14: 00007f8891b45fa0 R15: 00007ffc64b8bce8
[  815.888809][T15154]  </TASK>
[  815.905279][   T29] audit: type=1400 audit(2000000527.406:646): avc:  denied  { nlmsg_read } for  pid=15152 comm="syz.1.2461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  816.204691][T15168] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2466'.
[  816.415333][T15169] No source specified
[  817.145542][T15173] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2468'.
[  817.425847][T15177] netlink: 'syz.0.2469': attribute type 4 has an invalid length.
[  817.924798][   T29] audit: type=1400 audit(2000000529.511:647): avc:  denied  { write } for  pid=15178 comm="syz.3.2470" name="vlan0" dev="proc" ino=4026533802 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  817.960506][T15179] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2470'.
[  817.970411][T15179] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2470'.
[  818.050988][   T29] audit: type=1400 audit(2000000529.623:648): avc:  denied  { accept } for  pid=15184 comm="syz.5.2472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  818.241692][T15188] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2473'.
[  818.264779][ T5875] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  818.395963][   T68] Bluetooth: hci4: Frame reassembly failed (-84)
[  818.575418][ T5875] usb 2-1: Using ep0 maxpacket: 8
[  818.605414][ T5875] usb 2-1: New USB device found, idVendor=0c45, idProduct=613b, bcdDevice=c4.6d
[  818.614869][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.623095][ T5875] usb 2-1: Product: syz
[  818.627482][ T5875] usb 2-1: Manufacturer: syz
[  818.632643][ T5875] usb 2-1: SerialNumber: syz
[  818.668914][ T5875] usb 2-1: config 0 descriptor??
[  818.673953][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  818.807389][ T5875] gspca_main: sonixj-2.14.0 probing 0c45:613b
[  819.075427][   T29] audit: type=1400 audit(2000000530.586:649): avc:  denied  { name_bind } for  pid=15197 comm="syz.3.2476" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  819.099314][   T29] audit: type=1400 audit(2000000530.615:650): avc:  denied  { name_connect } for  pid=15197 comm="syz.3.2476" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  819.105605][    T9] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  819.132343][T15198] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  819.309908][    T9] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  819.322146][    T9] usb 1-1: config 0 has no interface number 0
[  820.200445][ T5875] gspca_sonixj: reg_r err -110
[  820.205656][ T5875] sonixj 2-1:0.0: probe with driver sonixj failed with error -110
[  820.473394][T15209] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  820.564119][ T5831] Bluetooth: hci4: command 0x1003 tx timeout
[  820.615322][ T5129] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  820.661414][    T9] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  820.682927][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.690959][    T9] usb 1-1: Product: syz
[  820.695197][    T9] usb 1-1: Manufacturer: syz
[  820.699807][    T9] usb 1-1: SerialNumber: syz
[  820.774963][    T9] usb 1-1: config 0 descriptor??
[  820.799325][    T9] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  820.845366][T15213] bridge0: entered promiscuous mode
[  821.281131][T15216] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2483'.
[  821.290086][T15216] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2483'.
[  821.337865][T15218] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2482'.
[  822.339789][T15212] bridge0: left promiscuous mode
[  822.583422][ T5875] usb 2-1: USB disconnect, device number 56
[  822.652433][T15241] netlink: 'syz.6.2486': attribute type 4 has an invalid length.
[  823.482937][    T9] usb 6-1: new high-speed USB device number 68 using dummy_hcd
[  823.648124][    T9] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  823.656675][    T9] usb 6-1: config 0 has no interface number 0
[  823.665000][    T9] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  823.676869][T15252] SELinux:  Context system_u: is not valid (left unmapped).
[  823.677661][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.709545][    T9] usb 6-1: Product: syz
[  823.718445][    T9] usb 6-1: Manufacturer: syz
[  823.731274][    T9] usb 6-1: SerialNumber: syz
[  823.754636][    T9] usb 6-1: config 0 descriptor??
[  823.846845][    T9] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  824.495278][   T12] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[  824.550846][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  824.568458][   T29] audit: type=1400 audit(2000000535.722:651): avc:  denied  { append } for  pid=15250 comm="syz.6.2492" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  824.591758][T15252] usb usb1: usbfs: process 15252 (syz.6.2492) did not claim interface 0 before use
[  824.757026][ T5875] usb 1-1: USB disconnect, device number 52
[  825.508041][T15263] nfs: Unknown parameter 'ÿÿ'
[  826.423099][T15280] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2497'.
[  826.549115][    T9] usb 6-1: USB disconnect, device number 68
[  826.598137][T15282] bridge0: entered promiscuous mode
[  826.721277][ T5129] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  827.502081][T15281] bridge0: left promiscuous mode
[  828.166850][T13112] usb 6-1: new high-speed USB device number 69 using dummy_hcd
[  828.374959][T13112] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  828.757258][   T68] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1
[  828.769798][T13112] usb 6-1: config 0 has no interface number 0
[  828.789159][T13112] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  828.790845][   T68] Bluetooth: hci4: Frame reassembly failed (-84)
[  828.798294][T13112] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  828.813132][T13112] usb 6-1: Product: syz
[  828.817614][T13112] usb 6-1: Manufacturer: syz
[  828.822294][T13112] usb 6-1: SerialNumber: syz
[  828.841203][T13112] usb 6-1: config 0 descriptor??
[  828.875259][T13112] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  829.323433][T15307] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2507'.
[  829.332411][T15307] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2507'.
[  830.466679][ T5831] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  830.550295][T15320] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2509'.
[  830.923705][    T9] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  831.251314][    T9] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  831.252167][T15324] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2511'.
[  831.268494][T15324] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2511'.
[  831.281104][T15329] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2512'.
