last executing test programs:

2m45.040205166s ago: executing program 2 (id=833):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000080)=0x1ff, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='highspeed\x00', 0xa)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x700) (fail_nth: 3)

2m43.407147205s ago: executing program 2 (id=839):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="5800000010000104f0ffffff000500000000fdff", @ANYRES32=0x0, @ANYBLOB="00000000da44000024001a8020000a801400072cfe8000000000000000020040000000000500080002000000140003007866726d30"], 0x58}}, 0x0) (fail_nth: 3)

2m43.039069363s ago: executing program 2 (id=842):
io_uring_setup(0x30d8, &(0x7f00000001c0)={0x0, 0xd4b1, 0x1000, 0x4000002, 0x212})
socket$qrtr(0x2a, 0x2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x2, 0x0, 0x6, 0x6, 0x0, "7f1227f7adf97affe4ffff7d1800"})
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000180), 0x8800, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000600)=ANY=[@ANYBLOB="fcffffff"])
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
close(r1)
r2 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000280)={0x80000000, 0x0, &(0x7f0000000200)=[{}, {{}, {<r3=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_ENTITIES(r2, 0xc1007c01, &(0x7f00000003c0)={r3})
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f0000006a80)={0x0, 0x0, &(0x7f0000006a40)={&(0x7f0000006a00)={0x1c, r5, 0x1, 0x70bd29, 0x25dfdbfc}, 0x1c}}, 0xc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)={0x114, 0x3f, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xf6, 0x1, 0x0, 0x1, [@generic="42d574501232c1f723060a8aeeb02667ca656bb060fe6de03592573667872542421bce1a6dce1799a7bbdf732c4dba4dc2caaa17b038d8e3c966eac066475d518436268a6d7febb34319a3edf066c28212924fc241e5824216e81d40e1e2a44ea9024475aa593b9043b982b06cd78f65b09f406ebc9e6a838fc00754d659a89cdfd46a05dbb63f779a4ea44db636c35141147b6c7c60a153e2a6c0e183cc1462ac716afaf3e461cb84260581f0d47b6d78b8da917b6fe6d6212d80a4b1fe8a6671743f5819e77ddf51e230601bf5f84d5490072194abf500053bdf13b48ee6573b24c7f1ff4d69fab080658cfab3f35f1dcf"]}, @nested={0x4, 0x2}]}, 0x114}}, 0x4c000)

2m41.865085399s ago: executing program 2 (id=845):
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x9}, 0x1c)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f00000003c0)='/dev/i2c-#\x00', &(0x7f0000000400)='./file0\x00', 0xffffffffffffff9c)
syz_open_dev$I2C(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xd, &(0x7f0000000580)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d8000000", @ANYRES16=0x0, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioperm(0xc210, 0x4, 0x5)
r3 = fsopen(&(0x7f0000000940)='pvfs2\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
dup(r0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @remote, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0)

2m41.702085774s ago: executing program 2 (id=846):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_ACCEPT(0xffffffffffffffff, &(0x7f00000004c0)={0x8, 0x120, 0xfa00, {0x2, {0xfffeffff, 0x5, "15b83a5e23a2f99aac863171a31270b994c4064230f43801c0523969d6f8095cf932abd03aa3ee8ea02d6d987328b4ce32b869d1f3c4e93b9c493ae189347d872ce81de775d1dce7ffed009cc60af3ad797e6ad02f3847ab525700a56801d66f6b0f5aec9dbb4dc7a209c7ff861b751b8ddfa0b759524c650e3e4034ed7e43e5cd407080d5dcddf3b4b35643547f8a9df8963c913e3d515b544238e5c3289b695b8983f6b734e7b71f50b411883d75569d5c9c6ef693c794b86093c35a835036eafefa62863bd8a407129183f95a7d21b1090b2550c99d90414634baccdda51b90a98340e2639fd60e973fbf550eb498c24157e678b0443a0cfcab5e0a551765", 0x9, 0xff, 0x9, 0x1, 0x1, 0x1, 0x3c}}}, 0x128)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000440)='\x00'/15, 0xf)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c58}, 0x1, 0x0, 0x0, 0x40400d1}, 0x20008041)

2m40.683152001s ago: executing program 2 (id=849):
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$netlink(0x10, 0x3, 0xf)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000af0300000000000000000000fffffffe0000000000005025ae00"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x6}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4008044)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0b04000000000000000002000000200004801c0001800a00010072656469720000000c000280080003400000f3230900010073797a300000feff0900020073797a32"], 0x74}}, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000180)={'veth1_virt_wifi\x00', &(0x7f00000006c0)=@ethtool_rxnfc={0x2a, 0xb, 0x6, {0x5, @udp_ip6_spec={@private0, @rand_addr=' \x01\x00', 0x4e23, 0x4e21, 0x23}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, 0xe, 0xffff, [0x9, 0xfffffffd]}, @esp_ip6_spec={@private2={0xfc, 0x2, '\x00', 0xfe}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5a, 0x8}, {0x0, @empty, 0x6, 0x8c, [0xa, 0x80]}, 0x3, 0x8000000}, 0x7, [0x3, 0x5, 0x8, 0x4, 0x20008000, 0x895, 0xd1db]}})
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x20011, &(0x7f00000004c0)=ANY=[])
socket(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r7, 0xab07, 0xb)
r8 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r5, 0xc0c09425, &(0x7f00000005c0)={"dc042fa03dce518f41d4d27b568e1f88", 0x0, 0x0, {0x4ecda616, 0x6}, {0xfffffffffffffffd, 0x4}, 0x4, [0x8e2, 0x7, 0x5, 0x7fffffffffffffff, 0x4, 0x1, 0xd, 0x7fffffff, 0x9, 0x14, 0x8, 0xffffffffffffa09b, 0x400, 0x5, 0x9, 0x2]})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r8, 0xab00, r9)
ioctl$NBD_DO_IT(r8, 0xab03)

2m23.882302529s ago: executing program 32 (id=849):
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$netlink(0x10, 0x3, 0xf)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000af0300000000000000000000fffffffe0000000000005025ae00"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x6}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4008044)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0b04000000000000000002000000200004801c0001800a00010072656469720000000c000280080003400000f3230900010073797a300000feff0900020073797a32"], 0x74}}, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000180)={'veth1_virt_wifi\x00', &(0x7f00000006c0)=@ethtool_rxnfc={0x2a, 0xb, 0x6, {0x5, @udp_ip6_spec={@private0, @rand_addr=' \x01\x00', 0x4e23, 0x4e21, 0x23}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, 0xe, 0xffff, [0x9, 0xfffffffd]}, @esp_ip6_spec={@private2={0xfc, 0x2, '\x00', 0xfe}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5a, 0x8}, {0x0, @empty, 0x6, 0x8c, [0xa, 0x80]}, 0x3, 0x8000000}, 0x7, [0x3, 0x5, 0x8, 0x4, 0x20008000, 0x895, 0xd1db]}})
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x20011, &(0x7f00000004c0)=ANY=[])
socket(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r7, 0xab07, 0xb)
r8 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r5, 0xc0c09425, &(0x7f00000005c0)={"dc042fa03dce518f41d4d27b568e1f88", 0x0, 0x0, {0x4ecda616, 0x6}, {0xfffffffffffffffd, 0x4}, 0x4, [0x8e2, 0x7, 0x5, 0x7fffffffffffffff, 0x4, 0x1, 0xd, 0x7fffffff, 0x9, 0x14, 0x8, 0xffffffffffffa09b, 0x400, 0x5, 0x9, 0x2]})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r8, 0xab00, r9)
ioctl$NBD_DO_IT(r8, 0xab03)

14.330058946s ago: executing program 0 (id=1325):
io_uring_setup(0x30d7, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405668, &(0x7f0000000100)={0x0, 0x1, 0x2})
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x8ce5d, 0x80, 0x0, 0x9}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0xea60})
pwritev2(0xffffffffffffffff, &(0x7f0000000940)=[{&(0x7f0000000380)="d5934a6130a4bd1fd24c99d35b3e1a7e7175d578bda407126b04d191ad6bf2cd975ffc8fe478f8e6972d12644facab1db026c7d3874ae7b9372fd1de7debba56718f61552b5210feaaaf15a2f3f2f592f6e8ab02e61b8a389c8086d7a3d4851af5efd3e93e916ec7cf462ead594ceaa03adc38d31dcb3592752318adce9425fd0e8068fe8baa041e8d03ff928a081a1895497cafec9c1d880d37db892f18f382d448f3bb197acf8888bf577fdf1c083a79d6ec4ebcd64f08d0abc7b951e7a5ef6e7c517e53d871cab69173a4324aafd09a9bf72e764f145f", 0xd8}, {&(0x7f0000000500)="bef57edabde9954f71ef3cd422b6ebb7ff179d8d3d6099b239548aeea4914ca9fd4ce5972d690af9506c8a396a1a24747461e02d4e89f2f286aa2a078108cf36166c3d5a5073577841", 0x49}, {&(0x7f0000000680)="a8b63b70494fa90f7776856bb0d07d9fc5965aa28f7c1281657edd57abb9fdee39dc11ad56b1be876eb4077d79741955269093e0c6502e1e86e8e45dc81c55e633ac767d88029efbd9480249d6975f5ea193527af3a6e25a3f9014821922bdf2d6a0572fb9a9bcff8efee4e433d31dc3ddafef8e7825dc3b48602e45441529a33fc4250d99f175e53053e796f6080bd0dce05729131020152e6cdc96636cacada389fe65358e41e52624c98e2824daf36699d4f777f7bafddc812c4ba6594db1e7f26117a25705c6ee88e201ac846497bee01aac72237ed2dc43274bdbcef5c01b7ed78891604650e34fcab18e", 0xed}, {&(0x7f00000000c0)="4572caf78f70f59bb68a86", 0xb}, {&(0x7f0000000580)="aca0b2ff11c542234fadc8c722061113d9d6f5621ad522f4eb6a72c117db5043a400015de6f2c063977871c86096d5b3b6a4c92c1738f0aaf0965c01ff69ad1d3138287329663c046aac90fbbd5c1b6d236752387e082bf3f56b933945912e4f", 0x60}, {&(0x7f0000000780)="cfa5b6caa051000b6658e70a64097629067136aca56312711d60390f85e41c6e8dc492826a1a6f32310c312b60a0613fc04bfcb06d7690db1f26d1d48876d3a0220f05835ffbc1500aa5b0b32ea23f22c7a1ab33cab43ef3a68dc819d329f8806a9866818011d39325fddc384377d6be1fcdea47ba4b889b377b9e1a2753ed1f7d38998c8f2bb84cb3307508b11dfd91c74691d9790536bf60a0480467bfb7c2d7e66f29d91fc6365182b5f4fc750b68c448d0bac0fe0c975d1793f54ee8fb8ce01a1aedc08229ca0b745130da3248914d07e43ea6fbc4e27cc1b00260ec20bfeea18c9ad1d83e204ff48613d825b341f8aa40d279", 0xf5}, {&(0x7f0000000480)="e773fe0a255acc1e8da9c757d5036ce218a5f562abee55dc50713532dd22b7", 0x1f}, {&(0x7f0000000880)="03a0075243533bb4c8e86b2dd2c7799bd9ae28db0aac016d8be3b088a057178fd54d8046d40db63ed3ff4f6950d8dd69fd6834e61866f29d03ab65ba3b51648dbfd2702178df7af65b54f0ca423dd88ac09b369606a870f8108b5dbc5a34c26b41f162e6b79be32c67dbbca07bdb82ce72a726f82fcd77a74baaaca55925284993e2b45fc0868f2d7b201b5e2b5a88eec96cde5a265196ce5e66e4d7fb47639d290e42ad5dfec9dbea28c087ed957a5ec4175ae5a6dca78d8d3e6b925e", 0xbd}], 0x8, 0xfe, 0xffffff5d, 0x13)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000013c0)={0x4, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x4, 0x31363553, [0x1, 0x8000000], [0x8200, 0x1], 0x13a}}})

12.896239332s ago: executing program 4 (id=1328):
r0 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000980)=0x3, 0x4)
syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x5885, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280))
syz_emit_ethernet(0x4a, &(0x7f0000000800)=ANY=[@ANYBLOB="aaaaaaaaffcdb814ecd86ab186dd608a37f200082c00fe8000000000000000000000000000bbfe803b1e9b61b77200000000000000200000000000aa0000000564268f982432ee6fb526cac0cefdc6ab7b9065038f9e6b7c6554da308c8f00f0e2a7efdd05a106760fcbd1d23131d4d07a471d8810d2bc8aa32b4bfd44fddf6ce009f79fa1d1b2d4b200457a300ff3975d8fa1b2419b2a7b54d289cd79da037d161c82bc8d0a67b8beb9e0747fa42294445cb366245709bbce1f9e8b97564918cb86201b7b204d92e9cf8284cb4edb09fa2e22bc50df54603afcecd876d6293b6c67c6905bd31c8486acd2dfb9d08a86a0ad79dcb501d4fdcccec8a5d46accb64d509b0074ba51acf203128b88fce5bd6e09992aa3e05cde1f2df361ae96671b9dce09d6ccd33aeabb689827972015d5dcbed4", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x200, 0x0, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})
socket$inet(0x2, 0x2, 0x1)
socket$inet(0x2, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
fallocate(r3, 0x40, 0x0, 0x6)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x2, 0x4, 0x4, 0x7f}}}}]}, 0x48}}, 0x44080)

11.517021095s ago: executing program 1 (id=1331):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
mkdir(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
listxattr(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d264f24003046af0003001020301090212"], 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_SCRNMAP(r0, 0x4b52, &(0x7f0000000000)=""/14)

11.188881206s ago: executing program 0 (id=1332):
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='coredump_filter\x00')
write$cgroup_pid(r0, &(0x7f0000000140), 0x12)
syz_emit_vhci(0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
getsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
chdir(0x0)
listen(0xffffffffffffffff, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040), &(0x7f0000000200)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r4, &(0x7f0000003a00)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x3, @private1, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000600)="11", 0x1}], 0x1}}], 0x1, 0x4c040)
getsockname$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000040))
r5 = socket$netlink(0x10, 0x3, 0x4)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x3})
writev(r5, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100000000000224e0000", 0x58}], 0x1)

10.666770415s ago: executing program 4 (id=1333):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x2}, 0x7a)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x100040000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f00000001c0)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f0000000000)='romfs\x00', 0x8000, 0x0)
r1 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000002c0), 0x12)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r3, 0x5, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0), &(0x7f0000000580)=ANY=[@ANYBLOB="500000000802110000010802110000000802110000000000000000000000000064000100000602020202010182ac9aa6734613185453dcb98d4a502025f9c01cb9096f77c87290395db84afe3800dfeeba7fc781d384d2c31dee0b02c89d7ecc2bfe300d9ff5e6a8931fa53a86931432e9d156e0748795728642c3f4ea0b976ffb4043f4c70fe7e8b8fcbda6938fd5d53c5121"], 0x2f)
syz_80211_inject_frame(0x0, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @random="53882256ec86", {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0), &(0x7f0000000280)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r5, 0x8b2a, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)

9.900681607s ago: executing program 3 (id=1334):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR}, 0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)

9.673345769s ago: executing program 0 (id=1335):
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8983, &(0x7f0000000040)={0x7, 'veth1_vlan\x00', {0xb}, 0x9})
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000080)=0x7ff, 0x4)
sendmmsg$inet(r0, &(0x7f0000002a40)=[{{0x0, 0x0, &(0x7f0000002900)=[{&(0x7f00000006c0)="fac28de83e90e9c3aee5dbe57493388f51e611ceb53a5c9866a207ace2b5957fe5ac95a01f7ceb22c6198cb55a91489a9c06457941f23b4a9982947c9f2bbe18232844eeab6796f3220606366b66adcdbdaa9d52c6bdc16d311e5da98997031d27dcad941eb670e53fcb75a7c4b9ba6a3027cbbaa9b9fa55ff178181b6d798bbcba0a9195802c8b4c0b6590bd04b22a0e8e7ab058ff877c48c419da077efcb78c2f9fd0359ac3222b9078ad5365c69da29e4c712ba014525d404f85d79d56895b834213eb185136ca623490955eb0a9d6a8447315a2377d1d474c43c228c42f9608d36bf207aae7096c63b9b873c1cb5dd9059914ff4ffa17a05126910e5033866f68a4bb1380d3367474c83564a2b1fbbf11231008bbf11bfa4b75a597b2018ca8c0f36378b62628d59a76c44b1414a7cd5b0a02ed90f9f4cfe10501edbaf114259652efa99a4319211eb0364f6b8224c1da83ae83fd55be72530949197603467e45deed2d2cfd6f74cd14b8d968555d554a623df2069f9b45856de29a5fd334c86c46a57e445db25188ebcb6289779c760ff8eef66afae0cf848c754b80a5fce558bd95963a4d79eaf71304529dea4b28d1a59f1bd069b2e057af846d557a34e48e72f63d0aa5a259647b7ee2f52518308f9f1cad379614a405953ab8c4afe5a48ace74fb163f729fc4949537d6f98c3adc8771d2b1b9014d2b35ebd7dbe24f39adbcace50a90192a5464fa79ddacff779012284a398ac91f4430f8bb902f736c712bc69b9198b7991b3acfd73a16fa7f44c7859b28e35a8ca5c0ac07f824572", 0x241}], 0x1}}], 0x1, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0)

9.395717228s ago: executing program 3 (id=1337):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0x9, 0x4, 0x70000, 0x6, {}, {0x3, 0xc, 0x6, 0x6, 0x34, 0x10, "3129d16b"}, 0x101, 0x2, {&(0x7f0000000440)=[{0x1, 0x8, {0x0}, 0x7fffffff}, {0x3, 0xfffff463, {0x0}, 0x3}]}, 0x2})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r2}, 0x8)
r3 = syz_open_procfs$userns(0x0, &(0x7f0000000040))
ioctl$NS_GET_OWNER_UID(r3, 0xb704, 0x0)
semget(0x3, 0x3, 0x40)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
write$sysctl(r5, &(0x7f0000000240)='5\x00', 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
getpgid(r1)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r6, 0x0, 0x48b, &(0x7f0000000200)={0x2, 'lo\x00'}, 0x18)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@remote, @in=@initdev}}, {{@in6=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000180)=0xe8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r8}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