[  831.307326][    T9] usb 4-1: config 0 has no interface number 0
[  831.315351][    T9] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  831.324868][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.343513][    T9] usb 4-1: Product: syz
[  831.366598][    T9] usb 4-1: Manufacturer: syz
[  831.376318][    T9] usb 4-1: SerialNumber: syz
[  831.393699][    T9] usb 4-1: config 0 descriptor??
[  831.404744][    T9] peak_usb 4-1:0.114: probe with driver peak_usb failed with error 114
[  832.619257][T15338] bridge0: entered promiscuous mode
[  832.943242][T13112] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  833.149986][T13112] usb 2-1: config 0 has an invalid interface number: 114 but max is 0
[  833.202425][T13112] usb 2-1: config 0 has no interface number 0
[  833.275215][T13112] usb 2-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  833.328727][T13112] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  833.355869][T13112] usb 2-1: Product: syz
[  833.363926][T13112] usb 2-1: Manufacturer: syz
[  833.373298][T13112] usb 2-1: SerialNumber: syz
[  833.386025][T13112] usb 2-1: config 0 descriptor??
[  833.392551][ T5875] usb 6-1: USB disconnect, device number 69
[  833.407960][T13112] peak_usb 2-1:0.114: probe with driver peak_usb failed with error 114
[  833.554887][T15336] bridge0: left promiscuous mode
[  833.849285][   T29] audit: type=1804 audit(2000000544.393:652): pid=15351 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.2518" name="/newroot/318/file1" dev="fuse" ino=1 res=1 errno=0
[  833.906945][    T9] usb 4-1: USB disconnect, device number 52
[  833.980350][   T29] audit: type=1800 audit(2000000544.393:653): pid=15351 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2518" name="/" dev="fuse" ino=1 res=0 errno=0
[  834.151181][   T29] audit: type=1804 audit(2000000544.393:654): pid=15351 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.2518" name="/newroot/318/file1" dev="fuse" ino=1 res=1 errno=0
[  834.878020][   T29] audit: type=1804 audit(2000000544.393:655): pid=15351 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.2518" name="/newroot/318/file1" dev="fuse" ino=1 res=1 errno=0
[  834.900205][   T29] audit: type=1800 audit(2000000544.393:656): pid=15351 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2518" name="/" dev="fuse" ino=1 res=0 errno=0
[  835.628496][T15372] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2523'.
[  836.169717][    T9] usb 2-1: USB disconnect, device number 57
[  836.542529][T15388] bridge0: entered promiscuous mode
[  836.709009][ T5875] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  836.793630][   T35] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1
[  836.950543][ T5875] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  837.108432][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  837.116956][  T161] Bluetooth: hci4: Frame reassembly failed (-84)
[  837.127068][ T5875] usb 4-1: config 0 descriptor??
[  837.393013][ T5875] cp210x 4-1:0.0: cp210x converter detected
[  837.490472][ T5875] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -121
[  837.529218][ T5875] cp210x 4-1:0.0: querying part number failed
[  837.542441][ T5875] usb 4-1: cp210x converter now attached to ttyUSB0
[  837.611646][T15402] program syz.6.2531 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  837.622403][T15387] bridge0: left promiscuous mode
[  837.946170][    T9] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[  838.200090][    T9] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  838.235140][    T9] usb 6-1: config 0 has no interface number 0
[  838.479812][    T9] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  838.490010][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  838.509588][    T9] usb 6-1: Product: syz
[  838.513843][    T9] usb 6-1: Manufacturer: syz
[  838.518452][    T9] usb 6-1: SerialNumber: syz
[  838.530521][    T9] usb 6-1: config 0 descriptor??
[  838.539445][    T9] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  838.565919][   T29] audit: type=1400 audit(2000000548.817:657): avc:  denied  { append } for  pid=15380 comm="syz.3.2526" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  838.940468][ T5129] Bluetooth: hci4: command 0x1003 tx timeout
[  838.946943][ T5831] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  839.897672][T15418] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2534'.
[  839.931656][T15418] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2534'.
[  840.413076][ T5836] usb 4-1: USB disconnect, device number 53
[  840.435225][ T5836] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  840.467045][ T5836] cp210x 4-1:0.0: device disconnected
[  840.491808][T15428] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2538'.
[  841.001288][    T8] usb 6-1: USB disconnect, device number 70
[  841.289494][T15444] netlink: 'syz.6.2540': attribute type 3 has an invalid length.
[  841.297367][T15444] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2540'.
[  841.529217][ T5871] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  841.909747][ T5871] usb 1-1: config 0 has an invalid interface number: 114 but max is 0
[  841.922600][ T5871] usb 1-1: config 0 has no interface number 0
[  841.958939][ T5871] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  841.995285][ T5871] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.023234][ T5871] usb 1-1: Product: syz
[  842.044913][ T5871] usb 1-1: Manufacturer: syz
[  842.059958][ T5871] usb 1-1: SerialNumber: syz
[  842.113517][ T5871] usb 1-1: config 0 descriptor??
[  842.171069][ T5871] peak_usb 1-1:0.114: probe with driver peak_usb failed with error 114
[  842.438772][   T29] audit: type=1400 audit(2000000552.447:658): avc:  denied  { sendto } for  pid=24 comm="ksoftirqd/1" saddr=fe80::1c daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  844.551663][T15468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2548'.
[  844.560712][T15468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2548'.
[  844.587535][T15475] netlink: 'syz.1.2551': attribute type 10 has an invalid length.
[  844.598814][T15477] netlink: 'syz.1.2551': attribute type 10 has an invalid length.
[  844.695336][   T29] audit: type=1400 audit(2000000554.551:659): avc:  denied  { append } for  pid=15478 comm="syz.1.2553" name="dlm-control" dev="devtmpfs" ino=94 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  844.730043][T15480] FAULT_INJECTION: forcing a failure.