9.197445857s ago: executing program 3 (id=1338):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000340)={'syztnl0\x00', &(0x7f0000000600)={'syztnl2\x00', 0x0, 0x8, 0x8000, 0x1, 0x4, {{0x51, 0x4, 0x2, 0x3f, 0x144, 0x64, 0x0, 0x7, 0x29, 0x0, @multicast1, @empty, {[@cipso={0x86, 0x20, 0x2, [{0xf9dadb97a47487ae, 0x8, "030f9daf4a78"}, {0x2, 0x2}, {0x0, 0x10, "99129479796ced1d91f4fc7fce50"}]}, @timestamp_addr={0x44, 0x14, 0x16, 0x1, 0x9, [{@multicast2, 0x3}, {@local, 0x4}]}, @ssrr={0x89, 0x13, 0x62, [@multicast1, @broadcast, @empty, @remote]}, @lsrr={0x83, 0x1f, 0xeb, [@dev={0xac, 0x14, 0x14, 0x35}, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x27}, @remote, @empty, @dev={0xac, 0x14, 0x14, 0x40}]}, @ssrr={0x89, 0xf, 0x9c, [@remote, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x54, 0xee, 0x1, 0xd, [{@loopback, 0x8}, {@remote, 0x5}, {@multicast2, 0x48}, {@multicast2}, {@rand_addr=0x64010101, 0x100}, {@broadcast}, {@remote, 0x101}, {@remote, 0xc}, {@broadcast, 0xf}, {@broadcast, 0xfffffffa}]}, @timestamp_addr={0x44, 0x34, 0x55, 0x1, 0x5, [{@multicast1, 0x7}, {@loopback, 0x200}, {@dev={0xac, 0x14, 0x14, 0xc}, 0x80000001}, {@rand_addr=0x64010101, 0x7}, {@broadcast, 0x6}, {@multicast1, 0xe1}]}, @cipso={0x86, 0x6, 0x1}, @lsrr={0x83, 0xb, 0x95, [@remote, @multicast1]}, @rr={0x7, 0x1f, 0x9f, [@local, @dev={0xac, 0x14, 0x14, 0x43}, @multicast2, @remote, @local, @empty, @rand_addr=0x64010101]}]}}}}})
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="f21d0a00", @ANYRES16=r2, @ANYBLOB="100028bd7000fcdbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x95b2f5ba96fdc4e3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
openat$vnet(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x0, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020000000000000000000000000000fe8000000000000000000000000000aa2234b2ddc9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa838a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a"], 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(0xffffffffffffffff, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x3, [0x2], [0x2000], [], [0x400000000000001]})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601})
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000001a00), 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
creat(0x0, 0x4)
mount$9p_rdma(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', &(0x7f0000000540), 0x200000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e22,sq=0x0000000000000001,rq=0x000000000000N026,\x00'])

7.406789444s ago: executing program 1 (id=1340):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r0)
sendmsg$NLBL_CALIPSO_C_ADD(r0, 0x0, 0x4040050)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000001f80)={&(0x7f0000001f40)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044054}, 0x4040)

7.338409927s ago: executing program 3 (id=1341):
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000100), 0x10141800, 0x3830c0)
io_uring_setup(0x4053, &(0x7f0000000040)={0x0, 0xd6f2, 0x0, 0x2, 0x1c5, 0x0, r0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x4, 0x6, @broadcast}, 0x14)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

7.163594583s ago: executing program 1 (id=1342):
r0 = socket$pppoe(0x18, 0x1, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x1000)=nil)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000300)={{0x2, 0x4e20, @loopback}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xd}}, 0x2, {0x2, 0x4e1f, @multicast1}, 'vxcan1\x00'})
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x4, &(0x7f0000000400)=""/4096, &(0x7f0000000000)=0x1000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}, @call={0x85, 0x0, 0x0, 0x50}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x3, 0x8, &(0x7f0000001400)=ANY=[@ANYRESHEX=r5, @ANYRES64, @ANYRESOCT=r5, @ANYRESDEC=0x0, @ANYBLOB="5cdb2ea4aa2d05d79ebd4b9cd491ec5dc831a4c9563dafc2fbc19ec71cef28b5ceebc6e0325b9a926c5f7d1a16e346b6b60e83c6340543e1b442967b232d738de4bea28dfd88c2549be89d8e10a50dde5f7b7e2e5b50b4eb4525f43014305ac5d50ba7afe9862c5c6016c89c7d9891feadb26c2f25bdaaea157188b2ce2024ac9fdca631476ca7a4407e01415b4febafab791824f2f31c0f43f27a06748cf2741f7ea86a8d0cdc2bd964951939f824c3c3cb6dc630935ddb27bb812694ee52a11ed7601c098e136dc912525ca84881", @ANYRESDEC=r0], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000500)={@ifindex, r6, 0x2f, 0x0, 0x0, @void, @value=r6}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000580)={@cgroup=r6, r7, 0x2f, 0x10, 0x4, @void, @value=r6}, 0x20)
recvmmsg(r1, &(0x7f00000021c0), 0x5b, 0x40, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000080)={{0xa, 0x4e24, 0x3e, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x6}, {0xa, 0x4e24, 0x3, @private1, 0xc7}, 0x0, {[0xa, 0xfffffffd, 0x4, 0x6, 0x0, 0x0, 0x6, 0x40]}}, 0x5c)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
brk(0x20ffc004)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000003c0))

6.405469706s ago: executing program 0 (id=1343):
r0 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000980)=0x3, 0x4)
syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x5885, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280))
syz_emit_ethernet(0x4a, &(0x7f0000000800)=ANY=[@ANYBLOB="aaaaaaaaffcdb814ecd86ab186dd608a37f200082c00fe8000000000000000000000000000bbfe803b1e9b61b77200000000000000200000000000aa0000000564268f982432ee6fb526cac0cefdc6ab7b9065038f9e6b7c6554da308c8f00f0e2a7efdd05a106760fcbd1d23131d4d07a471d8810d2bc8aa32b4bfd44fddf6ce009f79fa1d1b2d4b200457a300ff3975d8fa1b2419b2a7b54d289cd79da037d161c82bc8d0a67b8beb9e0747fa42294445cb366245709bbce1f9e8b97564918cb86201b7b204d92e9cf8284cb4edb09fa2e22bc50df54603afcecd876d6293b6c67c6905bd31c8486acd2dfb9d08a86a0ad79dcb501d4fdcccec8a5d46accb64d509b0074ba51acf203128b88fce5bd6e09992aa3e05cde1f2df361ae96671b9dce09d6ccd33aeabb689827972015d5dcbed4", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x200, 0x0, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})
socket$inet(0x2, 0x2, 0x1)
socket$inet(0x2, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
fallocate(r3, 0x40, 0x0, 0x6)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x2, 0x4, 0x4, 0x7f}}}}]}, 0x48}}, 0x44080)

6.037302905s ago: executing program 4 (id=1344):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x4, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}]}, 0x1c}}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r1=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbmon(&(0x7f0000000040), 0x2, 0x40)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYRESOCT=0x0, @ANYRESDEC=r1, @ANYRES32=r0], 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r3)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="08010000", @ANYRES16=r4, @ANYBLOB="0100000000000000000001000000080001000000000014000480050003000000000005000300000000000800020001000000d00008800c"], 0x108}}, 0x0)

5.670976655s ago: executing program 5 (id=1345):
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000100), 0x10141800, 0x3830c0)
io_uring_setup(0x4053, &(0x7f0000000040)={0x0, 0xd6f2, 0x0, 0x2, 0x1c5, 0x0, r0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x4, 0x6, @broadcast}, 0x14)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)

4.594696478s ago: executing program 0 (id=1346):
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='coredump_filter\x00')
write$cgroup_pid(r0, &(0x7f0000000140), 0x12)
syz_emit_vhci(0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
getsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
chdir(0x0)
listen(0xffffffffffffffff, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040), &(0x7f0000000200)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r4, &(0x7f0000003a00)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x3, @private1, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000600)="11", 0x1}], 0x1}}], 0x1, 0x4c040)
ioctl$SIOCX25SCUDMATCHLEN(r0, 0x89e7, &(0x7f0000000000)={0x22})
r5 = socket$netlink(0x10, 0x3, 0x4)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x3})
writev(r5, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100000000000224e0000", 0x58}], 0x1)

4.104171377s ago: executing program 5 (id=1347):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88))
msgctl$IPC_RMID(r1, 0x0)
futex(0x0, 0xb, 0x0, 0x0, &(0x7f0000000240), 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000180)=0x4, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
modify_ldt$write2(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r3, 0x4b66, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)
ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000340)={&(0x7f00000000c0)=[{0x5, 0x0, 0x0, 0x0}], 0x1})
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x7c5, 0x1, 0x3, 0x5, 0xa20, 0x5, 0xb, 0xc, 0x5, 0x80, 0xe72, 0xb0c, 0x9, 0x35, 0x27, {0x6fc, 0x8001}, 0x3, 0xed}})

3.381331306s ago: executing program 0 (id=1348):
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000100), 0x10141800, 0x3830c0)
io_uring_setup(0x4053, &(0x7f0000000040)={0x0, 0xd6f2, 0x0, 0x2, 0x1c5, 0x0, r0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x4, 0x6, @broadcast}, 0x14)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)

3.37908246s ago: executing program 4 (id=1349):
r0 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000980)=0x3, 0x4)
syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x5885, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280))
syz_emit_ethernet(0x4a, &(0x7f0000000800)=ANY=[@ANYBLOB="aaaaaaaaffcdb814ecd86ab186dd608a37f200082c00fe8000000000000000000000000000bbfe803b1e9b61b77200000000000000200000000000aa0000000564268f982432ee6fb526cac0cefdc6ab7b9065038f9e6b7c6554da308c8f00f0e2a7efdd05a106760fcbd1d23131d4d07a471d8810d2bc8aa32b4bfd44fddf6ce009f79fa1d1b2d4b200457a300ff3975d8fa1b2419b2a7b54d289cd79da037d161c82bc8d0a67b8beb9e0747fa42294445cb366245709bbce1f9e8b97564918cb86201b7b204d92e9cf8284cb4edb09fa2e22bc50df54603afcecd876d6293b6c67c6905bd31c8486acd2dfb9d08a86a0ad79dcb501d4fdcccec8a5d46accb64d509b0074ba51acf203128b88fce5bd6e09992aa3e05cde1f2df361ae96671b9dce09d6ccd33aeabb689827972015d5dcbed4", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x200, 0x0, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})
fsopen(&(0x7f0000000100)='ecryptfs\x00', 0x0)
r3 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
fallocate(r3, 0x40, 0x0, 0x6)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x2, 0x4, 0x4, 0x7f}}}}]}, 0x48}}, 0x44080)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000dc0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0x8}, {0xfff2, 0xa}, {0x0, 0xd}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}]}, 0x38}}, 0x4000)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000040)={'veth1\x00', {0x2, 0x4e23, @empty}})
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

3.37812483s ago: executing program 1 (id=1350):
io_uring_setup(0x30d8, &(0x7f00000001c0)={0x0, 0xd4b1, 0x1000, 0x4000002, 0x212})
socket$qrtr(0x2a, 0x2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x2, 0x0, 0x6, 0x6, 0x0, "7f1227f7adf97affe4ffff7d1800"})
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000180), 0x8800, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000600)=ANY=[@ANYBLOB="fcffffff"])
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
close(r1)
r2 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000280)={0x80000000, 0x0, &(0x7f0000000200)=[{}, {{}, {<r3=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_ENTITIES(r2, 0xc1007c01, &(0x7f00000003c0)={r3})
sched_setaffinity(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$revoke(0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)={0x114, 0x3f, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xf6, 0x1, 0x0, 0x1, [@generic="42d574501232c1f723060a8aeeb02667ca656bb060fe6de03592573667872542421bce1a6dce1799a7bbdf732c4dba4dc2caaa17b038d8e3c966eac066475d518436268a6d7febb34319a3edf066c28212924fc241e5824216e81d40e1e2a44ea9024475aa593b9043b982b06cd78f65b09f406ebc9e6a838fc00754d659a89cdfd46a05dbb63f779a4ea44db636c35141147b6c7c60a153e2a6c0e183cc1462ac716afaf3e461cb84260581f0d47b6d78b8da917b6fe6d6212d80a4b1fe8a6671743f5819e77ddf51e230601bf5f84d5490072194abf500053bdf13b48ee6573b24c7f1ff4d69fab080658cfab3f35f1dcf"]}, @nested={0x4, 0x2}]}, 0x114}}, 0x4c000)

3.347268737s ago: executing program 5 (id=1351):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
r0 = getpid() (rerun: 32)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 64)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (rerun: 64)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$udambuf(0xffffffffffffff9c, 0x0, 0x2) (async)
r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x4100) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}}, 0x0) (async)
ioctl(r4, 0x0, &(0x7f0000000500)="7c64549941623b5c80d4b86a66359445fb0f3a35a01b31786b3804df82b757ca47bac24879ef6b73f5f3420c289d2a6bb0de") (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (rerun: 32)
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r8, @ANYBLOB="22003300d0000000ffffffffffff080211000000a514a0ed377791dd7528a6c9150000000600cd00000000008317acab30c49105f007478303cee806e4"], 0x48}, 0x1, 0x0, 0x0, 0xc0}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r5, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000001700)={0x1610, r10, 0x4, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0x81, 0x3}}}}, [@NL80211_ATTR_FRAME={0x57c, 0x33, @mgmt_frame=@probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}, {0x3}, @device_b, @device_a, @initial, {0x2, 0x7}}, @void, @void, @void, @void, @val={0x72, 0x6}, [{0xdd, 0xb3, "aa5aa6495a0aec20cf210d25be7fea73e11fb1dd9ca3c588bc64147a0c149a28e39cb6837dfd9a41412e496469d68b263ba30457f5a717d1a9500746dd894b6c032f2cbe11d3e226222b58465b79a1c228910d644e88c0e091f83ed478009054e20cb397860d44b2aef49604aa5a47e509ceaf3a4935166517f54a5694e15be66f1dfd947019a1f855a001acab5cb3e87ab008cd6fde26b1247d964493535e6aebef5514f9c15e7587e5ac55406a4b15b8292e"}, {0xdd, 0xc0, "3159640f7003ef262ed743ebb538a8ce24ff094b2f760f4a240fbfcc09d9b02562b929c0dde35842f09bd998548c229e9031c006ade78e06044ea70c160606945ac82b99fe7ccf815030903a65c2531e7653c00cc1d57aaa429a7a17491aa3d11dcd23acdea6f094f4b227f61040f94859d0ec159bb2c90bd8de4b857003e8549c8ab36e80b2da50d3e70790a16b309b59ba9fa7138772dbc4db02097fba6839aa7dab56de15fb78514ed564f5fb9cc17a6e65d5235011cc6b12e06c7e4656d1"}, {0xdd, 0x93, "b8a8e289310644d11093318a441bd428a0940a262327a10ecdab25cfde41101c3f64cba4ae262db62e6c60963263ab84494957c82be0af61d33638f48e3c90bfc1898b93e05a25ac9ef276f7ac6cbe91a7da8e3ba60801006850871596b539938e5af140ca707bc3fb9bd31ecadfc894b7848064a962db0affcec30189bfe47580540967f80a2d563c6ca5f2ec38ef3a003603"}, {0xdd, 0xea, "d88b9c07d1eade03f56d6902e5cf47877fe5d2ed8b94328de87a16a3ef6134122e428aab1b609df9952ef7efdcd4c4c19fb8782f5ade5d9cfcc6780b6739d9343a967c33576868135bf8e1197d08781e6f36a952d9c454597a9eb87c9d95e5ec336e8641919f614a36d37a4f3065abf54eae96f0fc44f112dd72701c12b9145842e8d66889d9a215c52430e6729371902ad03b8bbdf9b205633c7486c04545704fbfc492bbe85713f5a3c21ec2585880c2bc146abc463941eb8455c533e5dac663f45bd93cab0d1283b4dbfe6f6f978d781efefdc1a0b78f0ada943b054df4b2eb2ccbc90ab2447c0346"}, {0xdd, 0xda, "d4c2144dca6013c7855ffe46c921d59573b20ec3578568964e24469cfeaa032529f37e98c340d5afa00fdd0c419cdf122ff356464ceeab9db0f7ecb7a957f9fb3151cfecc79616cebaf1cfba9cdbde7ee3d81369accf7f35ef3925c795c4f4dae98909c475fc3e8675dfbcd468b9b794274b1398867fc3f6abe2227d267d5f6c32899813297ec63adaf831364c6e2d193c3e8a40d41e9ad950e17bc64bf323f7628cfb60d289419824325cb56c38b7584d584c933350f5f3f6a330b1ba1b8a8138979345b3b4bf2e7c63c678cac7122f8fc36a612f3a5bc18ee2"}, {0xdd, 0xab, "2d384f65ec1e9774878d6381c6e13a2448e6249297389b45ca23cda0e2c7ab4a3f60dfb474216819992c603d16ef004d8f82c444b471752100990856c2efbe0852ac6876cdd8ba6149fb5f43bae2d744d9393ecb31f47e0114c7ea465549719a9b8d20dda06f1a42e7c2c96890bf806e2ed85da5942cdaeb9559175779d5443af1e44677ee0569a51974712128285fc7ccc7b9823d6295617ccd296478d5293e6b9f86dbafcaf86b740a58"}, {0xdd, 0xd5, "9c93ca6cc0a044b8da9ed59a27d8d48e602e3b4b01defddd43b803797936eddd413f575a5cd096c692dc05e0aa01388e549686b5c0d06cc8823c862aba48501dce6a36b81f6724ca01ccf4465f90c69999f31af778db841218f820379fb2a0bfefd9c03ff163bd2e066edc106706968b066b0abb799523c209d6d1871c80a5460420d0ffa62424c3e02dac5415b7510b93c26b52da1cc4762e8a8cbde04197ad7314ce8692433c31cd163a86a66d563e96b34249a9d658aa137cfed668a1d5602405d5a1db158f8b9be60cf2750ee49305ab6a46ac"}]}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_FRAME={0x98, 0x33, @ctrl_frame=@ba={{}, {0x2}, @device_b, @device_a, @basic={{0x0, 0x0, 0x0, 0x0, 0x3}, {0x4, 0x1}, "16c61d7dcf7932f516e71611bb4f15f074f48dc69d1270307f70b4a35418a78e2a3b0dba2ed9f1668a13373868b25cb47306343243e6da5b3b8e1b8c5689be0cf60d4d1adc0be3054f01007cd59c6acd444cc9a3eaa9ff38f480932f2058c2fde508203333b665c5e63793f988812e660be3fcb7a17d5f1d0090af753599624c"}}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_FRAME={0x6c8, 0x33, @data_frame={@msdu=@type00={{0x0, 0x2, 0x4, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x3cd4}, @device_a, @device_a, @from_mac, {0x8, 0x98}, "", @void, @value=@ver_80211n={0x0, 0x3c8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}}, @random="dda0cb764a6981aa6366b5554f37f8a535126c308bfde4e1952e2e8a60912f03f8d407b3a06615c8f01279fd25d14013a6ea6ef37d783f0901430abd22a180d73b9d2072c382b320b2543e5b6fe84c38feaadf7a4b0f965ea2ccea6b313f4a1b14caccfbceedecc91b2053311cde5b0ca387a95a91dbbb7c3fcdedb481486fbcb75c45f1ce5fe84a61acd4f58cd6dc70c30c58a50e6707610eb889432f61d9d6ca1aba07f5e6222b215321123194a87ee9b10c30755e6fa6633d59873844f2fa06705a776d28b6e27ef3e333749a64f27c83860dcede7fc037d7cab95d09b9376bda4c6b971117bdf1524d7665b0a01ec5a08500ec82afd910e03e80a9ac684282650ba49ef954fc6d9a13fcff0217cbc164bd4c1b906ea17b630dd97a121825518a2724819791a74ce7094b4fd6bfba8fb5b5494b4dda299776a4bc39579e574e2c90db4abc0ff24c4aece015ccb4fdd61106c24824a6b9f6532f54eafb843344f11fed5edf1542c9e8780a261336851b71a843528e8c52d9a2784cb7ce3a491a534b3fc25503c64731be9ab5576f45f2e3ca7e345475af68df7c4d2881ecc486d5c7a8bbffdcfbeed4569cb45fe04a8b6d6fd3af83115e38db82fa03971ebbb5221abf8c2ad276da95803f61937f811692c6e3357a1fc43098d0ee177aea66f2f95923779c23cb89dac273b895fd39ca9afba42d95f71fdd258504db2a96d8b1bf28062e538e92d6c882bbe0c7adf8f2f89aa507eaf1931ed0a3e5deb5f8719785e37dfc72918d4bce9b4b91e589ad122c5b9fa24b6eec7de7c8a7d2747c289fdd0177084b9e7b76b462231d0efcf3fbec33fd2adb1eee8bb3262dee0abc919da287502cc9ce0a20aba97f8be3a0ba45b121abeb43c0ab70f773d99b56172e5a222549a967577c6452a09e1ef7e1e0338947c8b7025f040a51eee03b352faae213568e01e8742703a73aeb3675baeb6e664f13b8515e7ec8d94087dbfe7bf41458693ec19b4c2d7e8b0d9fd85ea4c2435f7cab9b48a71143c84a0288d15037dd5b8495431ec48071048e5cc4f4eaad724a9e688a7ffe3183131ef1d4926cc75485a2f08b4fc01873fe37b79884a87f89beef9d659ef9f1cf2f4fbaffd2c2b4694c6f08cdbdcd70860204188043a775f51e93b15c7b32c9651587f8544a1cf5885e97f3b0b9095f3fcb5d2e58739342c825ddeef9b725af5bb4350cd086507f590791d2f67fd78c899eaf253006d57ef65aeea3e19a6a4a6d2d842491a308f1446dd5a3427deb0d937943c2b05b10a6e4106c70978390eef3090ed9f5bc4e2f0cc4649185c7f5ab4ef73204adef3305bbe8d69eb2a8a16a7b33fb25e7bba8ffdc8e54aef3ce93276740e3669b12849666bd9bbbcc4ded25d0f6d8c46d13a8be158e9e3f019e0fef430262005af716431ba8dab8e9b8cd2d60ed52b6deb1b870833af35a67677aed06d9afd350b5dcf835c45852749dadf8f4f5f93a4eb6405ea2a37e7cc83714d387506fb14e7f53d8473030a582ed82fd0956f01b926aa9996e4e410a4d7f46bca32789408e5284e7908303c588a8d9e684c5cf3959ef4b4402f02c0b418749fc77dd7015d47d7f4277f4ac98bce812f65c2c848eda29786c04d9d8ea157328b618097916091b501b1e9f0c77efb06a68f45b2115372c83b083e68775bc35fe07a3552c2ce7f2b04a1b40c28f6ca3b6815e7424210e6a81d0a74339036881b3c21625b286098775eeb0fe3940f2b379031fdb197fbcb241dfb98b07442224ca52787094f6bc4ef3dc475d57564260a2194031e29e3689a2f8577137dca05ee0d1d59bd9882c999d27d7d24eababc5e543c647618ad2ccaaf1509e0219eec0ca2c840295d298f37884be1f4e19c56f49589bd152f8839eb73034cbc573c3476df30197b3b5107c181ce40db6cc8a4cb1cacfc2195ed3fb1ad86c32748e1548c04ce5bb7c67bd026ed403f18e91aa3b79192cc79870e79632e98ee6fc7a56895998f8604405d2819e6d8a978b3565483c8dcca002cd602610d97ab592bd30f910a933528a7a88ca6f4cd560d4812ce2e55abbd862fcb238710951ad13b90e432f40200e995527e4e8772b95e61b9ed2cc21ef9b49442a1279b95b85a27cbdddc10c7d629dc9dbcd5925ef25fc9ec8b313bd5b864a89b30a7d00a0acefdc1e370bf1107336908d698e5de12e10e98542c95c05d0c1c044d4987ab52b8141793eed4d83aaaefd9c566210afeb59cf66dce69b225cc602e541b18e135c5e50b8d45e8c5afed2acf099e2d2d90f84af2b9175cee1534e9267c8ed9c57d7671e330539b7a37f956a13aff34f9dc485e92bc340b542dff6ca1dfe611178816e56c9bf0f00699b79e6ef3a6f7919be8c7e67d88762efe87cd6707c1b0cbccca1d9b4ac05e0"}}, @NL80211_ATTR_FRAME={0x903, 0x33, @data_frame={@msdu=@type10={{0x0, 0x2, 0xd, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x40}, @from_mac=@device_b, @device_a, @device_a, {0xd}, "", @value={0x9, 0x1, 0x1, 0x0, 0x2}}, @random="bea70d2a7332f2b55db57260bb0836de2941241607f6aa8159fc91af130daa28e8dc7ab6affdbd34a19a2c0ed6771920e153b54d5d4bb6a2762a31070882866338983b11b4cec4fa155881ce435d4d1178d4622fc94feef19857a70bd17bdf3136bc869a3fd3b0e4113c6cc72ab29b667b7afbcfbd19c2f7907b782db65d41e47595969804152f24a8881ff8ed3977eda0f01643a07ba233b51a0a1174e8d2994bc4eabf4371136ee4dfe2ff42965cba2f958b55fc324719f388b5e27dabb9f231061ec6fabf87015e9c305dc3101c0a05d979116346ed8d14f23ba0f22b35c50821960817d2ae868f10414978c7b6d7e6c4194f34097c7eb3729f99901b2f3e80e40f4c4245eb94ab11d0bb2be47532028f47743eb3857229bb74d50b2632b485c9000db6f4dcc67bf4ca7e6ce3ad59dc3bc1b9fc87421f434d6d519c20aa905da4b9686fb0d472fcf8c4ed790835378c6b71b995cc7b702ad9ea87be4ba4d01446bc6913e97130e4533229e61062bf66074e0eda5a5b35ef7fe1b4c50a4c8982ca2ad523bb2f06584a2347ca71cb98334393c09c2b65391549f84674b4d90d78654b9bef26f4a1909b43764426906037260ef10b826b90941de69c4acb93f5e373993d60ca4f40962bef98685e1e4b46bf141e9054fdb97bc68504c4ac97bc5e3a2f2a34dccde07e1a3295ef679ab0ba6ae1b910e66a23242c893b9e680a06fd146752fb2e91d99e623813e6a783e1331e7bef12b585ffa3200de6ddc4b5507d408b0fd5bcf54b1a8f3236f0ba2f2e78870bbe97be275d5582563bbb8bc5fc3bf4d7745ed8cc2d2e15e59a7141b283db1ad0aed654034e90aa011e93347af4df9a95e4ec8781d9259c3aa68ff529ce12395dc360bd6bcb2c7503453791384b9ce0bdfd0b988ffccf1b8eb72bde2a2edc38178820d95ea5308a522cca50d503306f55478f61257a9196173ca3c1c551e1db9415ebdd178cf837a714f12458c71cbec04ec5bc677ccd01e4114fe6310e6fdf42565622c2dfbb0f59a5f5a94293e1dd581834bf78a5429abe733d3c9a37ad757ecfa6d71083fa882ca67ec201e675a52a252a24544e03062bccd2fb23399c896a6484434784615344b6bfa099b5e851e575ae9ab7e39cd47ed1f6f9cebb2af651ef56c3490a3e56302461267f374f0e8f23914645b66e97cbce027262abc155440c7edb5780a0cdaf75b6a17f3268ea6713f4c2e9af5f60662c0209677d83260ed39871f9ab94997245ccc1aaae97134714b83c84e6bff7f47029e4eb15875e9aba844eb7d34a3c6d2ad8d66f88d296a08639f54b5a9ef477cb350088616ea228ea130ad150547c1dd6884891da989e45a8ff5c0efce02b608e2554e4bece6acc9ba921f156fcafb5aa1b9b6fb4d89ab4661186291b2adf562317c04276d7749df54499f88dee3be132281649129cf9116df69a78a01f3efe70cd0e22380c839635a795b4e96beaa3769765f106ad35c6ca2fd383deb051ecad15ddece074fc7075c9ac5332a922d8437e8eb62cf55a2186cc24a3c82470eb1f8cfcd639a231c7a009fc6a69e3f7d26a370c7960c029a73f3a0fb4f5e2d9e1961c3982b251e3d97ac979c18dd06d4644f0b85ae5bd0f36e4908ebd133ac6d063fffcef2336a3d1ded3df99d9691532b0fbefe1270a5ed3f893517ce5e82fd7de6b8a594aa2a34477db3c44db059f130b00aff467fc0487157194e3f6ed8e22adcbb117a314f561a5666a283a72e371971f5e9f809f8c68d833381ec0728a66e18946c94cedf023d53f702c59a57c0c2174ecc472e52cbb2d566a148a24057785f4ee682bee310efc4b0d2771d7c652f09525d53ff7ccd25cf10f1281ea50fbf35cc97360e5f08b1dedf1b33fed0af6e1565870cdbecc15a435425196cd6796167f18c564a27429c75ddca79e5050176ae18de24bdfcc56f2c45e4b6d700ec3a4665a4615e92a8d2c82829316492790a036b6ee6b0436598814805c5e624e3e3d3ebf7385db0fff8ca7da98fb696beb32897e333f32c6c663241895077134e434235d9aa37c4e6a51d4ead21db398a48d80ebbcc2350ab73839c5eba33c6ccc1515672d788e0bd71f876b40789060d3ef6f7660afb65b091ae2eb50e73167539a7c0b7326df3947ed27ea0b68fddfb53fb7f8ce9ce28d765dca8acbca4e1d474121fc4e33150e17cf3727ba680642dc00cd86c800c933da0e595a0a079c3855784579e4a4aac3687b7de3650f30a0fa168fcc7d4cfb99569da4160cdd1f442e0da298cf47425bc2593e2ecf40d1ae9abf2dc92b625db3e21f62d67cc6dc4fc1e47804c6efcf7602fe877948b65714855b095760f34ab0f5bd000660446735d4a57d2396636775ac223467b306813b91bdccf5ec69dffd95cbb04ba2bc6c558a772e60b8d570fa66d0608f8278ff439f1c409cbe5bcc248da56088e0b5f6952ec1c7039d0da50e8480b2fb52bb1182b1bdce6f4cea88c4ef68ad447e7b3f60c3d3eb5f9996528839ddf97bc5b9fd63174e895e327e85b232da3fa4d0f497d4be21c9114271402705529a0e66d06a612947f116644a379c2389641b1ea7f728efa7b1e52addf62bd9407881947cea0dd075d6e4f98330129c9bb39ba3d79a9782835c59186a3c1e6e950dd070b2592b65a2fa660bb474fe8918c352b8f44649338fad96f419946caf2e2d8947548d2f3f560a4e44bdbba1d2f30d9afb33075207e1247db846e3d6cee3aeb3454d4e5e172bfeeef055307d19e16486fd806e175111d591598edd09c4f3a758eaf30d83bf6c0411ac97a2c7ec2b2eabfcf387c3e8057687b1a7865a501027f49f29dc86356578b66ea244fe9798010f5ab50a50c0ef7d41f428fa875096424540e8e62a934d511e9ecb5c19ec5ef58f8336eee2983aac2401aeccf00306c511c1848c3c623e0c86d3777bf8603f1886b2a23d37773eaf1e8ef3550fbcaaf4a493ae08ca185e1e1194e1380045bb2bc969c6e43ea84d80490bd9bc7700c486be03a1b74fd7397b2bf5faf8b37b3920d89bbfcfa16d869f499a21c28bcdc0407ebbbf36224901157697bd4d6e7a08883890e48ce2a784cfeef3ee81241c4fd772a92cd3026996ada2c9b3df3a7372fabb9164917c6cbac3cd3633b1f2d7580f34c6cf2f09d67fda00f4b642c02926ca231ec642cf683871ca007c0da4c573a4776254070d1ef25dd77afc587c175016"}}]}, 0x1610}, 0x1, 0x0, 0x0, 0x20000080}, 0x8001) (async)
r12 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x2)
ftruncate(r12, 0xfbff) (async)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f00000003c0)={r3, 0x0, 0x92, 0x0, &(0x7f00000002c0)="c3bb78248d4dbba149356a94ddcb853ac759b7af707a400e1ccaf2bf6906655d284ca7eab0ad99053a1b998ead335a488fbedd6509e0154316a06e6f4605ef068ed0956930ceda83467011b40c955154fabec77e7ec2d74c8b49256feeed58ac2ab01432507b6aeb446b02f2365e822557fe9e5bbeef15619aab3971f14c19d7a14057db30eab2365c1cf72db46c090a7c69", 0x0, 0xffffffff, 0x0, 0x12, 0x0, &(0x7f0000000600)="ff9ed41f8e28d81df9ecd3d8142b4d5fb27f", 0x0, 0x2, 0x0, 0xfffffffa}, 0x50) (async)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000280)={r12, 0x0, 0x1000, 0x100000000})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf20000000000000160005003f1b48013d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006702000003000000360600000ee600f0bf052000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000d60500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820d236dcb695dbfd737cbf5fe70305863ee7df34d09187401b88840a6ea447fddf99ee1b4eb0d953fe164361baa8cf9cbb6e574fcefd2904275009f1a070277cc69f958bc55b84ab867972fe48936c32b2a78d9eda49074b3ffa7c263806ba4b88fc98284403b10bcd1df87d3866e285e17291548e0d00c9593d327967e9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r13 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r13, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x0, 0x41, &(0x7f0000000980)='$', 0x1, 0x0, 0xfffffffe, 0x1, 0x5, 0x71a8, 0x0})

3.288004001s ago: executing program 3 (id=1352):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r0)
sendmsg$NLBL_CALIPSO_C_ADD(r0, 0x0, 0x4040050)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000001f80)={&(0x7f0000001f40)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044054}, 0x4040)

2.235431101s ago: executing program 3 (id=1353):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x110, r0, 0x94c16000)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
r1 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FBIO_WAITFORVSYNC(r1, 0x4605, 0x20000000)
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80880)
r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r3)
socket$packet(0x11, 0x3, 0x300)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x8000003d)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
pipe2$watch_queue(0x0, 0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000100), 0xffffffffffffff5a, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffbfffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000180)={@mcast2, 0x26})
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x5)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0xa)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x9, 0xf, &(0x7f0000000040)=@ringbuf={{}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x8000003d)
openat$cgroup_ro(r6, &(0x7f0000000140)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x9, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r7, 0xffffffffffffffff, &(0x7f00000000c0)=0x58, 0x9)

1.524361989s ago: executing program 1 (id=1354):
r0 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000980)=0x3, 0x4)
syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x5885, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280))
syz_emit_ethernet(0x4a, &(0x7f0000000800)=ANY=[@ANYBLOB="aaaaaaaaffcdb814ecd86ab186dd608a37f200082c00fe8000000000000000000000000000bbfe803b1e9b61b77200000000000000200000000000aa0000000564268f982432ee6fb526cac0cefdc6ab7b9065038f9e6b7c6554da308c8f00f0e2a7efdd05a106760fcbd1d23131d4d07a471d8810d2bc8aa32b4bfd44fddf6ce009f79fa1d1b2d4b200457a300ff3975d8fa1b2419b2a7b54d289cd79da037d161c82bc8d0a67b8beb9e0747fa42294445cb366245709bbce1f9e8b97564918cb86201b7b204d92e9cf8284cb4edb09fa2e22bc50df54603afcecd876d6293b6c67c6905bd31c8486acd2dfb9d08a86a0ad79dcb501d4fdcccec8a5d46accb64d509b0074ba51acf203128b88fce5bd6e09992aa3e05cde1f2df361ae96671b9dce09d6ccd33aeabb689827972015d5dcbed4", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x200, 0x0, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})
fsopen(&(0x7f0000000100)='ecryptfs\x00', 0x0)
socket$inet(0x2, 0x2, 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
fallocate(0xffffffffffffffff, 0x40, 0x0, 0x6)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x2, 0x4, 0x4, 0x7f}}}}]}, 0x48}}, 0x44080)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000dc0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0x8}, {0xfff2, 0xa}, {0x0, 0xd}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}]}, 0x38}}, 0x4000)
ioctl$sock_inet_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000040)={'veth1\x00', {0x2, 0x4e23, @empty}})
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

1.496092613s ago: executing program 5 (id=1355):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r0, &(0x7f0000003a00)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x3, @private1, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000600)="11", 0x1}], 0x1}}], 0x1, 0x4c040)