[  844.730043][T15480] name failslab, interval 1, probability 0, space 0, times 0
[  844.749221][T15480] CPU: 1 UID: 0 PID: 15480 Comm: syz.1.2553 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  844.760002][T15480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  844.770063][T15480] Call Trace:
[  844.773345][T15480]  <TASK>
[  844.776280][T15480]  dump_stack_lvl+0x16c/0x1f0
[  844.780970][T15480]  should_fail_ex+0x497/0x5b0
[  844.785651][T15480]  ? fs_reclaim_acquire+0xae/0x150
[  844.790767][T15480]  should_failslab+0xc2/0x120
[  844.795440][T15480]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  844.801766][T15480]  ? device_write+0xc2/0x1e60
[  844.806444][T15480]  memdup_user_nul+0x2b/0x110
[  844.811120][T15480]  device_write+0xc2/0x1e60
[  844.815625][T15480]  ? inode_security+0x101/0x130
[  844.820479][T15480]  ? __pfx_device_write+0x10/0x10
[  844.825504][T15480]  ? bpf_lsm_file_permission+0x9/0x10
[  844.830876][T15480]  ? security_file_permission+0x71/0x210
[  844.836519][T15480]  ? __pfx_device_write+0x10/0x10
[  844.841539][T15480]  vfs_write+0x24c/0x1150
[  844.845869][T15480]  ? __fget_files+0x1fc/0x3a0
[  844.850544][T15480]  ? __pfx_lock_release+0x10/0x10
[  844.855570][T15480]  ? __pfx_vfs_write+0x10/0x10
[  844.860330][T15480]  ? lock_acquire+0x2f/0xb0
[  844.864826][T15480]  ? __fget_files+0x40/0x3a0
[  844.869412][T15480]  ? __fget_files+0x206/0x3a0
[  844.874089][T15480]  ksys_write+0x12b/0x250
[  844.878411][T15480]  ? __pfx_ksys_write+0x10/0x10
[  844.883258][T15480]  do_syscall_64+0xcd/0x250
[  844.887761][T15480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.893652][T15480] RIP: 0033:0x7f654d57ff19
[  844.898059][T15480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.917660][T15480] RSP: 002b:00007f654e463058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  844.926068][T15480] RAX: ffffffffffffffda RBX: 00007f654d745fa0 RCX: 00007f654d57ff19
[  844.934033][T15480] RDX: 0000000000000070 RSI: 0000000020001380 RDI: 0000000000000003
[  844.941996][T15480] RBP: 00007f654e4630a0 R08: 0000000000000000 R09: 0000000000000000
[  844.949958][T15480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  844.957924][T15480] R13: 0000000000000000 R14: 00007f654d745fa0 R15: 00007fff9891a9c8
[  844.965904][T15480]  </TASK>
[  845.147287][ T5871] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  845.517527][ T5871] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  845.594499][   T25] usb 1-1: USB disconnect, device number 53
[  845.594523][ T5871] usb 4-1: config 0 has no interface number 0
[  845.640531][ T5871] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  845.650637][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  845.671489][ T5871] usb 4-1: Product: syz
[  845.681353][ T5871] usb 4-1: Manufacturer: syz
[  845.692991][ T5871] usb 4-1: SerialNumber: syz
[  845.702333][ T5871] usb 4-1: config 0 descriptor??
[  845.708899][ T5871] peak_usb 4-1:0.114: probe with driver peak_usb failed with error 114
[  845.916928][T15495] netlink: 'syz.0.2556': attribute type 3 has an invalid length.
[  845.924834][T15495] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2556'.
[  848.360955][T15510] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2560'.
[  848.408338][T15510] bridge_slave_1: left allmulticast mode
[  848.435743][T15510] bridge_slave_1: left promiscuous mode
[  848.498719][T15510] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.238015][T15510] bridge_slave_0: left allmulticast mode
[  849.243824][T15510] bridge_slave_0: left promiscuous mode
[  849.253280][T15510] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.340459][ T5872] usb 4-1: USB disconnect, device number 54
[  849.460256][T15518] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2562'.
[  849.469300][T15518] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2562'.
[  849.861634][ T5129] Bluetooth: hci4: sending frame failed (-49)
[  849.870292][ T5831] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  850.156671][T15536] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2567'.
[  850.168505][T15536] FAULT_INJECTION: forcing a failure.
[  850.168505][T15536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.184533][T15536] CPU: 1 UID: 0 PID: 15536 Comm: syz.0.2567 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  850.195314][T15536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  850.205375][T15536] Call Trace:
[  850.208655][T15536]  <TASK>
[  850.211591][T15536]  dump_stack_lvl+0x16c/0x1f0
[  850.216283][T15536]  should_fail_ex+0x497/0x5b0
[  850.220976][T15536]  _copy_from_user+0x2e/0xd0
[  850.225576][T15536]  copy_msghdr_from_user+0x99/0x160
[  850.230779][T15536]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  850.236605][T15536]  ___sys_sendmsg+0xff/0x1e0
[  850.241208][T15536]  ? __pfx____sys_sendmsg+0x10/0x10
[  850.246421][T15536]  ? __pfx_lock_release+0x10/0x10
[  850.251463][T15536]  ? trace_lock_acquire+0x14e/0x1f0
[  850.256691][T15536]  ? __fget_files+0x206/0x3a0
[  850.261381][T15536]  __sys_sendmsg+0x16e/0x220
[  850.265983][T15536]  ? __pfx___sys_sendmsg+0x10/0x10
[  850.271123][T15536]  do_syscall_64+0xcd/0x250
[  850.275642][T15536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.281549][T15536] RIP: 0033:0x7f528177ff19
[  850.285973][T15536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.305586][T15536] RSP: 002b:00007f52824d5058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  850.314003][T15536] RAX: ffffffffffffffda RBX: 00007f5281945fa0 RCX: 00007f528177ff19
[  850.321969][T15536] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  850.329936][T15536] RBP: 00007f52824d50a0 R08: 0000000000000000 R09: 0000000000000000
[  850.337900][T15536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  850.345864][T15536] R13: 0000000000000000 R14: 00007f5281945fa0 R15: 00007ffc91db8288
[  850.353837][T15536]  </TASK>
[  850.675925][T15547] netlink: 'syz.3.2569': attribute type 3 has an invalid length.
[  850.683791][T15547] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2569'.
[  853.669726][T13112] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[  853.933648][T15580] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2576'.
[  853.942754][T15580] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2576'.
[  853.987225][T13112] usb 6-1: config 0 has an invalid interface number: 114 but max is 0
[  854.022746][T13112] usb 6-1: config 0 has no interface number 0
[  854.053646][T13112] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  854.069365][T13112] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.098975][T13112] usb 6-1: Product: syz
[  854.110169][T13112] usb 6-1: Manufacturer: syz
[  854.135818][T13112] usb 6-1: SerialNumber: syz
[  854.162933][T13112] usb 6-1: config 0 descriptor??
[  854.227985][ T5872] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  854.310410][T13112] peak_usb 6-1:0.114: probe with driver peak_usb failed with error 114
[  855.177728][ T5872] usb 2-1: Using ep0 maxpacket: 32
[  855.818788][ T5872] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1
[  855.830593][ T5872] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  855.839679][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  855.847888][ T5872] usb 2-1: Product: syz
[  855.854076][ T5872] usb 2-1: Manufacturer: syz
[  855.858953][ T5872] usb 2-1: SerialNumber: syz
[  855.879068][T15588] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  856.116302][ T5872] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 58 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  857.366595][T15610] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2584'.
[  857.393614][   T29] audit: type=1400 audit(2000000566.431:660): avc:  denied  { bind } for  pid=15612 comm="syz.6.2582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  857.424715][T15610] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2584'.
[  857.674979][T13112] usb 6-1: USB disconnect, device number 71
[  857.893590][T15616] FAULT_INJECTION: forcing a failure.
[  857.893590][T15616] name failslab, interval 1, probability 0, space 0, times 0
[  857.906809][T15616] CPU: 0 UID: 0 PID: 15616 Comm: syz.6.2582 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  857.917582][T15616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  857.927635][T15616] Call Trace:
[  857.930910][T15616]  <TASK>
[  857.933839][T15616]  dump_stack_lvl+0x16c/0x1f0
[  857.938527][T15616]  should_fail_ex+0x497/0x5b0
[  857.943224][T15616]  ? fs_reclaim_acquire+0xae/0x150
[  857.948353][T15616]  should_failslab+0xc2/0x120
[  857.953042][T15616]  __kmalloc_node_noprof+0xd1/0x510
[  857.958245][T15616]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  857.963717][T15616]  __kvmalloc_node_noprof+0xad/0x1a0
[  857.969010][T15616]  seq_read_iter+0x82a/0x12b0
[  857.973702][T15616]  ? hlock_class+0x4e/0x130
[  857.978220][T15616]  seq_read+0x39f/0x4e0
[  857.982390][T15616]  ? __pfx_seq_read+0x10/0x10
[  857.987088][T15616]  ? lockdep_hardirqs_on+0x7c/0x110
[  857.992320][T15616]  ? rw_verify_area+0x180/0x700
[  857.997190][T15616]  ? __pfx_seq_read+0x10/0x10
[  858.001885][T15616]  proc_reg_read+0x23d/0x330
[  858.006489][T15616]  ? __pfx_proc_reg_read+0x10/0x10
[  858.011640][T15616]  vfs_readv+0x6bf/0x890
[  858.015901][T15616]  ? __pfx___lock_acquire+0x10/0x10
[  858.021111][T15616]  ? __pfx_vfs_readv+0x10/0x10
[  858.025892][T15616]  ? __fget_files+0x1fc/0x3a0
[  858.030573][T15616]  ? __pfx_lock_release+0x10/0x10
[  858.035616][T15616]  ? __fget_files+0x206/0x3a0
[  858.040308][T15616]  ? do_preadv+0x1b1/0x270
[  858.044736][T15616]  do_preadv+0x1b1/0x270
[  858.048995][T15616]  ? __pfx_do_preadv+0x10/0x10
[  858.053781][T15616]  do_syscall_64+0xcd/0x250
[  858.058298][T15616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.064205][T15616] RIP: 0033:0x7f50ba77ff19
[  858.068620][T15616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  858.088231][T15616] RSP: 002b:00007f50bb52d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  858.096649][T15616] RAX: ffffffffffffffda RBX: 00007f50ba946160 RCX: 00007f50ba77ff19
[  858.104627][T15616] RDX: 0000000000000008 RSI: 0000000020000ac0 RDI: 0000000000000004
[  858.112601][T15616] RBP: 00007f50bb52d0a0 R08: 0000000000000000 R09: 0000000000000000
[  858.120570][T15616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  858.128545][T15616] R13: 0000000000000000 R14: 00007f50ba946160 R15: 00007fffceb275c8
[  858.136540][T15616]  </TASK>
[  859.998996][T15637] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2588'.