1.495187244s ago: executing program 4 (id=1356):
r0 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000980)=0x3, 0x4)
syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x5885, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280))
syz_emit_ethernet(0x4a, &(0x7f0000000800)=ANY=[@ANYBLOB="aaaaaaaaffcdb814ecd86ab186dd608a37f200082c00fe8000000000000000000000000000bbfe803b1e9b61b77200000000000000200000000000aa0000000564268f982432ee6fb526cac0cefdc6ab7b9065038f9e6b7c6554da308c8f00f0e2a7efdd05a106760fcbd1d23131d4d07a471d8810d2bc8aa32b4bfd44fddf6ce009f79fa1d1b2d4b200457a300ff3975d8fa1b2419b2a7b54d289cd79da037d161c82bc8d0a67b8beb9e0747fa42294445cb366245709bbce1f9e8b97564918cb86201b7b204d92e9cf8284cb4edb09fa2e22bc50df54603afcecd876d6293b6c67c6905bd31c8486acd2dfb9d08a86a0ad79dcb501d4fdcccec8a5d46accb64d509b0074ba51acf203128b88fce5bd6e09992aa3e05cde1f2df361ae96671b9dce09d6ccd33aeabb689827972015d5dcbed4", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x200, 0x0, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})
socket$inet(0x2, 0x2, 0x1)
socket$inet(0x2, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
fallocate(r3, 0x40, 0x0, 0x6)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x2, 0x4, 0x4, 0x7f}}}}]}, 0x48}}, 0x44080)

1.250140505s ago: executing program 5 (id=1357):
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='coredump_filter\x00')
write$cgroup_pid(r0, &(0x7f0000000140), 0x12)
syz_emit_vhci(0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
getsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
chdir(0x0)
listen(0xffffffffffffffff, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040), &(0x7f0000000200)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)

102.22207ms ago: executing program 5 (id=1358):
io_uring_setup(0x30d7, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405668, &(0x7f0000000100)={0x0, 0x1, 0x2})
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x8ce5d, 0x80, 0x0, 0x9}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0xea60})
pwritev2(0xffffffffffffffff, &(0x7f0000000940)=[{&(0x7f0000000380)="d5934a6130a4bd1fd24c99d35b3e1a7e7175d578bda407126b04d191ad6bf2cd975ffc8fe478f8e6972d12644facab1db026c7d3874ae7b9372fd1de7debba56718f61552b5210feaaaf15a2f3f2f592f6e8ab02e61b8a389c8086d7a3d4851af5efd3e93e916ec7cf462ead594ceaa03adc38d31dcb3592752318adce9425fd0e8068fe8baa041e8d03ff928a081a1895497cafec9c1d880d37db892f18f382d448f3bb197acf8888bf577fdf1c083a79d6ec4ebcd64f08d0abc7b951e7a5ef6e7c517e53d871cab69173a4324aafd09a9bf72e764f145f", 0xd8}, {&(0x7f0000000500)="bef57edabde9954f71ef3cd422b6ebb7ff179d8d3d6099b239548aeea4914ca9fd4ce5972d690af9506c8a396a1a24747461e02d4e89f2f286aa2a078108cf36166c3d5a5073577841", 0x49}, {&(0x7f0000000680)="a8b63b70494fa90f7776856bb0d07d9fc5965aa28f7c1281657edd57abb9fdee39dc11ad56b1be876eb4077d79741955269093e0c6502e1e86e8e45dc81c55e633ac767d88029efbd9480249d6975f5ea193527af3a6e25a3f9014821922bdf2d6a0572fb9a9bcff8efee4e433d31dc3ddafef8e7825dc3b48602e45441529a33fc4250d99f175e53053e796f6080bd0dce05729131020152e6cdc96636cacada389fe65358e41e52624c98e2824daf36699d4f777f7bafddc812c4ba6594db1e7f26117a25705c6ee88e201ac846497bee01aac72237ed2dc43274bdbcef5c01b7ed78891604650e34fcab18e", 0xed}, {&(0x7f00000000c0)="4572caf78f70f59bb68a86", 0xb}, {&(0x7f0000000580)="aca0b2ff11c542234fadc8c722061113d9d6f5621ad522f4eb6a72c117db5043a400015de6f2c063977871c86096d5b3b6a4c92c1738f0aaf0965c01ff69ad1d3138287329663c046aac90fbbd5c1b6d236752387e082bf3f56b933945912e4f", 0x60}, {&(0x7f0000000780)="cfa5b6caa051000b6658e70a64097629067136aca56312711d60390f85e41c6e8dc492826a1a6f32310c312b60a0613fc04bfcb06d7690db1f26d1d48876d3a0220f05835ffbc1500aa5b0b32ea23f22c7a1ab33cab43ef3a68dc819d329f8806a9866818011d39325fddc384377d6be1fcdea47ba4b889b377b9e1a2753ed1f7d38998c8f2bb84cb3307508b11dfd91c74691d9790536bf60a0480467bfb7c2d7e66f29d91fc6365182b5f4fc750b68c448d0bac0fe0c975d1793f54ee8fb8ce01a1aedc08229ca0b745130da3248914d07e43ea6fbc4e27cc1b00260ec20bfeea18c9ad1d83e204ff48613d825b341f8aa40d279", 0xf5}, {&(0x7f0000000480)="e773fe0a255acc1e8da9c757d5036ce218a5f562abee55dc50713532dd22b7", 0x1f}, {&(0x7f0000000880)="03a0075243533bb4c8e86b2dd2c7799bd9ae28db0aac016d8be3b088a057178fd54d8046d40db63ed3ff4f6950d8dd69fd6834e61866f29d03ab65ba3b51648dbfd2702178df7af65b54f0ca423dd88ac09b369606a870f8108b5dbc5a34c26b41f162e6b79be32c67dbbca07bdb82ce72a726f82fcd77a74baaaca55925284993e2b45fc0868f2d7b201b5e2b5a88eec96cde5a265196ce5e66e4d7fb47639d290e42ad5dfec9dbea28c087ed957a5ec4175ae5a6dca78d8d3e6b925e", 0xbd}], 0x8, 0xfe, 0xffffff5d, 0x13)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000013c0)={0x4, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x4, 0x31363553, [0x1, 0x8000000], [0x8200, 0x1], 0x13a}}})

5.986516ms ago: executing program 4 (id=1359):
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='coredump_filter\x00')
write$cgroup_pid(r0, &(0x7f0000000140), 0x12)
syz_emit_vhci(0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
getsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
chdir(0x0)
listen(0xffffffffffffffff, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040), &(0x7f0000000200)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r4, &(0x7f0000003a00)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x3, @private1, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000600)="11", 0x1}], 0x1}}], 0x1, 0x4c040)
ioctl$SIOCX25SCUDMATCHLEN(r0, 0x89e7, &(0x7f0000000000)={0x22})
r5 = socket$netlink(0x10, 0x3, 0x4)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x3})
writev(r5, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100000000000224e0000", 0x58}], 0x1)

0s ago: executing program 1 (id=1360):
syz_emit_ethernet(0x26, &(0x7f0000000100)={@local, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @private=0xa010101, @remote}, "68ef365c"}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc0002, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket(0x10, 0x80801, 0x9b3)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x140, 0x5c, 0x160, 0x140, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev, [], [], 'veth0_to_batadv\x00', 'wg1\x00', {}, {0x222cecdb0fb5a62a}, 0x3a}, 0x5002, 0xf8, 0x140, 0x52020000, {0x0, 0x6802000000000000}, [@common=@icmp6={{0x28}, {0x0, "d176"}}, @common=@unspec=@state={{0x28}, {0xfffffffd}}]}, @unspec=@CT0={0x48}}, {{@ipv6={@local, @private2, [], [0xff], 'veth1_to_hsr\x00', 'dummy0\x00', {}, {}, 0x88}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)

kernel console output (not intermixed with test programs):

5 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.176100][ T5915] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  364.176117][   T29] audit: type=1326 audit(1736518231.619:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.176151][   T29] audit: type=1326 audit(1736518231.628:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.186263][ T5915] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  364.242277][ T5915] usb 5-1: config 1 has no interface number 0
[  364.248582][ T5915] usb 5-1: config 1 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.283005][ T5915] usb 5-1: config 1 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  364.307352][ T5915] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  364.319395][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.352908][    T9] usb 2-1: USB disconnect, device number 19
[  364.389937][   T29] audit: type=1326 audit(1736518231.628:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.414209][   T29] audit: type=1326 audit(1736518231.628:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.432005][ T5915] usb 5-1: Product: syz
[  364.445780][ T5915] usb 5-1: Manufacturer: syz
[  364.450408][ T5915] usb 5-1: SerialNumber: syz
[  364.452820][   T29] audit: type=1326 audit(1736518231.628:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.601258][   T29] audit: type=1326 audit(1736518231.637:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.658497][ T5915] cdc_wdm 5-1:1.128: skipping garbage
[  364.664852][ T5915] cdc_wdm 5-1:1.128: cdc-wdm0: USB WDM device
[  364.677328][ T5915] cdc_wdm 5-1:1.128: Unknown control protocol
[  364.723023][   T29] audit: type=1326 audit(1736518231.637:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9114 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  364.837996][   T29] audit: type=1400 audit(1736518232.573:606): avc:  denied  { read } for  pid=9128 comm="syz.0.828" name="usbmon4" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  365.183199][   T29] audit: type=1400 audit(1736518232.573:607): avc:  denied  { open } for  pid=9128 comm="syz.0.828" path="/dev/usbmon4" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  365.612906][ T9142] netlink: 'syz.2.831': attribute type 1 has an invalid length.
[  365.634307][ T9142] nvme_fabrics: unknown parameter or missing value ' ' in ctrl creation request
[  366.591527][ T5817] usb 5-1: USB disconnect, device number 24
[  367.030651][ T9159] Invalid ELF header magic: != ELF
[  367.078593][ T9159] ntfs3(nullb0): Primary boot signature is not NTFS.
[  367.085473][ T9159] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  367.584944][ T9157] FAULT_INJECTION: forcing a failure.
[  367.584944][ T9157] name fail_futex, interval 1, probability 0, space 0, times 1
[  367.743940][ T9157] CPU: 1 UID: 0 PID: 9157 Comm: syz.2.833 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  367.754582][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  367.764658][ T9157] Call Trace:
[  367.767946][ T9157]  <TASK>
[  367.770877][ T9157]  dump_stack_lvl+0x16c/0x1f0
[  367.775555][ T9157]  should_fail_ex+0x497/0x5b0
[  367.780247][ T9157]  get_futex_key+0x4a3/0x1000
[  367.784915][ T9157]  ? __pfx___schedule+0x10/0x10
[  367.789750][ T9157]  ? __pfx_get_futex_key+0x10/0x10
[  367.794877][ T9157]  futex_wake+0xe8/0x4e0
[  367.799122][ T9157]  ? lockdep_hardirqs_on+0x7c/0x110
[  367.804303][ T9157]  ? __pfx_futex_wake+0x10/0x10
[  367.809138][ T9157]  ? do_futex+0xdb/0x350
[  367.813371][ T9157]  ? do_futex+0x2f8/0x350
[  367.817722][ T9157]  do_futex+0x1e5/0x350
[  367.821871][ T9157]  ? __pfx_do_futex+0x10/0x10
[  367.826537][ T9157]  ? __might_fault+0xe3/0x190
[  367.831203][ T9157]  ? __might_fault+0xe3/0x190
[  367.835870][ T9157]  mm_release+0x24e/0x300
[  367.840185][ T9157]  do_exit+0x886/0x2d70
[  367.844344][ T9157]  ? lockdep_hardirqs_on+0x7c/0x110
[  367.849548][ T9157]  ? __pfx_do_exit+0x10/0x10
[  367.854129][ T9157]  ? preempt_schedule_common+0x44/0xc0
[  367.859576][ T9157]  do_group_exit+0xd3/0x2a0
[  367.864077][ T9157]  get_signal+0x24ed/0x26c0
[  367.868597][ T9157]  ? __pfx_get_signal+0x10/0x10
[  367.873442][ T9157]  arch_do_signal_or_restart+0x90/0x7e0
[  367.878990][ T9157]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  367.885175][ T9157]  syscall_exit_to_user_mode+0x150/0x2a0
[  367.890830][ T9157]  do_syscall_64+0xda/0x250
[  367.895357][ T9157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.901270][ T9157] RIP: 0033:0x7f4986185d29
[  367.905708][ T9157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.925324][ T9157] RSP: 002b:00007f4986f64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  367.933738][ T9157] RAX: 0000000000000000 RBX: 00007f4986376160 RCX: 00007f4986185d29
[  367.941692][ T9157] RDX: 0000000000000700 RSI: 0000000020000580 RDI: 0000000000000003
[  367.949641][ T9157] RBP: 00007f4986f64090 R08: 0000000000000000 R09: 0000000000000000
[  367.957594][ T9157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.965562][ T9157] R13: 0000000000000001 R14: 00007f4986376160 R15: 00007fff7ba622a8
[  367.973523][ T9157]  </TASK>
[  368.508630][ T9169] Invalid ELF header magic: != ELF
[  368.515339][ T9169] ntfs3(nullb0): Primary boot signature is not NTFS.
[  368.522333][ T9169] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  368.699488][ T9177] Invalid ELF header magic: != ELF
[  368.710637][ T9177] ntfs3(nullb0): Primary boot signature is not NTFS.
[  368.717842][ T9177] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  369.483918][ T9182] netlink: 'syz.2.842': attribute type 1 has an invalid length.
[  369.927844][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  370.088004][    T9] usb 1-1: Using ep0 maxpacket: 16
[  370.094762][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  370.187966][    T9] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  370.198987][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.216337][    T9] usb 1-1: Product: syz
[  370.225683][    T9] usb 1-1: Manufacturer: syz
[  370.234815][    T9] usb 1-1: SerialNumber: syz
[  370.251122][ T9175] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  370.270074][    T9] usb 1-1: config 0 descriptor??
[  370.284525][    T9] hub 1-1:0.0: bad descriptor, ignoring hub
[  370.290805][    T9] hub 1-1:0.0: probe with driver hub failed with error -5
[  370.331362][    T9] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input18
[  370.732619][ T9204] netlink: 8 bytes leftover after parsing attributes in process `syz.0.843'.
[  371.048245][ T5174] usb 1-1: reset high-speed USB device number 15 using dummy_hcd
[  371.253392][ T9210] nbd2: detected capacity change from 0 to 22
[  371.299115][ T5174] usb 1-1: device firmware changed
[  371.326274][ T5915] usb 1-1: USB disconnect, device number 15
[  371.531780][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  371.531791][   T29] audit: type=1400 audit(1736518238.990:610): avc:  denied  { ioctl } for  pid=9205 comm="syz.4.848" path="socket:[21603]" dev="sockfs" ino=21603 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  371.580772][ T9213] FAULT_INJECTION: forcing a failure.
[  371.580772][ T9213] name failslab, interval 1, probability 0, space 0, times 0
[  371.593729][ T9213] CPU: 1 UID: 0 PID: 9213 Comm: syz.3.850 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  371.604299][ T9213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  371.614334][ T9213] Call Trace:
[  371.617591][ T9213]  <TASK>
[  371.620502][ T9213]  dump_stack_lvl+0x16c/0x1f0
[  371.625166][ T9213]  should_fail_ex+0x497/0x5b0
[  371.629827][ T9213]  ? rcu_is_watching+0x12/0xc0
[  371.634578][ T9213]  should_failslab+0xc2/0x120
[  371.639234][ T9213]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  371.644587][ T9213]  ? lock_acquire+0x2f/0xb0
[  371.649069][ T9213]  ? __inet_hash_connect+0x69f/0x1900
[  371.654418][ T9213]  ? __inet_hash_connect+0x918/0x1900
[  371.659774][ T9213]  __inet_hash_connect+0x918/0x1900
[  371.664961][ T9213]  ? __pfx___inet6_check_established+0x10/0x10
[  371.671097][ T9213]  ? __pfx___inet_hash_connect+0x10/0x10
[  371.676712][ T9213]  tcp_v6_connect+0x12d0/0x20e0
[  371.681542][ T9213]  ? stack_trace_save+0x95/0xd0
[  371.686398][ T9213]  ? __pfx_tcp_v6_connect+0x10/0x10
[  371.691578][ T9213]  ? kasan_save_stack+0x33/0x60
[  371.696405][ T9213]  ? tcp_sendmsg_fastopen+0x23a/0x700
[  371.701761][ T9213]  ? tcp_sendmsg_locked+0x2037/0x3770
[  371.707115][ T9213]  ? tcp_sendmsg+0x2e/0x50
[  371.711521][ T9213]  ? inet6_sendmsg+0xb9/0x140
[  371.716176][ T9213]  ? __sys_sendto+0x374/0x4f0
[  371.720834][ T9213]  ? __x64_sys_sendto+0xe0/0x1c0
[  371.725763][ T9213]  ? __inet_stream_connect+0x3c7/0x1020
[  371.731292][ T9213]  __inet_stream_connect+0x3c7/0x1020
[  371.736654][ T9213]  ? __pfx___inet_stream_connect+0x10/0x10
[  371.742447][ T9213]  tcp_sendmsg_fastopen+0x3d7/0x700
[  371.747634][ T9213]  tcp_sendmsg_locked+0x2037/0x3770
[  371.752817][ T9213]  ? hlock_class+0x4e/0x130
[  371.757304][ T9213]  ? mark_lock+0xb5/0xc60
[  371.761611][ T9213]  ? __pfx___lock_acquire+0x10/0x10
[  371.766786][ T9213]  ? __pfx_avc_has_perm+0x10/0x10
[  371.771793][ T9213]  ? __pfx_mark_lock+0x10/0x10
[  371.776535][ T9213]  ? lock_acquire.part.0+0x11b/0x380
[  371.781799][ T9213]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  371.787329][ T9213]  ? tcp_sendmsg+0x20/0x50
[  371.791726][ T9213]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  371.797082][ T9213]  ? mark_held_locks+0x9f/0xe0
[  371.801825][ T9213]  ? __local_bh_enable_ip+0xa4/0x120
[  371.807092][ T9213]  tcp_sendmsg+0x2e/0x50
[  371.811322][ T9213]  ? __pfx_tcp_sendmsg+0x10/0x10
[  371.816248][ T9213]  inet6_sendmsg+0xb9/0x140
[  371.820728][ T9213]  __sys_sendto+0x374/0x4f0
[  371.825226][ T9213]  ? __pfx___sys_sendto+0x10/0x10
[  371.830242][ T9213]  ? ksys_write+0x1ba/0x250
[  371.834722][ T9213]  ? __pfx_ksys_write+0x10/0x10
[  371.839549][ T9213]  __x64_sys_sendto+0xe0/0x1c0
[  371.844304][ T9213]  ? do_syscall_64+0x91/0x250
[  371.848962][ T9213]  ? lockdep_hardirqs_on+0x7c/0x110
[  371.854140][ T9213]  do_syscall_64+0xcd/0x250
[  371.858628][ T9213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.864504][ T9213] RIP: 0033:0x7f9d43d85d29
[  371.868895][ T9213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.888482][ T9213] RSP: 002b:00007f9d44bfc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  371.896871][ T9213] RAX: ffffffffffffffda RBX: 00007f9d43f75fa0 RCX: 00007f9d43d85d29
[  371.904816][ T9213] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  371.912767][ T9213] RBP: 00007f9d44bfc090 R08: 0000000020b63fe4 R09: 000000000000001c
[  371.920715][ T9213] R10: 0000000020004002 R11: 0000000000000246 R12: 0000000000000001
[  371.928663][ T9213] R13: 0000000000000000 R14: 00007f9d43f75fa0 R15: 00007ffc2f572c98
[  371.936621][ T9213]  </TASK>
[  371.940700][ T5915] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  371.952794][ T5819] block nbd2: Receive control failed (result -104)
[  372.151408][ T5915] usb 1-1: Using ep0 maxpacket: 16
[  372.732410][ T9222] bridge0: port 4(ipvlan2) entered blocking state
[  372.742338][ T9222] bridge0: port 4(ipvlan2) entered disabled state
[  372.755055][ T9222] ipvlan2: entered allmulticast mode
[  372.766236][ T5915] usb 1-1: unable to get BOS descriptor or descriptor too short
[  372.767522][ T9222] bridge0: entered allmulticast mode
[  372.777738][ T5915] usb 1-1: unable to read config index 0 descriptor/start: -71
[  372.796701][ T5915] usb 1-1: can't read configurations, error -71
[  372.800284][ T9222] ipvlan2: left allmulticast mode
[  372.823901][ T9222] bridge0: left allmulticast mode
[  372.840551][ T9225] netlink: 260 bytes leftover after parsing attributes in process `syz.3.853'.
[  372.855497][ T9225] netlink: 260 bytes leftover after parsing attributes in process `syz.3.853'.
[  373.041259][ T5894] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  373.219508][ T9232] Invalid ELF header magic: != ELF
[  373.226278][ T9232] ntfs3(nullb0): Primary boot signature is not NTFS.
[  373.233148][ T9232] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  373.420089][ T9233] 
@ÿ: renamed from bond_slave_0 (while UP)
[  374.096944][ T5894] usb 5-1: Using ep0 maxpacket: 32
[  374.103418][ T5894] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  374.111635][ T5894] usb 5-1: config 0 has no interface number 0
[  374.119922][ T5894] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  374.129033][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.137153][ T5894] usb 5-1: Product: syz
[  374.141358][ T5894] usb 5-1: Manufacturer: syz
[  374.145931][ T5894] usb 5-1: SerialNumber: syz
[  374.163934][ T5894] usb 5-1: config 0 descriptor??
[  374.186249][ T5894] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  374.363516][   T29] audit: type=1400 audit(1736518241.637:611): avc:  denied  { recv } for  pid=5811 comm="syz-executor" saddr=10.128.0.169 src=30006 daddr=10.128.0.149 dest=38828 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  374.448007][ T9243] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  374.455496][ T9243] cramfs: wrong magic
[  374.493110][ T9224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  374.503545][ T9224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.052681][ T5894] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  375.064214][ T5894] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  375.882867][ T9252] ntfs3(nullb0): Primary boot signature is not NTFS.
[  375.889696][ T9252] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  375.921229][ T9224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.929973][ T9224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.959391][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  375.962090][   T52] usb 5-1: USB disconnect, device number 25
[  375.986225][   T52] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  376.017976][   T52] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  376.036323][   T52] quatech2 5-1:0.51: device disconnected
[  376.307828][ T9264] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  377.286336][ T9273] netlink: 'syz.4.868': attribute type 1 has an invalid length.
[  377.307430][ T9273] nvme_fabrics: unknown parameter or missing value ' ' in ctrl creation request
[  378.086811][ T9278] netlink: 'syz.0.869': attribute type 1 has an invalid length.
[  378.127570][ T9278] nvme_fabrics: unknown parameter or missing value ' ' in ctrl creation request
[  379.393930][   T29] audit: type=1326 audit(1736518245.846:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.4.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  379.420900][   T29] audit: type=1326 audit(1736518245.856:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.4.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  379.444240][   T29] audit: type=1326 audit(1736518245.856:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.4.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  379.467497][   T29] audit: type=1326 audit(1736518245.856:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.4.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  379.490888][   T29] audit: type=1326 audit(1736518245.856:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9277 comm="syz.4.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  379.874559][   T29] audit: type=1400 audit(1736518246.791:617): avc:  denied  { module_request } for  pid=9291 comm="syz.4.873" kmod="netdev-ipvlan1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  380.112624][ T9298] FAULT_INJECTION: forcing a failure.
[  380.112624][ T9298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.135292][ T9298] CPU: 0 UID: 0 PID: 9298 Comm: syz.4.875 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  380.146039][ T9298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  380.156114][ T9298] Call Trace:
[  380.159403][ T9298]  <TASK>
[  380.162347][ T9298]  dump_stack_lvl+0x16c/0x1f0
[  380.167046][ T9298]  should_fail_ex+0x497/0x5b0
[  380.171746][ T9298]  _copy_from_user+0x2e/0xd0
[  380.176351][ T9298]  memdup_user+0x71/0xd0
[  380.180604][ T9298]  strndup_user+0x78/0xe0
[  380.184941][ T9298]  __x64_sys_mount+0x138/0x320
[  380.189714][ T9298]  ? __pfx___x64_sys_mount+0x10/0x10
[  380.195014][ T9298]  do_syscall_64+0xcd/0x250
[  380.199534][ T9298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.205430][ T9298] RIP: 0033:0x7f7837185d29
[  380.209837][ T9298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.229436][ T9298] RSP: 002b:00007f7837f6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  380.237842][ T9298] RAX: ffffffffffffffda RBX: 00007f7837375fa0 RCX: 00007f7837185d29
[  380.245805][ T9298] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00000000200001c0
[  380.253764][ T9298] RBP: 00007f7837f6f090 R08: 0000000000000000 R09: 0000000000000000
[  380.261724][ T9298] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  380.269687][ T9298] R13: 0000000000000001 R14: 00007f7837375fa0 R15: 00007ffe9f8a2b28
[  380.277669][ T9298]  </TASK>
[  380.424977][ T9302] netlink: 20 bytes leftover after parsing attributes in process `syz.0.876'.
[  380.743780][ T9305] FAULT_INJECTION: forcing a failure.
[  380.743780][ T9305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  381.100162][ T9305] CPU: 1 UID: 0 PID: 9305 Comm: syz.1.874 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  381.110789][ T9305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  381.120828][ T9305] Call Trace:
[  381.124101][ T9305]  <TASK>
[  381.127019][ T9305]  dump_stack_lvl+0x16c/0x1f0
[  381.131683][ T9305]  should_fail_ex+0x497/0x5b0
[  381.136349][ T9305]  _copy_from_user+0x2e/0xd0
[  381.140925][ T9305]  addrconf_del_ifaddr+0xed/0x190
[  381.145942][ T9305]  ? __pfx_addrconf_del_ifaddr+0x10/0x10
[  381.151558][ T9305]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  381.157455][ T9305]  inet6_ioctl+0x1e7/0x2b0
[  381.161897][ T9305]  ? __pfx_inet6_ioctl+0x10/0x10
[  381.166831][ T9305]  ? tomoyo_path_number_perm+0x190/0x590
[  381.172467][ T9305]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  381.178361][ T9305]  sock_do_ioctl+0x116/0x280
[  381.182948][ T9305]  ? __pfx_sock_do_ioctl+0x10/0x10
[  381.188062][ T9305]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  381.194560][ T9305]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  381.201057][ T9305]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  381.207908][ T9305]  sock_ioctl+0x228/0x6c0
[  381.212237][ T9305]  ? __pfx_sock_ioctl+0x10/0x10
[  381.217088][ T9305]  ? selinux_file_ioctl+0x180/0x270
[  381.222283][ T9305]  ? selinux_file_ioctl+0xb4/0x270
[  381.227390][ T9305]  ? __pfx_sock_ioctl+0x10/0x10
[  381.232238][ T9305]  __x64_sys_ioctl+0x190/0x200
[  381.237003][ T9305]  do_syscall_64+0xcd/0x250
[  381.241509][ T9305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.247398][ T9305] RIP: 0033:0x7f08a2785d29
[  381.251803][ T9305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.271405][ T9305] RSP: 002b:00007f08a34dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  381.279814][ T9305] RAX: ffffffffffffffda RBX: 00007f08a2975fa0 RCX: 00007f08a2785d29
[  381.287776][ T9305] RDX: 0000000020001600 RSI: 0000000000008936 RDI: 0000000000000004
[  381.295737][ T9305] RBP: 00007f08a34dc090 R08: 0000000000000000 R09: 0000000000000000
[  381.303696][ T9305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.311655][ T9305] R13: 0000000000000000 R14: 00007f08a2975fa0 R15: 00007ffe963ab6c8
[  381.319628][ T9305]  </TASK>
[  381.740362][ T9314] Invalid ELF header magic: != ELF
[  381.746550][ T9314] ntfs3(nullb0): Primary boot signature is not NTFS.
[  381.754386][ T9314] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  382.072541][    T9] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  382.261085][    T9] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  382.282163][    T9] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  382.708113][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  382.724664][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.746332][ T9313] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  382.779105][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  383.068674][   T29] audit: type=1326 audit(1736518249.775:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9320 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  383.540373][   T29] audit: type=1326 audit(1736518249.775:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9320 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  383.576999][   T29] audit: type=1326 audit(1736518249.775:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9320 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  383.603359][   T29] audit: type=1326 audit(1736518249.775:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9320 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  383.708351][ T5864] usb 2-1: USB disconnect, device number 20
[  384.328610][ T9346] program syz.4.889 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  386.158889][ T9355] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  386.309651][ T9363] netlink: 48 bytes leftover after parsing attributes in process `syz.4.895'.
[  386.697955][ T9371] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  386.705396][ T9371] cramfs: wrong magic
[  387.436528][ T9373] ntfs3(nullb0): Primary boot signature is not NTFS.
[  387.443408][ T9373] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  388.516360][ T5826] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  388.531489][ T5826] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  388.543963][ T5826] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  388.553429][ T5826] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  388.563109][ T9396] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  388.569533][ T5826] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  388.577987][ T5826] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  388.622596][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  388.622613][   T29] audit: type=1400 audit(1736518254.948:623): avc:  denied  { mounton } for  pid=9390 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  388.650054][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.994162][ T9390] chnl_net:caif_netlink_parms(): no params data found
[  390.785159][ T5819] Bluetooth: hci5: command tx timeout
[  391.382584][ T9390] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.541613][ T9390] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.554984][ T9390] bridge_slave_0: entered allmulticast mode
[  391.566097][ T9390] bridge_slave_0: entered promiscuous mode
[  391.574261][ T9390] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.725874][ T9390] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.733281][ T9390] bridge_slave_1: entered allmulticast mode