[  860.296940][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  860.303760][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  860.630345][ T5872] usb 2-1: USB disconnect, device number 58
[  860.653039][ T5872] usblp0: removed
[  860.820550][   T29] audit: type=1326 audit(2000000569.630:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  860.907183][   T29] audit: type=1326 audit(2000000569.630:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  860.938311][   T29] audit: type=1326 audit(2000000569.630:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  860.964555][   T29] audit: type=1326 audit(2000000569.649:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  861.010171][   T29] audit: type=1326 audit(2000000569.649:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  861.034841][   T29] audit: type=1326 audit(2000000569.677:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  861.059932][   T29] audit: type=1326 audit(2000000569.677:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  861.083994][   T29] audit: type=1326 audit(2000000569.677:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  861.108044][   T29] audit: type=1326 audit(2000000569.677:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15645 comm="syz.1.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f654d57ff19 code=0x7ffc0000
[  861.385879][   T25] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  861.422768][ T5831] Bluetooth: hci4: command 0x1003 tx timeout
[  861.430778][ T5129] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  862.215197][   T25] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  862.223888][   T25] usb 4-1: config 0 has no interface number 0
[  862.232481][   T25] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  862.243865][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  862.313914][T15664] sp0: Synchronizing with TNC
[  862.321473][ T3601] 
[  862.323791][ T3601] =====================================================
[  862.330690][ T3601] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[  862.338110][ T3601] 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0 Not tainted
[  862.345183][ T3601] -----------------------------------------------------
[  862.352079][ T3601] kworker/u8:8/3601 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  862.359868][ T3601] ffffffff8f334638 (disc_data_lock#3){.+.+}-{3:3}, at: sp_get+0x18/0xf0
[  862.368196][ T3601] 
[  862.368196][ T3601] and this task is already holding:
[  862.375527][ T3601] ffffffff9ab116f8 (&port_lock_key){-.-.}-{3:3}, at: uart_write+0x13b/0xb30
[  862.384203][ T3601] which would create a new lock dependency:
[  862.390058][ T3601]  (&port_lock_key){-.-.}-{3:3} -> (disc_data_lock#3){.+.+}-{3:3}
[  862.397862][ T3601] 
[  862.397862][ T3601] but this new dependency connects a HARDIRQ-irq-safe lock:
[  862.407279][ T3601]  (&port_lock_key){-.-.}-{3:3}
[  862.407294][ T3601] 
[  862.407294][ T3601] ... which became HARDIRQ-irq-safe at:
[  862.419785][ T3601]   lock_acquire.part.0+0x11b/0x380
[  862.424958][ T3601]   _raw_spin_lock_irqsave+0x3a/0x60
[  862.430216][ T3601]   serial8250_handle_irq+0x95/0xc80
[  862.435477][ T3601]   serial8250_default_handle_irq+0x9a/0x210
[  862.441429][ T3601]   serial8250_interrupt+0x103/0x210
[  862.446690][ T3601]   __handle_irq_event_percpu+0x229/0x7d0
[  862.452384][ T3601]   handle_irq_event+0xab/0x1e0
[  862.457209][ T3601]   handle_edge_irq+0x263/0xd10
[  862.462033][ T3601]   __common_interrupt+0xdf/0x250
[  862.467033][ T3601]   common_interrupt+0xba/0xe0
[  862.471764][ T3601]   asm_common_interrupt+0x26/0x40
[  862.476852][ T3601]   _raw_spin_unlock_irqrestore+0x31/0x80
[  862.482543][ T3601]   uart_write+0x2a4/0xb30
[  862.486930][ T3601]   n_tty_write+0x419/0x1140
[  862.491505][ T3601]   file_tty_write.constprop.0+0x506/0x9a0
[  862.497283][ T3601]   redirected_tty_write+0xcc/0x140
[  862.502453][ T3601]   vfs_write+0x5ae/0x1150
[  862.506843][ T3601]   ksys_write+0x12b/0x250
[  862.511231][ T3601]   do_syscall_64+0xcd/0x250
[  862.515794][ T3601]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.521749][ T3601] 
[  862.521749][ T3601] to a HARDIRQ-irq-unsafe lock:
[  862.528734][ T3601]  (disc_data_lock#3){.+.+}-{3:3}
[  862.528755][ T3601] 
[  862.528755][ T3601] ... which became HARDIRQ-irq-unsafe at:
[  862.541592][ T3601] ...
[  862.541597][ T3601]   lock_acquire.part.0+0x11b/0x380
[  862.549316][ T3601]   _raw_read_lock+0x5f/0x70
[  862.553878][ T3601]   sp_get+0x18/0xf0
[  862.557746][ T3601]   sixpack_receive_buf+0x59/0x1c80
[  862.562919][ T3601]   tty_ldisc_receive_buf+0x153/0x190
[  862.568263][ T3601]   tty_port_default_receive_buf+0x70/0xb0
[  862.574040][ T3601]   flush_to_ldisc+0x264/0x780
[  862.578784][ T3601]   process_one_work+0x9c5/0x1ba0
[  862.583778][ T3601]   worker_thread+0x6c8/0xf00
[  862.588425][ T3601]   kthread+0x2c1/0x3a0
[  862.592553][ T3601]   ret_from_fork+0x45/0x80
[  862.597026][ T3601]   ret_from_fork_asm+0x1a/0x30
[  862.601850][ T3601] 