[  391.744844][ T9390] bridge_slave_1: entered promiscuous mode
[  391.867510][ T9390] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  391.909833][ T9390] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  392.098246][ T9442] ntfs3(nullb0): Primary boot signature is not NTFS.
[  392.105407][ T9442] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  392.403940][ T9443] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  392.791979][ T9390] team0: Port device team_slave_0 added
[  392.800685][ T9390] team0: Port device team_slave_1 added
[  393.013638][ T9390] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.020845][ T9390] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.032834][ T5819] Bluetooth: hci5: command tx timeout
[  393.047015][ T9390] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  393.054400][ T9449] netlink: 192 bytes leftover after parsing attributes in process `syz.4.918'.
[  393.274121][ T9447] netlink: 28 bytes leftover after parsing attributes in process `syz.3.917'.
[  393.294961][ T9390] batman_adv: batadv0: Adding interface: batadv_slave_1
[  393.302089][ T9390] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.316520][ T9457] fuse: Unknown parameter '000000000000000000000030x0000000000000003'
[  393.355182][ T9390] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.396450][ T9454] random: crng reseeded on system resumption
[  393.524656][ T9461] cgroup: none used incorrectly
[  393.555162][ T9390] hsr_slave_0: entered promiscuous mode
[  393.571948][ T9390] hsr_slave_1: entered promiscuous mode
[  393.579893][ T9390] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  393.588761][ T9390] Cannot create hsr debugfs directory
[  394.200426][ T9390] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  394.259174][ T9390] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  394.267678][ T9390] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  394.282874][ T9467] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.294031][ T9390] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  395.201743][ T9390] 8021q: adding VLAN 0 to HW filter on device bond0
[  395.228683][ T9390] 8021q: adding VLAN 0 to HW filter on device team0
[  395.246901][ T5819] Bluetooth: hci5: command tx timeout
[  395.451239][ T9390] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  395.461831][ T9390] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  395.493107][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  395.500210][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  395.520358][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.527552][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.529904][ T9463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  395.542403][   T29] audit: type=1400 audit(1736518261.449:624): avc:  denied  { egress } for  pid=5817 comm="kworker/1:3" daddr=ff02::16 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  395.576386][   T29] audit: type=1400 audit(1736518261.449:625): avc:  denied  { sendto } for  pid=5817 comm="kworker/1:3" daddr=ff02::16 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  395.952728][ T9497] netlink: 8 bytes leftover after parsing attributes in process `syz.4.929'.
[  395.986487][ T9497] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  396.503016][   T29] audit: type=1400 audit(1736518261.832:626): avc:  denied  { mount } for  pid=9490 comm="syz.4.929" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  396.744434][   T29] audit: type=1400 audit(1736518262.571:627): avc:  denied  { unmount } for  pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  397.703248][ T5819] Bluetooth: hci5: command tx timeout
[  397.748661][ T9390] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.968653][ T9515] fuse: Unknown parameter '000000000000000000000030x0000000000000003'
[  399.190238][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  399.320357][ T9390] veth0_vlan: entered promiscuous mode
[  399.330717][ T9390] veth1_vlan: entered promiscuous mode
[  399.518629][ T9390] veth0_macvtap: entered promiscuous mode
[  401.019840][ T9390] veth1_macvtap: entered promiscuous mode
[  401.039950][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.070253][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.092897][ T9531] netlink: 192 bytes leftover after parsing attributes in process `syz.0.936'.
[  401.124485][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.197734][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.229193][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.245740][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.256471][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.278121][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.293647][ T9390] batman_adv: batadv0: Interface activated: batadv_slave_0
[  402.122264][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.134278][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.166162][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.339602][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.355245][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.463472][ T9544] random: crng reseeded on system resumption
[  403.052219][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  403.078927][ T9390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  403.114319][ T9390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  403.150671][ T9390] batman_adv: batadv0: Interface activated: batadv_slave_1
[  403.165720][ T9539] netlink: 28 bytes leftover after parsing attributes in process `syz.4.938'.
[  403.203394][ T9390] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  403.221213][ T9390] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  403.250391][ T9390] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  403.260343][ T9390] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  403.481185][   T29] audit: type=1400 audit(1736518268.876:628): avc:  denied  { bind } for  pid=9548 comm="syz.4.941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  403.489533][ T9549] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  403.522625][   T29] audit: type=1400 audit(1736518268.885:629): avc:  denied  { listen } for  pid=9548 comm="syz.4.941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  403.541983][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  403.555051][ T9549] audit: out of memory in audit_log_start
[  403.567697][   T29] audit: type=1400 audit(1736518268.885:630): avc:  denied  { write } for  pid=9548 comm="syz.4.941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  403.669262][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  403.727663][   T59] block nbd2: Possible stuck request ffff8880262c5080: control (read@0,4096B). Runtime 30 seconds
[  403.752541][ T3491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  403.774956][ T3491] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  403.816335][   T29] audit: type=1400 audit(1736518269.184:631): avc:  denied  { mounton } for  pid=9390 comm="syz-executor" path="/root/syzkaller.kGhg2s/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  403.856597][   T29] audit: type=1400 audit(1736518269.231:632): avc:  denied  { mount } for  pid=9390 comm="syz-executor" name="/" dev="gadgetfs" ino=7230 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  404.555865][ T9568] capability: warning: `syz.1.946' uses 32-bit capabilities (legacy support in use)
[  404.672276][ T5894] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  404.833781][ T5894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  404.848826][ T5894] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[  404.911595][ T5894] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  404.949448][ T5894] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.072496][ T5894] usb 1-1: config 0 descriptor??
[  405.081973][ T5894] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  405.290342][ T9589] dvmrp5: entered allmulticast mode
[  406.339889][ T5866] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  406.925289][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  406.935093][ T5866] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[  406.945274][ T5866] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  406.956681][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.976718][ T5866] usb 2-1: config 0 descriptor??
[  406.998960][ T5866] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  408.243602][ T5864] usb 1-1: USB disconnect, device number 18
[  408.895358][ T9623] Invalid ELF header magic: != ELF
[  408.907847][ T9623] ntfs3(nullb0): Primary boot signature is not NTFS.
[  408.915001][ T9623] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  409.396873][ T9630] FAULT_INJECTION: forcing a failure.
[  409.396873][ T9630] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  409.413311][ T9630] CPU: 1 UID: 0 PID: 9630 Comm: syz.3.963 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  409.423928][ T9630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  409.433992][ T9630] Call Trace:
[  409.437278][ T9630]  <TASK>
[  409.440217][ T9630]  dump_stack_lvl+0x16c/0x1f0
[  409.444920][ T9630]  should_fail_ex+0x497/0x5b0
[  409.445947][ T5915] usb 2-1: USB disconnect, device number 21
[  409.449610][ T9630]  _copy_from_user+0x2e/0xd0
[  409.449637][ T9630]  get_user_ifreq+0xf1/0x250
[  409.464670][ T9630]  sock_do_ioctl+0x16c/0x280
[  409.469266][ T9630]  ? __pfx_sock_do_ioctl+0x10/0x10
[  409.474380][ T9630]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  409.480880][ T9630]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  409.487394][ T9630]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  409.494258][ T9630]  sock_ioctl+0x228/0x6c0
[  409.498596][ T9630]  ? __pfx_sock_ioctl+0x10/0x10
[  409.503462][ T9630]  ? selinux_file_ioctl+0x180/0x270
[  409.508668][ T9630]  ? selinux_file_ioctl+0xb4/0x270
[  409.513781][ T9630]  ? __pfx_sock_ioctl+0x10/0x10
[  409.518634][ T9630]  __x64_sys_ioctl+0x190/0x200
[  409.523404][ T9630]  do_syscall_64+0xcd/0x250
[  409.527932][ T9630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.533825][ T9630] RIP: 0033:0x7f9d43d85d29
[  409.538230][ T9630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.557839][ T9630] RSP: 002b:00007f9d44bfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  409.566247][ T9630] RAX: ffffffffffffffda RBX: 00007f9d43f75fa0 RCX: 00007f9d43d85d29
[  409.574211][ T9630] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000004
[  409.582174][ T9630] RBP: 00007f9d44bfc090 R08: 0000000000000000 R09: 0000000000000000
[  409.590135][ T9630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.598096][ T9630] R13: 0000000000000000 R14: 00007f9d43f75fa0 R15: 00007ffc2f572c98
[  409.606071][ T9630]  </TASK>
[  410.660659][   T29] audit: type=1400 audit(1736518275.555:633): avc:  denied  { read write } for  pid=9646 comm="syz.4.970" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  411.199143][   T29] audit: type=1400 audit(1736518275.826:634): avc:  denied  { open } for  pid=9646 comm="syz.4.970" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  412.615222][   T52] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  412.675654][ T9677] netlink: 24 bytes leftover after parsing attributes in process `syz.3.980'.
[  412.797185][   T52] usb 1-1: device descriptor read/64, error -71
[  413.415305][   T52] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  413.751303][   T52] usb 1-1: device descriptor read/64, error -71
[  413.900196][   T52] usb usb1-port1: attempt power cycle
[  414.454373][   T52] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  414.475967][   T52] usb 1-1: device descriptor read/8, error -71
[  414.756776][   T29] audit: type=1400 audit(1736518279.371:635): avc:  denied  { read write } for  pid=9711 comm="syz.5.991" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  414.805043][   T52] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  414.842735][ T5864] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  414.851382][   T52] usb 1-1: device descriptor read/8, error -71
[  414.972237][   T52] usb usb1-port1: unable to enumerate USB device
[  415.028418][ T5864] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  415.074181][ T5864] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  415.119245][ T5864] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  415.166918][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.261578][ T9710] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  415.337166][ T5864] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  416.012632][ T9727] fuse: Unknown parameter '000000000000000000000030x0000000000000003'
[  416.075171][   T52] usb 4-1: USB disconnect, device number 21
[  416.151728][   T29] audit: type=1400 audit(1736518280.727:636): avc:  denied  { connect } for  pid=9734 comm="syz.5.999" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  416.270936][   T29] audit: type=1400 audit(1736518280.840:637): avc:  denied  { ioctl } for  pid=9732 comm="syz.1.998" path="socket:[23785]" dev="sockfs" ino=23785 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  416.281973][ T9733] netlink: 36 bytes leftover after parsing attributes in process `syz.1.998'.
[  416.296186][    C0] vkms_vblank_simulate: vblank timer overrun
[  416.322712][ T9710] netlink: 44 bytes leftover after parsing attributes in process `syz.3.990'.
[  416.337233][ T9738] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53 sclass=netlink_xfrm_socket pid=9738 comm=syz.1.998
[  416.392812][ T9744] program syz.0.1002 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  416.453459][ T5864] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  416.627376][ T5864] usb 6-1: config 0 has an invalid interface number: 69 but max is 0
[  416.780924][ T5864] usb 6-1: config 0 has no interface number 0
[  416.798865][ T5864] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  416.815230][ T5864] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  416.832582][ T5864] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  417.032470][ T5864] usb 6-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  417.055990][ T5864] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.067315][ T5864] usb 6-1: Product: syz
[  417.071492][ T5864] usb 6-1: Manufacturer: syz
[  417.076137][ T5864] usb 6-1: SerialNumber: syz
[  417.086797][ T5864] usb 6-1: config 0 descriptor??
[  417.092255][ T9735] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  417.099801][ T9735] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  417.732438][ T5864] cyberjack 6-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  417.771076][ T5864] usb 6-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  417.785515][ T5864] usb 6-1: USB disconnect, device number 2
[  417.821747][ T5864] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  417.844410][ T5864] cyberjack 6-1:0.69: device disconnected
[  417.903447][ T9756] CIFS: VFS: Malformed UNC in devname
[  418.020809][ T9756] netlink: 'syz.1.1006': attribute type 1 has an invalid length.
[  419.399342][ T9789] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  419.405905][ T9789] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  419.414584][ T9789] vhci_hcd vhci_hcd.0: Device attached
[  419.471463][ T9790] vhci_hcd: connection closed
[  419.521525][ T3491] vhci_hcd: stop threads
[  419.533314][ T3491] vhci_hcd: release socket
[  419.537794][ T3491] vhci_hcd: disconnect device
[  419.546002][ T9799] FAULT_INJECTION: forcing a failure.
[  419.546002][ T9799] name failslab, interval 1, probability 0, space 0, times 0
[  419.558822][ T9799] CPU: 1 UID: 0 PID: 9799 Comm: syz.0.1019 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  419.569510][ T9799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  419.579575][ T9799] Call Trace:
[  419.582861][ T9799]  <TASK>
[  419.585797][ T9799]  dump_stack_lvl+0x16c/0x1f0
[  419.590490][ T9799]  should_fail_ex+0x497/0x5b0
[  419.595186][ T9799]  ? fs_reclaim_acquire+0xae/0x150
[  419.600312][ T9799]  should_failslab+0xc2/0x120
[  419.605004][ T9799]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  419.610405][ T9799]  ? sk_prot_alloc+0x60/0x2a0
[  419.615098][ T9799]  sk_prot_alloc+0x60/0x2a0
[  419.619618][ T9799]  sk_alloc+0x36/0xb90
[  419.623708][ T9799]  inet6_create+0x380/0x1320
[  419.628310][ T9799]  ? inet6_create+0x5d/0x1320
[  419.632999][ T9799]  __sock_create+0x335/0x8d0
[  419.637607][ T9799]  __sys_socket+0x14f/0x260
[  419.642124][ T9799]  ? __pfx___sys_socket+0x10/0x10
[  419.647171][ T9799]  __x64_sys_socket+0x72/0xb0
[  419.651865][ T9799]  do_syscall_64+0xcd/0x250
[  419.656418][ T9799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.662334][ T9799] RIP: 0033:0x7f2595385d29
[  419.666760][ T9799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.686382][ T9799] RSP: 002b:00007f25961b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  419.694814][ T9799] RAX: ffffffffffffffda RBX: 00007f2595575fa0 RCX: 00007f2595385d29
[  419.702795][ T9799] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a
[  419.710779][ T9799] RBP: 00007f25961b7090 R08: 0000000000000000 R09: 0000000000000000
[  419.718763][ T9799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.726749][ T9799] R13: 0000000000000000 R14: 00007f2595575fa0 R15: 00007ffc54aaf9d8
[  419.734747][ T9799]  </TASK>
[  420.014106][   T29] audit: type=1400 audit(1736518284.338:638): avc:  denied  { sqpoll } for  pid=9804 comm="syz.3.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  420.033255][    C0] vkms_vblank_simulate: vblank timer overrun
[  420.385751][   T29] audit: type=1326 audit(1736518284.684:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9804 comm="syz.3.1022" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d43d85d29 code=0x0
[  420.408477][    C0] vkms_vblank_simulate: vblank timer overrun
[  421.751582][ T5826] Bluetooth: hci2: unexpected event for opcode 0x2041
[  422.159977][ T9844] netlink: 'syz.3.1033': attribute type 1 has an invalid length.
[  422.317372][ T9847] FAULT_INJECTION: forcing a failure.
[  422.317372][ T9847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.331348][ T9847] CPU: 1 UID: 0 PID: 9847 Comm: syz.4.1032 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  422.342056][ T9847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  422.352133][ T9847] Call Trace:
[  422.355415][ T9847]  <TASK>
[  422.358353][ T9847]  dump_stack_lvl+0x16c/0x1f0
[  422.363044][ T9847]  should_fail_ex+0x497/0x5b0
[  422.367730][ T9847]  _copy_from_user+0x2e/0xd0
[  422.372319][ T9847]  vmci_host_unlocked_ioctl+0x10c8/0x1fb0
[  422.378040][ T9847]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  422.384118][ T9847]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  422.390629][ T9847]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  422.397135][ T9847]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  422.403987][ T9847]  ? __pfx_lock_release+0x10/0x10
[  422.409016][ T9847]  ? selinux_file_ioctl+0x180/0x270
[  422.414217][ T9847]  ? selinux_file_ioctl+0xb4/0x270
[  422.419327][ T9847]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  422.425407][ T9847]  __x64_sys_ioctl+0x190/0x200
[  422.430174][ T9847]  do_syscall_64+0xcd/0x250
[  422.434677][ T9847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.440572][ T9847] RIP: 0033:0x7f7837185d29
[  422.444980][ T9847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.464584][ T9847] RSP: 002b:00007f7837f6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  422.472994][ T9847] RAX: ffffffffffffffda RBX: 00007f7837375fa0 RCX: 00007f7837185d29
[  422.480957][ T9847] RDX: 0000000020000100 RSI: 00000000000007a6 RDI: 0000000000000003
[  422.488919][ T9847] RBP: 00007f7837f6f090 R08: 0000000000000000 R09: 0000000000000000
[  422.496885][ T9847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  422.504853][ T9847] R13: 0000000000000000 R14: 00007f7837375fa0 R15: 00007ffe9f8a2b28
[  422.512833][ T9847]  </TASK>
[  423.293926][ T9852] FAULT_INJECTION: forcing a failure.
[  423.293926][ T9852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  423.380864][ T9852] CPU: 1 UID: 0 PID: 9852 Comm: syz.3.1036 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  423.391588][ T9852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  423.401655][ T9852] Call Trace:
[  423.404944][ T9852]  <TASK>
[  423.407883][ T9852]  dump_stack_lvl+0x16c/0x1f0
[  423.412577][ T9852]  should_fail_ex+0x497/0x5b0
[  423.417270][ T9852]  _copy_from_user+0x2e/0xd0
[  423.421867][ T9852]  copy_msghdr_from_user+0x99/0x160
[  423.427077][ T9852]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  423.432902][ T9852]  ___sys_sendmsg+0xff/0x1e0
[  423.437538][ T9852]  ? __pfx____sys_sendmsg+0x10/0x10
[  423.442766][ T9852]  ? __pfx_lock_release+0x10/0x10
[  423.447805][ T9852]  ? trace_lock_acquire+0x14e/0x1f0
[  423.453034][ T9852]  ? __fget_files+0x206/0x3a0
[  423.457730][ T9852]  __sys_sendmsg+0x16e/0x220
[  423.462335][ T9852]  ? __pfx___sys_sendmsg+0x10/0x10
[  423.467482][ T9852]  do_syscall_64+0xcd/0x250
[  423.472003][ T9852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.477925][ T9852] RIP: 0033:0x7f9d43d85d29
[  423.482351][ T9852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.501977][ T9852] RSP: 002b:00007f9d44bfc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  423.510400][ T9852] RAX: ffffffffffffffda RBX: 00007f9d43f75fa0 RCX: 00007f9d43d85d29
[  423.518386][ T9852] RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003
[  423.526354][ T9852] RBP: 00007f9d44bfc090 R08: 0000000000000000 R09: 0000000000000000
[  423.534321][ T9852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.542304][ T9852] R13: 0000000000000000 R14: 00007f9d43f75fa0 R15: 00007ffc2f572c98
[  423.550282][ T9852]  </TASK>
[  424.036584][ T9859] tmpfs: Bad value for 'mpol'
[  425.324576][ T9863] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  425.454413][ T9862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  425.818577][   T29] audit: type=1326 audit(1736518288.884:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  425.841890][    C1] vkms_vblank_simulate: vblank timer overrun
[  426.136163][   T29] audit: type=1326 audit(1736518288.884:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.159475][    C1] vkms_vblank_simulate: vblank timer overrun
[  426.256417][   T29] audit: type=1326 audit(1736518288.884:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.641548][   T29] audit: type=1326 audit(1736518288.884:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.650513][ T9889] FAULT_INJECTION: forcing a failure.
[  426.650513][ T9889] name failslab, interval 1, probability 0, space 0, times 0
[  426.680795][ T9889] CPU: 0 UID: 0 PID: 9889 Comm: syz.5.1048 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  426.691499][ T9889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  426.701658][ T9889] Call Trace:
[  426.705033][ T9889]  <TASK>
[  426.705418][   T29] audit: type=1326 audit(1736518288.884:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.707957][ T9889]  dump_stack_lvl+0x16c/0x1f0
[  426.707990][ T9889]  should_fail_ex+0x497/0x5b0
[  426.731264][    C1] vkms_vblank_simulate: vblank timer overrun
[  426.735872][ T9889]  ? fs_reclaim_acquire+0xae/0x150
[  426.751645][ T9889]  should_failslab+0xc2/0x120
[  426.756343][ T9889]  __kmalloc_noprof+0xcb/0x510
[  426.761121][ T9889]  ? __pfx___lock_acquire+0x10/0x10
[  426.766336][ T9889]  sock_kmalloc+0x111/0x170
[  426.770861][ T9889]  __ipv6_sock_mc_join+0x411/0x930
[  426.776002][ T9889]  do_ipv6_mcast_group_source+0x20e/0x260
[  426.781735][ T9889]  ? __pfx_do_ipv6_mcast_group_source+0x10/0x10
[  426.788008][ T9889]  ? mark_held_locks+0x9f/0xe0
[  426.792788][ T9889]  ? __local_bh_enable_ip+0xa4/0x120
[  426.798083][ T9889]  ? lockdep_hardirqs_on+0x7c/0x110
[  426.801061][   T29] audit: type=1326 audit(1736518288.884:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.803281][ T9889]  do_ipv6_setsockopt+0x2b42/0x4520
[  426.803314][ T9889]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  426.830739][   T29] audit: type=1326 audit(1736518288.884:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.831537][ T9889]  ? lock_acquire+0x2f/0xb0
[  426.837820][   T29] audit: type=1326 audit(1736518288.884:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9867 comm="syz.5.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  426.860278][ T9889]  ? avc_has_perm_noaudit+0x143/0x3a0
[  426.860316][ T9889]  ? avc_has_perm+0x11b/0x1c0
[  426.860342][ T9889]  ? __pfx_avc_has_perm+0x10/0x10
[  426.860371][ T9889]  ? hlock_class+0x4e/0x130
[  426.860400][ T9889]  ? sock_has_perm+0x25a/0x2f0
[  426.860418][ T9889]  ? __pfx_sock_has_perm+0x10/0x10
[  426.860436][ T9889]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  426.860460][ T9889]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  426.860490][ T9889]  ? ipv6_setsockopt+0xcb/0x170
[  426.860512][ T9889]  ipv6_setsockopt+0xcb/0x170
[  426.860538][ T9889]  udpv6_setsockopt+0x7d/0xd0
[  426.860566][ T9889]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  426.860592][ T9889]  do_sock_setsockopt+0x222/0x480
[  426.866844][   T29] audit: type=1400 audit(1736518289.539:648): avc:  denied  { write } for  pid=9873 comm="syz.1.1044" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  426.888301][    C1] vkms_vblank_simulate: vblank timer overrun
[  426.888298][ T9889]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  426.888328][ T9889]  ? lock_acquire+0x2f/0xb0
[  426.888362][ T9889]  __sys_setsockopt+0x1a0/0x230
[  426.888395][ T9889]  __x64_sys_setsockopt+0xbd/0x160
[  426.888421][ T9889]  ? do_syscall_64+0x91/0x250
[  427.009618][ T9889]  ? lockdep_hardirqs_on+0x7c/0x110
[  427.014829][ T9889]  do_syscall_64+0xcd/0x250
[  427.019333][ T9889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.025227][ T9889] RIP: 0033:0x7fd935985d29
[  427.029634][ T9889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.049253][ T9889] RSP: 002b:00007fd93678c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  427.057663][ T9889] RAX: ffffffffffffffda RBX: 00007fd935b75fa0 RCX: 00007fd935985d29
[  427.065633][ T9889] RDX: 000000000000002e RSI: 0000000000000029 RDI: 0000000000000003
[  427.073596][ T9889] RBP: 00007fd93678c090 R08: 0000000000000108 R09: 0000000000000000
[  427.081557][ T9889] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000001
[  427.089519][ T9889] R13: 0000000000000000 R14: 00007fd935b75fa0 R15: 00007ffc8274a178
[  427.097497][ T9889]  </TASK>
[  427.142864][ T9895] tipc: Started in network mode
[  427.148287][ T9895] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  427.162511][ T9895] tipc: Enabled bearer <eth:team0>, priority 0
[  427.797144][ T5915] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  428.180840][   T29] audit: type=1400 audit(1736518291.569:649): avc:  denied  { read } for  pid=9891 comm="syz.3.1049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  428.405676][    T9] tipc: Node number set to 11578026
[  428.826764][ T9914] Invalid ELF header magic: != ELF
[  428.833514][ T9914] ntfs3(nullb0): Primary boot signature is not NTFS.
[  428.840320][ T9914] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  429.070000][    T9] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  429.239347][    T9] usb 1-1: Using ep0 maxpacket: 32
[  429.259216][    T9] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  429.667883][    T9] usb 1-1: config 0 has no interface number 0
[  429.720753][ T5915] usb 2-1: device descriptor read/all, error -71
[  429.732277][    T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  429.747165][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.761818][    T9] usb 1-1: Product: syz
[  429.766119][    T9] usb 1-1: Manufacturer: syz
[  429.770734][    T9] usb 1-1: SerialNumber: syz
[  429.778012][    T9] usb 1-1: config 0 descriptor??
[  430.085000][    T9] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  430.595569][ T9910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.357472][ T9910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  432.934032][    T9] usb 1-1: qt2_attach - failed to power on unit: -71
[  432.940989][    T9] quatech2 1-1:0.51: probe with driver quatech2 failed with error -71
[  433.176053][ T9948] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  433.375484][    T9] usb 1-1: USB disconnect, device number 23
[  433.425847][ T9935] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  433.678786][ T9963] Invalid ELF header magic: != ELF
[  433.694261][ T9963] ntfs3(nullb0): Primary boot signature is not NTFS.
[  433.701457][ T9963] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  433.720855][ T9963] bridge0: port 3(erspan0) entered blocking state
[  433.727537][ T9963] bridge0: port 3(erspan0) entered disabled state
[  433.734983][ T9963] erspan0: entered allmulticast mode
[  433.746150][ T9963] erspan0: entered promiscuous mode
[  433.752799][ T9963] bridge0: port 3(erspan0) entered blocking state
[  433.759275][ T9963] bridge0: port 3(erspan0) entered forwarding state
[  434.937274][ T9916] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  435.226058][ T5896] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  435.407891][ T5896] usb 5-1: Using ep0 maxpacket: 32
[  435.668051][ T5896] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  435.683999][ T5896] usb 5-1: config 0 has no interface number 0
[  435.768499][ T9916] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  435.781986][ T5896] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  435.791063][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.797951][ T9916] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[  435.799137][ T5896] usb 5-1: Product: syz
[  435.813002][ T5896] usb 5-1: Manufacturer: syz
[  435.818060][ T5896] usb 5-1: SerialNumber: syz
[  435.834663][ T5896] usb 5-1: config 0 descriptor??
[  435.845942][ T5896] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  435.846848][ T9916] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  435.934476][   T59] block nbd2: Possible stuck request ffff8880262c5080: control (read@0,4096B). Runtime 60 seconds
[  435.961677][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.043590][ T9916] usb 4-1: config 0 descriptor??
[  436.087670][ T9970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  436.118125][ T9970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  436.129109][ T9916] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  436.668437][ T5896] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  436.681846][ T5896] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  436.766450][ T9986] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1076'.
[  437.140445][ T9990] random: crng reseeded on system resumption
[  437.701504][ T5896] usb 4-1: USB disconnect, device number 22
[  438.059351][ T9970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.070419][ T9970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.118797][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  438.126658][   T52] usb 5-1: USB disconnect, device number 26
[  438.208174][   T52] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  438.288941][ T9997] netlink: 192 bytes leftover after parsing attributes in process `syz.5.1079'.
[  438.548779][   T52] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  438.560771][   T52] quatech2 5-1:0.51: device disconnected
[  438.752020][T10003] program syz.1.1080 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  439.593777][T10015] tmpfs: Bad value for 'mpol'
[  439.754608][T10013] netlink: 192 bytes leftover after parsing attributes in process `syz.4.1084'.
[  440.090702][   T29] audit: type=1400 audit(1736518303.121:650): avc:  denied  { read } for  pid=10014 comm="syz.3.1085" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  440.127455][T10022] program syz.1.1086 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  440.159138][   T29] audit: type=1400 audit(1736518303.121:651): avc:  denied  { open } for  pid=10014 comm="syz.3.1085" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  440.508837][T10008] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.521802][   T29] audit: type=1400 audit(1736518303.121:652): avc:  denied  { ioctl } for  pid=10014 comm="syz.3.1085" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  440.589891][T10007] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.638598][T10020] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  440.792820][T10025] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  442.324520][ T9916] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  443.356128][T10055] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1096'.
[  443.596668][ T9916] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  443.669307][ T9916] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[  443.741792][ T9916] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  443.777452][ T9916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.112115][ T9916] usb 4-1: config 0 descriptor??
[  444.193296][ T9916] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  444.200827][ T5915] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  444.492751][ T5896] usb 4-1: USB disconnect, device number 23
[  444.569506][ T5915] usb 6-1: Using ep0 maxpacket: 16
[  444.640918][ T5915] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[  444.673854][ T5915] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  445.403477][ T5915] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  445.411668][ T5915] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  445.419960][ T5915] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  445.428926][ T5915] usb 6-1: config 0 has no interface number 0
[  445.435044][ T5915] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  445.446285][ T5915] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  445.456210][ T5915] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  445.466225][ T5915] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  445.479480][ T5915] usb 6-1: config 0 interface 125 has no altsetting 0
[  445.486265][ T5915] usb 6-1: config 0 interface 125 has no altsetting 2
[  445.989895][T10084] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1108'.
[  446.103668][ T5915] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  446.113176][ T5915] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.121355][ T5915] usb 6-1: Product: syz
[  446.125543][ T5915] usb 6-1: Manufacturer: syz
[  446.174292][ T5915] usb 6-1: config 0 descriptor??
[  446.179668][ T5915] usb 6-1: can't set config #0, error -71
[  446.187430][ T5915] usb 6-1: USB disconnect, device number 3
[  446.765143][T10094] random: crng reseeded on system resumption
[  447.407254][    T9] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  448.115433][    T9] usb 4-1: device descriptor read/64, error -71
[  448.131556][T10105] program syz.5.1112 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  448.845743][    T9] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  449.052162][   T47] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  449.083671][T10117] netlink: 192 bytes leftover after parsing attributes in process `syz.0.1115'.
[  449.276733][    T9] usb 4-1: device descriptor read/64, error -71
[  449.392424][    T9] usb usb4-port1: attempt power cycle
[  449.541142][   T47] usb 5-1: Using ep0 maxpacket: 32
[  449.553699][   T47] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  449.568036][   T47] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  449.581290][T10124] fuse: Unknown parameter '017777777777777777777770xffffffffffffffff'
[  449.608965][   T47] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  449.668903][   T47] usb 5-1: config 1 has no interface number 0
[  449.675069][   T47] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  449.686045][   T47] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  449.699181][   T47] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  449.708343][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.816092][   T47] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  449.948961][T10136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1120'.
[  450.614663][T10137] netlink: 192 bytes leftover after parsing attributes in process `syz.5.1121'.
[  450.826420][   T47] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached
[  451.398406][   T29] audit: type=1326 audit(1736518313.700:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  451.488237][T10133] netlink: 'syz.0.1122': attribute type 1 has an invalid length.
[  451.978778][   T47] snd_usb_pod 5-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  452.125851][   T29] audit: type=1326 audit(1736518313.700:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.241882][   T29] audit: type=1326 audit(1736518313.700:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.363241][   T29] audit: type=1326 audit(1736518313.700:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.453731][   T29] audit: type=1326 audit(1736518313.700:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.486543][   T29] audit: type=1326 audit(1736518313.700:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.515690][   T29] audit: type=1326 audit(1736518313.700:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.549204][   T29] audit: type=1326 audit(1736518313.700:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.3.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d43d85d29 code=0x7ffc0000
[  452.767317][ T5896] usb 5-1: USB disconnect, device number 27
[  452.770764][T10160] FAULT_INJECTION: forcing a failure.
[  452.770764][T10160] name failslab, interval 1, probability 0, space 0, times 0
[  452.778195][ T5896] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  452.786084][T10160] CPU: 0 UID: 0 PID: 10160 Comm: syz.5.1129 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  452.804165][T10160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  452.814238][T10160] Call Trace:
[  452.817535][T10160]  <TASK>
[  452.820480][T10160]  dump_stack_lvl+0x16c/0x1f0
[  452.825264][T10160]  should_fail_ex+0x497/0x5b0
[  452.829966][T10160]  ? fs_reclaim_acquire+0xae/0x150
[  452.835101][T10160]  should_failslab+0xc2/0x120
[  452.839798][T10160]  __kmalloc_noprof+0xcb/0x510
[  452.844574][T10160]  ? d_absolute_path+0x137/0x1b0
[  452.849525][T10160]  ? rcu_is_watching+0x12/0xc0
[  452.854297][T10160]  tomoyo_encode2+0x100/0x3e0
[  452.858977][T10160]  tomoyo_encode+0x29/0x50
[  452.863391][T10160]  tomoyo_realpath_from_path+0x19d/0x720
[  452.869045][T10160]  tomoyo_path_number_perm+0x248/0x590
[  452.874500][T10160]  ? tomoyo_path_number_perm+0x235/0x590
[  452.880129][T10160]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  452.886125][T10160]  ? __pfx_lock_release+0x10/0x10
[  452.891144][T10160]  ? trace_lock_acquire+0x14e/0x1f0
[  452.896350][T10160]  ? lock_acquire+0x2f/0xb0
[  452.900847][T10160]  ? __fget_files+0x40/0x3a0
[  452.905441][T10160]  ? __fget_files+0x206/0x3a0
[  452.910115][T10160]  security_file_ioctl+0x9b/0x240
[  452.915140][T10160]  __x64_sys_ioctl+0xb7/0x200
[  452.919819][T10160]  do_syscall_64+0xcd/0x250
[  452.924322][T10160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.930214][T10160] RIP: 0033:0x7fd935985d29
[  452.934624][T10160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.954254][T10160] RSP: 002b:00007fd93678c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  452.962668][T10160] RAX: ffffffffffffffda RBX: 00007fd935b75fa0 RCX: 00007fd935985d29
[  452.970636][T10160] RDX: 0000000020000280 RSI: 00000000c0487c04 RDI: 0000000000000003
[  452.978600][T10160] RBP: 00007fd93678c090 R08: 0000000000000000 R09: 0000000000000000
[  452.986565][T10160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.994529][T10160] R13: 0000000000000000 R14: 00007fd935b75fa0 R15: 00007ffc8274a178
[  453.002506][T10160]  </TASK>
[  453.069091][T10160] ERROR: Out of memory at tomoyo_realpath_from_path.
[  454.188967][T10171] netlink: 'syz.5.1131': attribute type 1 has an invalid length.
[  454.222004][T10171] nvme_fabrics: unknown parameter or missing value ' ' in ctrl creation request
[  454.241513][T10178] program syz.4.1134 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  455.490105][   T29] audit: type=1326 audit(1736518317.517:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10185 comm="syz.1.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a2785d29 code=0x7ffc0000
[  455.514086][   T47] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  455.590809][   T29] audit: type=1326 audit(1736518317.517:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10185 comm="syz.1.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a2785d29 code=0x7ffc0000
[  455.720067][   T47] usb 1-1: Using ep0 maxpacket: 32
[  455.751474][   T47] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  455.815857][   T47] usb 1-1: config 0 has no interface number 0
[  455.863598][   T47] usb 1-1: config 0 interface 12 has no altsetting 0
[  455.878967][   T47] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  455.890643][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.909311][   T47] usb 1-1: Product: syz
[  455.916192][   T47] usb 1-1: Manufacturer: syz
[  455.920938][   T47] usb 1-1: SerialNumber: syz
[  455.951332][   T47] usb 1-1: config 0 descriptor??
[  456.999160][T10206] IPVS: Error joining to the multicast group
[  457.376466][T10184] netlink: 'syz.0.1137': attribute type 14 has an invalid length.
[  457.917546][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  457.917560][   T29] audit: type=1400 audit(1736518319.490:669): avc:  denied  { getopt } for  pid=10209 comm="syz.1.1144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  457.964252][T10216] pim6reg: entered allmulticast mode
[  458.189653][   T47] f81534 1-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  458.197970][   T47] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  458.205343][   T47] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  458.241738][   T47] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  458.255500][   T29] audit: type=1400 audit(1736518319.565:670): avc:  denied  { create } for  pid=10209 comm="syz.1.1144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  458.422517][   T47] usb 1-1: USB disconnect, device number 24
[  458.429556][T10223] FAULT_INJECTION: forcing a failure.
[  458.429556][T10223] name failslab, interval 1, probability 0, space 0, times 0
[  458.456201][T10223] CPU: 1 UID: 0 PID: 10223 Comm: syz.3.1148 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  458.456649][   T29] audit: type=1400 audit(1736518319.584:671): avc:  denied  { write } for  pid=10209 comm="syz.1.1144" path="socket:[25123]" dev="sockfs" ino=25123 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  458.466973][T10223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  458.466986][T10223] Call Trace:
[  458.491347][   T29] audit: type=1400 audit(1736518319.584:672): avc:  denied  { nlmsg_read } for  pid=10209 comm="syz.1.1144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  458.501193][T10223]  <TASK>
[  458.501205][T10223]  dump_stack_lvl+0x16c/0x1f0
[  458.533086][T10223]  should_fail_ex+0x497/0x5b0
[  458.537753][T10223]  ? fs_reclaim_acquire+0xae/0x150
[  458.542847][T10223]  should_failslab+0xc2/0x120
[  458.547505][T10223]  __kmalloc_noprof+0xcb/0x510
[  458.552253][T10223]  ? d_absolute_path+0x137/0x1b0
[  458.557173][T10223]  ? rcu_is_watching+0x12/0xc0
[  458.561923][T10223]  tomoyo_encode2+0x100/0x3e0
[  458.566604][T10223]  tomoyo_encode+0x29/0x50
[  458.570998][T10223]  tomoyo_realpath_from_path+0x19d/0x720
[  458.576617][T10223]  tomoyo_path_number_perm+0x248/0x590
[  458.582053][T10223]  ? tomoyo_path_number_perm+0x235/0x590
[  458.587669][T10223]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  458.593650][T10223]  ? __pfx_lock_release+0x10/0x10
[  458.598671][T10223]  ? trace_lock_acquire+0x14e/0x1f0
[  458.603855][T10223]  ? lock_acquire+0x2f/0xb0
[  458.608335][T10223]  ? __fget_files+0x40/0x3a0
[  458.612908][T10223]  ? __fget_files+0x206/0x3a0
[  458.617576][T10223]  security_file_ioctl+0x9b/0x240
[  458.622584][T10223]  __x64_sys_ioctl+0xb7/0x200
[  458.627242][T10223]  do_syscall_64+0xcd/0x250
[  458.631730][T10223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.637603][T10223] RIP: 0033:0x7f9d43d85d29
[  458.642005][T10223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.661592][T10223] RSP: 002b:00007f9d44bfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  458.669982][T10223] RAX: ffffffffffffffda RBX: 00007f9d43f75fa0 RCX: 00007f9d43d85d29
[  458.677941][T10223] RDX: 0000000020001980 RSI: 0000000040085511 RDI: 0000000000000003
[  458.685896][T10223] RBP: 00007f9d44bfc090 R08: 0000000000000000 R09: 0000000000000000
[  458.693846][T10223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.701796][T10223] R13: 0000000000000000 R14: 00007f9d43f75fa0 R15: 00007ffc2f572c98
[  458.709765][T10223]  </TASK>
[  458.712860][    C1] vkms_vblank_simulate: vblank timer overrun
[  458.794018][T10216] delete_channel: no stack
[  458.799080][   T29] audit: type=1400 audit(1736518320.631:673): avc:  denied  { setopt } for  pid=10215 comm="syz.5.1145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  458.818760][T10216] pim6reg: left allmulticast mode
[  458.842695][T10223] ERROR: Out of memory at tomoyo_realpath_from_path.
[  460.243840][T10244] Invalid ELF header magic: != ELF