[  862.601850][ T3601] other info that might help us debug this:
[  862.601850][ T3601] 
[  862.612045][ T3601]  Possible interrupt unsafe locking scenario:
[  862.612045][ T3601] 
[  862.620331][ T3601]        CPU0                    CPU1
[  862.625663][ T3601]        ----                    ----
[  862.630996][ T3601]   lock(disc_data_lock#3);
[  862.635472][ T3601]                                local_irq_disable();
[  862.642194][ T3601]                                lock(&port_lock_key);
[  862.649008][ T3601]                                lock(disc_data_lock#3);
[  862.655999][ T3601]   <Interrupt>
[  862.659423][ T3601]     lock(&port_lock_key);
[  862.663895][ T3601] 
[  862.663895][ T3601]  *** DEADLOCK ***
[  862.663895][ T3601] 
[  862.672004][ T3601] 6 locks held by kworker/u8:8/3601:
[  862.677253][ T3601]  #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  862.688350][ T3601]  #1: ffffc9000dacfd80 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  862.699356][ T3601]  #2: ffff888025418ca0 (&buf->lock){+.+.}-{4:4}, at: flush_to_ldisc+0x31/0x780
[  862.708366][ T3601]  #3: ffff88805e31e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x80
[  862.717639][ T3601]  #4: ffffffff9ab116f8 (&port_lock_key){-.-.}-{3:3}, at: uart_write+0x13b/0xb30
[  862.726736][ T3601]  #5: ffff88805e31e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x80
[  862.736009][ T3601] 
[  862.736009][ T3601] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[  862.746379][ T3601] -> (&port_lock_key){-.-.}-{3:3} {
[  862.751556][ T3601]    IN-HARDIRQ-W at:
[  862.755506][ T3601]                     lock_acquire.part.0+0x11b/0x380
[  862.762246][ T3601]                     _raw_spin_lock_irqsave+0x3a/0x60
[  862.769073][ T3601]                     serial8250_handle_irq+0x95/0xc80
[  862.775893][ T3601]                     serial8250_default_handle_irq+0x9a/0x210
[  862.783406][ T3601]                     serial8250_interrupt+0x103/0x210
[  862.790227][ T3601]                     __handle_irq_event_percpu+0x229/0x7d0
[  862.797483][ T3601]                     handle_irq_event+0xab/0x1e0
[  862.803868][ T3601]                     handle_edge_irq+0x263/0xd10
[  862.810251][ T3601]                     __common_interrupt+0xdf/0x250
[  862.816822][ T3601]                     common_interrupt+0xba/0xe0
[  862.823120][ T3601]                     asm_common_interrupt+0x26/0x40
[  862.829767][ T3601]                     _raw_spin_unlock_irqrestore+0x31/0x80
[  862.837018][ T3601]                     uart_write+0x2a4/0xb30
[  862.842968][ T3601]                     n_tty_write+0x419/0x1140
[  862.849094][ T3601]                     file_tty_write.constprop.0+0x506/0x9a0
[  862.856436][ T3601]                     redirected_tty_write+0xcc/0x140
[  862.863165][ T3601]                     vfs_write+0x5ae/0x1150
[  862.869125][ T3601]                     ksys_write+0x12b/0x250
[  862.875073][ T3601]                     do_syscall_64+0xcd/0x250
[  862.881202][ T3601]                     entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.888718][ T3601]    IN-SOFTIRQ-W at:
[  862.892667][ T3601]                     lock_acquire.part.0+0x11b/0x380
[  862.899397][ T3601]                     _raw_spin_lock_irqsave+0x3a/0x60
[  862.906215][ T3601]                     serial8250_handle_irq+0x95/0xc80
[  862.913034][ T3601]                     serial8250_default_handle_irq+0x9a/0x210
[  862.920552][ T3601]                     serial8250_interrupt+0x103/0x210
[  862.927373][ T3601]                     __handle_irq_event_percpu+0x229/0x7d0
[  862.934628][ T3601]                     handle_irq_event+0xab/0x1e0
[  862.941011][ T3601]                     handle_edge_irq+0x263/0xd10
[  862.947400][ T3601]                     __common_interrupt+0xdf/0x250
[  862.953961][ T3601]                     common_interrupt+0x61/0xe0
[  862.960254][ T3601]                     asm_common_interrupt+0x26/0x40
[  862.966901][ T3601]                     __rcu_read_unlock+0xa/0x580
[  862.973286][ T3601]                     is_bpf_text_address+0x94/0x1a0
[  862.979933][ T3601]                     kernel_text_address+0x8d/0x100
[  862.986578][ T3601]                     __kernel_text_address+0xd/0x40
[  862.993235][ T3601]                     unwind_get_return_address+0x59/0xa0
[  863.000316][ T3601]                     arch_stack_walk+0xa7/0x100
[  863.006615][ T3601]                     stack_trace_save+0x95/0xd0
[  863.012916][ T3601]                     kasan_save_stack+0x33/0x60
[  863.019211][ T3601]                     kasan_save_track+0x14/0x30
[  863.025505][ T3601]                     kasan_save_free_info+0x3b/0x60
[  863.032153][ T3601]                     __kasan_slab_free+0x51/0x70
[  863.038536][ T3601]                     slab_free_after_rcu_debug+0x115/0x340
[  863.045791][ T3601]                     rcu_core+0x79d/0x14d0
[  863.051671][ T3601]                     handle_softirqs+0x213/0x8f0
[  863.058066][ T3601]                     __irq_exit_rcu+0x109/0x170
[  863.064367][ T3601]                     irq_exit_rcu+0x9/0x30
[  863.070243][ T3601]                     sysvec_apic_timer_interrupt+0xa4/0xc0
[  863.077512][ T3601]                     asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  863.085123][ T3601]                     write_comp_data+0x42/0x90
[  863.091336][ T3601]                     path_openat+0x20b/0x2d60
[  863.097458][ T3601]                     do_filp_open+0x20c/0x470
[  863.103583][ T3601]                     do_sys_openat2+0x17a/0x1e0
[  863.109886][ T3601]                     __x64_sys_openat+0x175/0x210
[  863.116361][ T3601]                     do_syscall_64+0xcd/0x250
[  863.122487][ T3601]                     entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.130010][ T3601]    INITIAL USE at:
[  863.133878][ T3601]                    lock_acquire.part.0+0x11b/0x380
[  863.140524][ T3601]                    _raw_spin_lock_irqsave+0x3a/0x60
[  863.147263][ T3601]                    serial8250_do_set_termios+0x307/0x16f0
[  863.154522][ T3601]                    serial8250_set_termios+0x6e/0x80
[  863.161255][ T3601]                    uart_set_options+0x31b/0x5f0
[  863.167645][ T3601]                    serial8250_console_setup+0x18a/0x460
[  863.174737][ T3601]                    univ8250_console_setup+0x1d4/0x2c0
[  863.181664][ T3601]                    try_enable_preferred_console+0x2fd/0x530
[  863.189099][ T3601]                    register_console+0x3ac/0x1170
[  863.195572][ T3601]                    univ8250_console_init+0x5f/0x90
[  863.202221][ T3601]                    console_init+0x154/0x690
[  863.208261][ T3601]                    start_kernel+0x29a/0x4d0
[  863.214304][ T3601]                    x86_64_start_reservations+0x18/0x30
[  863.221302][ T3601]                    x86_64_start_kernel+0xb2/0xc0
[  863.227778][ T3601]                    common_startup_64+0x13e/0x148
[  863.234258][ T3601]  }
[  863.236728][ T3601]  ... key      at: [<ffffffff9ab10960>] port_lock_key+0x0/0x40
[  863.244347][ T3601] 
[  863.244347][ T3601] the dependencies between the lock to be acquired
[  863.244354][ T3601]  and HARDIRQ-irq-unsafe lock:
[  863.257817][ T3601] -> (disc_data_lock#3){.+.+}-{3:3} {
[  863.263178][ T3601]    HARDIRQ-ON-R at:
[  863.267127][ T3601]                     lock_acquire.part.0+0x11b/0x380
[  863.273860][ T3601]                     _raw_read_lock+0x5f/0x70
[  863.279984][ T3601]                     sp_get+0x18/0xf0
[  863.285420][ T3601]                     sixpack_receive_buf+0x59/0x1c80
[  863.292154][ T3601]                     tty_ldisc_receive_buf+0x153/0x190
[  863.299057][ T3601]                     tty_port_default_receive_buf+0x70/0xb0
[  863.306399][ T3601]                     flush_to_ldisc+0x264/0x780
[  863.312697][ T3601]                     process_one_work+0x9c5/0x1ba0
[  863.319261][ T3601]                     worker_thread+0x6c8/0xf00
[  863.325471][ T3601]                     kthread+0x2c1/0x3a0
[  863.331170][ T3601]                     ret_from_fork+0x45/0x80
[  863.337220][ T3601]                     ret_from_fork_asm+0x1a/0x30
[  863.343614][ T3601]    SOFTIRQ-ON-R at:
[  863.347569][ T3601]                     lock_acquire.part.0+0x11b/0x380
[  863.354320][ T3601]                     _raw_read_lock+0x5f/0x70
[  863.360453][ T3601]                     sp_get+0x18/0xf0
[  863.365888][ T3601]                     sixpack_receive_buf+0x59/0x1c80
[  863.372637][ T3601]                     tty_ldisc_receive_buf+0x153/0x190
[  863.379546][ T3601]                     tty_port_default_receive_buf+0x70/0xb0
[  863.386889][ T3601]                     flush_to_ldisc+0x264/0x780
[  863.393186][ T3601]                     process_one_work+0x9c5/0x1ba0
[  863.399751][ T3601]                     worker_thread+0x6c8/0xf00
[  863.405961][ T3601]                     kthread+0x2c1/0x3a0
[  863.411655][ T3601]                     ret_from_fork+0x45/0x80
[  863.417691][ T3601]                     ret_from_fork_asm+0x1a/0x30
[  863.424078][ T3601]    INITIAL READ USE at:
[  863.428378][ T3601]                         lock_acquire.part.0+0x11b/0x380
[  863.435458][ T3601]                         _raw_read_lock+0x5f/0x70
[  863.441931][ T3601]                         sp_get+0x18/0xf0
[  863.447711][ T3601]                         sixpack_receive_buf+0x59/0x1c80
[  863.454805][ T3601]                         tty_ldisc_receive_buf+0x153/0x190
[  863.462056][ T3601]                         tty_port_default_receive_buf+0x70/0xb0
[  863.469746][ T3601]                         flush_to_ldisc+0x264/0x780
[  863.476387][ T3601]                         process_one_work+0x9c5/0x1ba0
[  863.483292][ T3601]                         worker_thread+0x6c8/0xf00
[  863.489849][ T3601]                         kthread+0x2c1/0x3a0
[  863.495890][ T3601]                         ret_from_fork+0x45/0x80
[  863.502273][ T3601]                         ret_from_fork_asm+0x1a/0x30
[  863.509006][ T3601]  }
[  863.511477][ T3601]  ... key      at: [<ffffffff8f334638>] disc_data_lock+0x18/0xfe0
[  863.519340][ T3601]  ... acquired at:
[  863.523111][ T3601]    lock_acquire.part.0+0x11b/0x380
[  863.528373][ T3601]    _raw_read_lock+0x5f/0x70
[  863.533019][ T3601]    sp_get+0x18/0xf0
[  863.536977][ T3601]    sixpack_write_wakeup+0x20/0x390
[  863.542248][ T3601]    tty_wakeup+0xe5/0x120
[  863.546653][ T3601]    tty_port_default_wakeup+0x2a/0x40
[  863.552094][ T3601]    serial8250_tx_chars+0x68e/0x860
[  863.557352][ T3601]    __start_tx+0x3e9/0x4a0
[  863.561829][ T3601]    serial8250_start_tx+0x363/0x530
[  863.567086][ T3601]    __uart_start+0x292/0x4c0
[  863.571741][ T3601]    uart_write+0x218/0xb30
[  863.576217][ T3601]    sixpack_receive_buf+0x3d7/0x1c80
[  863.581567][ T3601]    tty_ldisc_receive_buf+0x153/0x190
[  863.586999][ T3601]    tty_port_default_receive_buf+0x70/0xb0
[  863.592865][ T3601]    flush_to_ldisc+0x264/0x780
[  863.597686][ T3601]    process_one_work+0x9c5/0x1ba0
[  863.602769][ T3601]    worker_thread+0x6c8/0xf00
[  863.607504][ T3601]    kthread+0x2c1/0x3a0
[  863.611723][ T3601]    ret_from_fork+0x45/0x80
[  863.616286][ T3601]    ret_from_fork_asm+0x1a/0x30
[  863.621201][ T3601] 
[  863.623496][ T3601] 
[  863.623496][ T3601] stack backtrace:
[  863.629353][ T3601] CPU: 0 UID: 0 PID: 3601 Comm: kworker/u8:8 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  863.640164][ T3601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  863.650188][ T3601] Workqueue: events_unbound flush_to_ldisc
[  863.655984][ T3601] Call Trace:
[  863.659236][ T3601]  <TASK>
[  863.662145][ T3601]  dump_stack_lvl+0x116/0x1f0
[  863.666808][ T3601]  check_irq_usage+0xf22/0x1290
[  863.671631][ T3601]  ? __pfx_check_irq_usage+0x10/0x10
[  863.676890][ T3601]  ? hlock_conflict+0x58/0x200
[  863.681622][ T3601]  ? __bfs+0x2fa/0x670
[  863.685666][ T3601]  ? __pfx_hlock_conflict+0x10/0x10
[  863.690833][ T3601]  ? hlock_conflict+0x58/0x200
[  863.695569][ T3601]  ? lockdep_lock+0xc6/0x200
[  863.700134][ T3601]  ? __pfx_lockdep_lock+0x10/0x10
[  863.705133][ T3601]  ? __lock_acquire+0x24b4/0x3c40
[  863.710126][ T3601]  __lock_acquire+0x24b4/0x3c40
[  863.714949][ T3601]  ? __pfx___lock_acquire+0x10/0x10
[  863.720120][ T3601]  ? lock_acquire.part.0+0x11b/0x380
[  863.725379][ T3601]  lock_acquire.part.0+0x11b/0x380
[  863.730461][ T3601]  ? sp_get+0x18/0xf0
[  863.734417][ T3601]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  863.740022][ T3601]  ? rcu_is_watching+0x12/0xc0
[  863.744760][ T3601]  ? trace_lock_acquire+0x14e/0x1f0
[  863.749932][ T3601]  ? sp_get+0x18/0xf0
[  863.753885][ T3601]  ? lock_acquire+0x2f/0xb0
[  863.758357][ T3601]  ? sp_get+0x18/0xf0
[  863.762311][ T3601]  ? __pfx_sixpack_write_wakeup+0x10/0x10
[  863.768003][ T3601]  _raw_read_lock+0x5f/0x70
[  863.772479][ T3601]  ? sp_get+0x18/0xf0
[  863.776433][ T3601]  sp_get+0x18/0xf0
[  863.780213][ T3601]  ? __pfx_sixpack_write_wakeup+0x10/0x10
[  863.785905][ T3601]  sixpack_write_wakeup+0x20/0x390
[  863.790990][ T3601]  ? __pfx_sixpack_write_wakeup+0x10/0x10
[  863.796682][ T3601]  tty_wakeup+0xe5/0x120
[  863.800908][ T3601]  tty_port_default_wakeup+0x2a/0x40
[  863.806166][ T3601]  serial8250_tx_chars+0x68e/0x860
[  863.811250][ T3601]  __start_tx+0x3e9/0x4a0
[  863.815552][ T3601]  serial8250_start_tx+0x363/0x530
[  863.820638][ T3601]  __uart_start+0x292/0x4c0
[  863.825117][ T3601]  uart_write+0x218/0xb30
[  863.829418][ T3601]  sixpack_receive_buf+0x3d7/0x1c80
[  863.834591][ T3601]  ? ldsem_down_read_trylock+0x121/0x180
[  863.840197][ T3601]  ? __pfx_ldsem_down_read_trylock+0x10/0x10
[  863.846152][ T3601]  ? __pfx_sixpack_receive_buf+0x10/0x10
[  863.851758][ T3601]  tty_ldisc_receive_buf+0x153/0x190
[  863.857013][ T3601]  tty_port_default_receive_buf+0x70/0xb0
[  863.862706][ T3601]  flush_to_ldisc+0x264/0x780
[  863.867354][ T3601]  ? lock_acquire+0x2f/0xb0
[  863.871828][ T3601]  ? process_one_work+0x921/0x1ba0
[  863.876915][ T3601]  process_one_work+0x9c5/0x1ba0
[  863.881824][ T3601]  ? __pfx_batadv_nc_worker+0x10/0x10
[  863.887171][ T3601]  ? __pfx_process_one_work+0x10/0x10
[  863.892513][ T3601]  ? rcu_is_watching+0x12/0xc0
[  863.897254][ T3601]  ? assign_work+0x1a0/0x250
[  863.901814][ T3601]  worker_thread+0x6c8/0xf00
[  863.906377][ T3601]  ? __kthread_parkme+0x148/0x220
[  863.911376][ T3601]  ? __pfx_worker_thread+0x10/0x10
[  863.916457][ T3601]  kthread+0x2c1/0x3a0
[  863.920499][ T3601]  ? _raw_spin_unlock_irq+0x23/0x50
[  863.925668][ T3601]  ? __pfx_kthread+0x10/0x10
[  863.930234][ T3601]  ret_from_fork+0x45/0x80
[  863.934623][ T3601]  ? __pfx_kthread+0x10/0x10
[  863.939187][ T3601]  ret_from_fork_asm+0x1a/0x30
[  863.943945][ T3601]  </TASK>
[  863.952769][   T25] usb 4-1: Product: syz
[  863.962852][   T25] usb 4-1: Manufacturer: syz
[  863.980703][   T25] usb 4-1: SerialNumber: syz
[  864.004543][   T25] usb 4-1: config 0 descriptor??
[  864.013974][   T25] peak_usb 4-1:0.114: probe with driver peak_usb failed with error 114
[  864.108335][   T25] usb 4-1: USB disconnect, device number 55