[  460.255684][T10244] ntfs3(nullb0): Primary boot signature is not NTFS.
[  460.262846][T10244] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  461.044907][T10251] program syz.1.1154 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  464.606881][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  465.318380][T10296] Invalid ELF header magic: != ELF
[  465.330419][T10296] ntfs3(nullb0): Primary boot signature is not NTFS.
[  465.337693][T10296] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  466.875590][T10308] netlink: 'syz.1.1170': attribute type 16 has an invalid length.
[  466.883576][T10308] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.1170'.
[  467.670827][T10319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1174'.
[  469.239128][   T59] block nbd2: Possible stuck request ffff8880262c5080: control (read@0,4096B). Runtime 90 seconds
[  471.147442][T10347] libceph: resolve '0' (ret=-3): failed
[  471.193982][T10343] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1180'.
[  472.144357][   T29] audit: type=1400 audit(1736518333.026:674): avc:  denied  { accept } for  pid=10342 comm="syz.1.1182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  473.572293][   T29] audit: type=1326 audit(1736518334.429:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.595726][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.602293][   T29] audit: type=1326 audit(1736518334.429:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.626181][   T29] audit: type=1326 audit(1736518334.429:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.649568][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.655663][   T29] audit: type=1326 audit(1736518334.429:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.659957][T10378] netlink: 'syz.0.1189': attribute type 1 has an invalid length.
[  473.679258][   T29] audit: type=1326 audit(1736518334.429:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.710672][   T29] audit: type=1326 audit(1736518334.429:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.734252][   T29] audit: type=1326 audit(1736518334.429:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.756933][T10380] netlink: 'syz.3.1190': attribute type 1 has an invalid length.
[  473.757625][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.771583][   T29] audit: type=1326 audit(1736518334.429:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  473.794992][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.801299][   T29] audit: type=1326 audit(1736518334.429:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10374 comm="syz.4.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7837185d29 code=0x7ffc0000
[  475.287830][T10382] program syz.5.1191 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  475.544303][   T47] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  476.023414][T10398] Invalid ELF header magic: != ELF
[  476.040303][T10398] ntfs3(nullb0): Primary boot signature is not NTFS.
[  476.047558][T10398] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  477.894532][   T47] usb 5-1: device descriptor read/all, error -71
[  478.249275][T10416] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1202'.
[  479.048766][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  479.048803][   T29] audit: type=1326 audit(1736518339.555:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  479.537193][   T29] audit: type=1326 audit(1736518339.555:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  479.575908][   T29] audit: type=1326 audit(1736518339.555:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  479.599182][    C0] vkms_vblank_simulate: vblank timer overrun
[  479.651432][   T29] audit: type=1326 audit(1736518339.555:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  479.674787][    C0] vkms_vblank_simulate: vblank timer overrun
[  479.713831][   T29] audit: type=1326 audit(1736518339.555:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  479.784827][T10439] fuse: Bad value for 'user_id'
[  479.789722][T10439] fuse: Bad value for 'user_id'
[  480.479360][   T29] audit: type=1326 audit(1736518339.555:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  480.503277][   T29] audit: type=1326 audit(1736518339.555:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  480.526932][   T29] audit: type=1326 audit(1736518339.555:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10425 comm="syz.5.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd935985d29 code=0x7ffc0000
[  480.652878][T10448] FAULT_INJECTION: forcing a failure.
[  480.652878][T10448] name failslab, interval 1, probability 0, space 0, times 0
[  480.681758][T10448] CPU: 0 UID: 0 PID: 10448 Comm: syz.1.1212 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  480.692572][T10448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  480.702640][T10448] Call Trace:
[  480.705926][T10448]  <TASK>
[  480.708861][T10448]  dump_stack_lvl+0x16c/0x1f0
[  480.713555][T10448]  should_fail_ex+0x497/0x5b0
[  480.718248][T10448]  ? fs_reclaim_acquire+0xae/0x150
[  480.723377][T10448]  should_failslab+0xc2/0x120
[  480.728068][T10448]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  480.733884][T10448]  ? __alloc_skb+0x2b1/0x380
[  480.738495][T10448]  __alloc_skb+0x2b1/0x380
[  480.743020][T10448]  ? __pfx___alloc_skb+0x10/0x10
[  480.747978][T10448]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  480.753974][T10448]  netlink_alloc_large_skb+0x69/0x130
[  480.759365][T10448]  netlink_sendmsg+0x689/0xd70
[  480.764145][T10448]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.769444][T10448]  ? avc_has_perm_noaudit+0x143/0x3a0
[  480.774855][T10448]  sock_write_iter+0x4fe/0x5b0
[  480.779652][T10448]  ? __pfx_sock_write_iter+0x10/0x10
[  480.784968][T10448]  ? __pfx_file_has_perm+0x10/0x10
[  480.790098][T10448]  do_iter_readv_writev+0x532/0x7f0
[  480.795307][T10448]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  480.801014][T10448]  ? bpf_lsm_file_permission+0x9/0x10
[  480.806376][T10448]  ? security_file_permission+0x71/0x210
[  480.812005][T10448]  vfs_writev+0x363/0xdd0
[  480.816322][T10448]  ? find_held_lock+0x2d/0x110
[  480.821082][T10448]  ? __pfx_vfs_writev+0x10/0x10
[  480.825921][T10448]  ? find_held_lock+0x2d/0x110
[  480.830677][T10448]  ? __pfx_lock_release+0x10/0x10
[  480.835685][T10448]  ? trace_lock_acquire+0x14e/0x1f0
[  480.840873][T10448]  ? __fget_files+0x206/0x3a0
[  480.845537][T10448]  ? do_writev+0x297/0x340
[  480.849927][T10448]  do_writev+0x297/0x340
[  480.854170][T10448]  ? __pfx_do_writev+0x10/0x10
[  480.858937][T10448]  do_syscall_64+0xcd/0x250
[  480.863434][T10448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.869316][T10448] RIP: 0033:0x7f08a2785d29
[  480.873707][T10448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.893293][T10448] RSP: 002b:00007f08a34dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  480.901688][T10448] RAX: ffffffffffffffda RBX: 00007f08a2975fa0 RCX: 00007f08a2785d29
[  480.909640][T10448] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[  480.917599][T10448] RBP: 00007f08a34dc090 R08: 0000000000000000 R09: 0000000000000000
[  480.925572][T10448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.933526][T10448] R13: 0000000000000000 R14: 00007f08a2975fa0 R15: 00007ffe963ab6c8
[  480.941488][T10448]  </TASK>
[  480.944564][    C0] vkms_vblank_simulate: vblank timer overrun
[  481.074609][T10453] Invalid ELF header magic: != ELF
[  481.086461][T10453] ntfs3(nullb0): Primary boot signature is not NTFS.
[  481.093712][T10453] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  481.734870][   T29] audit: type=1400 audit(1736518342.080:720): avc:  denied  { map } for  pid=10449 comm="syz.5.1211" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  482.176681][   T29] audit: type=1400 audit(1736518342.464:721): avc:  denied  { mount } for  pid=10457 comm="syz.3.1215" name="/" dev="autofs" ino=25568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  482.263098][T10459] FAULT_INJECTION: forcing a failure.
[  482.263098][T10459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.305414][T10464] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  482.361511][T10459] CPU: 0 UID: 0 PID: 10459 Comm: syz.3.1215 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  482.372295][T10459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  482.382361][T10459] Call Trace:
[  482.385645][T10459]  <TASK>
[  482.388556][T10459]  dump_stack_lvl+0x16c/0x1f0
[  482.393223][T10459]  should_fail_ex+0x497/0x5b0
[  482.397887][T10459]  strncpy_from_user+0x3b/0x2d0
[  482.402725][T10459]  getname_flags.part.0+0x8f/0x550
[  482.407827][T10459]  getname_flags+0x93/0xf0
[  482.412225][T10459]  __x64_sys_mkdirat+0x76/0xb0
[  482.416970][T10459]  do_syscall_64+0xcd/0x250
[  482.421464][T10459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.427345][T10459] RIP: 0033:0x7f9d43d85d29
[  482.431745][T10459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.451356][T10459] RSP: 002b:00007f9d44bfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  482.459761][T10459] RAX: ffffffffffffffda RBX: 00007f9d43f75fa0 RCX: 00007f9d43d85d29
[  482.467722][T10459] RDX: 0000000000000000 RSI: 0000000020002040 RDI: ffffffffffffff9c
[  482.475695][T10459] RBP: 00007f9d44bfc090 R08: 0000000000000000 R09: 0000000000000000
[  482.483691][T10459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.491673][T10459] R13: 0000000000000000 R14: 00007f9d43f75fa0 R15: 00007ffc2f572c98
[  482.499659][T10459]  </TASK>
[  483.526101][ T5896] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  483.622364][   T47] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  483.690307][ T5896] usb 4-1: Using ep0 maxpacket: 32
[  483.712077][ T5896] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  483.738266][ T5896] usb 4-1: config 0 has no interface number 0
[  483.793394][   T47] usb 5-1: Using ep0 maxpacket: 8
[  483.804136][ T5896] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  483.809786][   T47] usb 5-1: unable to get BOS descriptor or descriptor too short
[  483.813243][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.834824][ T5896] usb 4-1: Product: syz
[  483.839352][ T5896] usb 4-1: Manufacturer: syz
[  483.844273][ T5896] usb 4-1: SerialNumber: syz
[  483.864694][ T5896] usb 4-1: config 0 descriptor??
[  483.869311][   T47] usb 5-1: config 4 interface 0 has no altsetting 0
[  483.874350][ T5896] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  483.889354][   T47] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  483.911598][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.930474][   T47] usb 5-1: Product: syz
[  483.946303][   T47] usb 5-1: Manufacturer: syz
[  483.955807][   T47] usb 5-1: SerialNumber: syz
[  484.125189][T10475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  484.150680][T10475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.417358][   T47] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  484.465610][   T47] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  484.498080][   T47] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  484.510563][   T47] usb 5-1: media controller created
[  484.556090][   T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  484.566301][T10498] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  484.573583][T10498] cramfs: wrong magic
[  484.644544][   T47] zl10353_read_register: readreg error (reg=127, ret==0)
[  484.663662][T10500] FAULT_INJECTION: forcing a failure.
[  484.663662][T10500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  484.708086][T10500] CPU: 0 UID: 0 PID: 10500 Comm: syz.0.1227 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  484.718892][T10500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  484.728958][T10500] Call Trace:
[  484.732241][T10500]  <TASK>
[  484.735182][T10500]  dump_stack_lvl+0x16c/0x1f0
[  484.739878][T10500]  should_fail_ex+0x497/0x5b0
[  484.744579][T10500]  _copy_from_user+0x2e/0xd0
[  484.749182][T10500]  __sys_bpf+0x21c/0x49c0
[  484.753524][T10500]  ? __pfx_lock_release+0x10/0x10
[  484.758562][T10500]  ? __pfx___sys_bpf+0x10/0x10
[  484.763338][T10500]  ? vfs_write+0x306/0x1150
[  484.767853][T10500]  ? __mutex_unlock_slowpath+0x164/0x690
[  484.773512][T10500]  ? fput+0x67/0x440
[  484.777420][T10500]  ? ksys_write+0x1ba/0x250
[  484.781928][T10500]  ? __pfx_ksys_write+0x10/0x10
[  484.786787][T10500]  __x64_sys_bpf+0x78/0xc0
[  484.791217][T10500]  ? lockdep_hardirqs_on+0x7c/0x110
[  484.796429][T10500]  do_syscall_64+0xcd/0x250
[  484.800947][T10500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.806851][T10500] RIP: 0033:0x7f2595385d29
[  484.811267][T10500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.830898][T10500] RSP: 002b:00007f25961b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  484.839328][T10500] RAX: ffffffffffffffda RBX: 00007f2595575fa0 RCX: 00007f2595385d29
[  484.847315][T10500] RDX: 0000000000000010 RSI: 0000000020000340 RDI: 000000000000001d
[  484.855296][T10500] RBP: 00007f25961b7090 R08: 0000000000000000 R09: 0000000000000000
[  484.863281][T10500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.871263][T10500] R13: 0000000000000000 R14: 00007f2595575fa0 R15: 00007ffc54aaf9d8
[  484.879261][T10500]  </TASK>
[  484.891562][ T5896] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  484.919941][   T47] usb 5-1: USB disconnect, device number 30
[  484.931948][ T5896] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  485.163263][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  485.179124][ T5896] usb 4-1: USB disconnect, device number 27
[  485.187673][ T5896] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  485.225422][ T5896] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  485.237146][ T5896] quatech2 4-1:0.51: device disconnected
[  485.706514][T10518] Invalid ELF header magic: != ELF
[  485.744799][T10518] ntfs3(nullb0): Primary boot signature is not NTFS.
[  485.752918][T10518] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  486.887618][T10529] FAULT_INJECTION: forcing a failure.
[  486.887618][T10529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.912087][T10529] CPU: 0 UID: 0 PID: 10529 Comm: syz.0.1233 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  486.922885][T10529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  486.932954][T10529] Call Trace:
[  486.936237][T10529]  <TASK>
[  486.939163][T10529]  dump_stack_lvl+0x16c/0x1f0
[  486.943848][T10529]  should_fail_ex+0x497/0x5b0
[  486.948514][T10529]  _copy_from_user+0x2e/0xd0
[  486.953084][T10529]  copy_msghdr_from_user+0x99/0x160
[  486.958263][T10529]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  486.964052][T10529]  ___sys_sendmsg+0xff/0x1e0
[  486.968622][T10529]  ? __pfx____sys_sendmsg+0x10/0x10
[  486.973799][T10529]  ? __pfx_lock_release+0x10/0x10
[  486.978801][T10529]  ? trace_lock_acquire+0x14e/0x1f0
[  486.984004][T10529]  ? __fget_files+0x206/0x3a0
[  486.988700][T10529]  __sys_sendmsg+0x16e/0x220
[  486.993296][T10529]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.998419][T10529]  do_syscall_64+0xcd/0x250
[  487.002995][T10529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.008888][T10529] RIP: 0033:0x7f2595385d29
[  487.013296][T10529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.032901][T10529] RSP: 002b:00007f25961b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  487.041307][T10529] RAX: ffffffffffffffda RBX: 00007f2595575fa0 RCX: 00007f2595385d29
[  487.049268][T10529] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[  487.057233][T10529] RBP: 00007f25961b7090 R08: 0000000000000000 R09: 0000000000000000
[  487.065198][T10529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.073159][T10529] R13: 0000000000000000 R14: 00007f2595575fa0 R15: 00007ffc54aaf9d8
[  487.081134][T10529]  </TASK>
[  487.985352][T10528] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.430268][T10527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.621129][T10520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  488.807978][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  488.807995][   T29] audit: type=1400 audit(1736518348.703:726): avc:  denied  { write } for  pid=10557 comm="syz.1.1243" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  488.839360][    C1] vkms_vblank_simulate: vblank timer overrun
[  488.896406][T10559] Invalid ELF header magic: != ELF
[  488.907493][T10559] ntfs3(nullb0): Primary boot signature is not NTFS.
[  488.914923][T10559] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  489.068417][T10560] FAULT_INJECTION: forcing a failure.
[  489.068417][T10560] name failslab, interval 1, probability 0, space 0, times 0
[  489.405944][T10560] CPU: 0 UID: 0 PID: 10560 Comm: syz.1.1243 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  489.416747][T10560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  489.426814][T10560] Call Trace:
[  489.430109][T10560]  <TASK>
[  489.433047][T10560]  dump_stack_lvl+0x16c/0x1f0
[  489.437746][T10560]  should_fail_ex+0x497/0x5b0
[  489.442441][T10560]  ? fs_reclaim_acquire+0xae/0x150
[  489.447574][T10560]  should_failslab+0xc2/0x120
[  489.452263][T10560]  __kmalloc_noprof+0xcb/0x510
[  489.457044][T10560]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  489.462695][T10560]  tomoyo_realpath_from_path+0xb9/0x720
[  489.468262][T10560]  ? tomoyo_path_number_perm+0x235/0x590
[  489.473916][T10560]  ? tomoyo_path_number_perm+0x235/0x590
[  489.479565][T10560]  tomoyo_path_number_perm+0x248/0x590
[  489.485040][T10560]  ? tomoyo_path_number_perm+0x235/0x590
[  489.490679][T10560]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  489.496655][T10560]  ? __pfx___schedule+0x10/0x10
[  489.501508][T10560]  ? irqentry_exit+0x3b/0x90
[  489.506097][T10560]  ? lockdep_hardirqs_on+0x7c/0x110
[  489.511284][T10560]  ? __x64_sys_ioctl+0x94/0x200
[  489.516124][T10560]  ? security_file_ioctl+0x18/0x240
[  489.521308][T10560]  security_file_ioctl+0x9b/0x240
[  489.526323][T10560]  __x64_sys_ioctl+0xb7/0x200
[  489.531003][T10560]  do_syscall_64+0xcd/0x250
[  489.535514][T10560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.541399][T10560] RIP: 0033:0x7f08a2785d29
[  489.545797][T10560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  489.565392][T10560] RSP: 002b:00007f08a05f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  489.573795][T10560] RAX: ffffffffffffffda RBX: 00007f08a2976080 RCX: 00007f08a2785d29
[  489.581752][T10560] RDX: 0000000000000001 RSI: 0000000000004c81 RDI: 0000000000000003
[  489.589719][T10560] RBP: 00007f08a05f6090 R08: 0000000000000000 R09: 0000000000000000
[  489.597672][T10560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  489.605630][T10560] R13: 0000000000000001 R14: 00007f08a2976080 R15: 00007ffe963ab6c8
[  489.613602][T10560]  </TASK>
[  489.734411][T10560] ERROR: Out of memory at tomoyo_realpath_from_path.
[  490.592662][T10579] netlink: 'syz.4.1249': attribute type 1 has an invalid length.
[  490.612618][T10580] IPVS: set_ctl: invalid protocol: 135 172.20.20.170:20004
[  492.331327][T10592] FAULT_INJECTION: forcing a failure.
[  492.331327][T10592] name failslab, interval 1, probability 0, space 0, times 0
[  492.362527][T10592] CPU: 1 UID: 0 PID: 10592 Comm: syz.1.1254 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  492.373333][T10592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  492.383403][T10592] Call Trace:
[  492.386693][T10592]  <TASK>
[  492.389637][T10592]  dump_stack_lvl+0x16c/0x1f0
[  492.394335][T10592]  should_fail_ex+0x497/0x5b0
[  492.399031][T10592]  ? fs_reclaim_acquire+0xae/0x150
[  492.404160][T10592]  should_failslab+0xc2/0x120
[  492.408860][T10592]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  492.414683][T10592]  ? __alloc_skb+0x2b1/0x380
[  492.419296][T10592]  __alloc_skb+0x2b1/0x380
[  492.423727][T10592]  ? __pfx___alloc_skb+0x10/0x10
[  492.428671][T10592]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  492.434993][T10592]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  492.441666][T10592]  netlink_alloc_large_skb+0x69/0x130
[  492.447044][T10592]  netlink_sendmsg+0x689/0xd70
[  492.451809][T10592]  ? __pfx_netlink_sendmsg+0x10/0x10
[  492.457105][T10592]  ____sys_sendmsg+0xaaf/0xc90
[  492.461871][T10592]  ? copy_msghdr_from_user+0x10b/0x160
[  492.467320][T10592]  ? __pfx_____sys_sendmsg+0x10/0x10
[  492.472631][T10592]  ___sys_sendmsg+0x135/0x1e0
[  492.477303][T10592]  ? __pfx____sys_sendmsg+0x10/0x10
[  492.482501][T10592]  ? __pfx_lock_release+0x10/0x10
[  492.487534][T10592]  ? trace_lock_acquire+0x14e/0x1f0
[  492.492755][T10592]  ? __fget_files+0x206/0x3a0
[  492.497436][T10592]  __sys_sendmsg+0x16e/0x220
[  492.502027][T10592]  ? __pfx___sys_sendmsg+0x10/0x10
[  492.507147][T10592]  do_syscall_64+0xcd/0x250
[  492.511658][T10592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.517554][T10592] RIP: 0033:0x7f08a2785d29
[  492.521960][T10592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.541559][T10592] RSP: 002b:00007f08a34dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  492.549967][T10592] RAX: ffffffffffffffda RBX: 00007f08a2975fa0 RCX: 00007f08a2785d29
[  492.557927][T10592] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  492.565887][T10592] RBP: 00007f08a34dc090 R08: 0000000000000000 R09: 0000000000000000
[  492.573846][T10592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.581807][T10592] R13: 0000000000000000 R14: 00007f08a2975fa0 R15: 00007ffe963ab6c8
[  492.589778][T10592]  </TASK>
[  492.592931][    C1] vkms_vblank_simulate: vblank timer overrun
[  492.854072][T10597] netlink: 192 bytes leftover after parsing attributes in process `syz.3.1255'.
[  495.103377][T10627] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  495.738530][T10638] program syz.3.1268 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  496.810308][T10642] FAULT_INJECTION: forcing a failure.
[  496.810308][T10642] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  496.887740][T10642] CPU: 0 UID: 0 PID: 10642 Comm: syz.0.1270 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  496.898557][T10642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  496.908633][T10642] Call Trace:
[  496.911928][T10642]  <TASK>
[  496.914872][T10642]  dump_stack_lvl+0x16c/0x1f0
[  496.919566][T10642]  should_fail_ex+0x497/0x5b0
[  496.924253][T10642]  ? fs_reclaim_acquire+0xae/0x150
[  496.929356][T10642]  should_fail_alloc_page+0xe7/0x130
[  496.934640][T10642]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  496.940789][T10642]  __alloc_pages_noprof+0x190/0x25b0
[  496.946069][T10642]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  496.951868][T10642]  ? lockdep_hardirqs_on+0x7c/0x110
[  496.957061][T10642]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  496.962860][T10642]  ? stack_depot_save_flags+0x38f/0x9c0
[  496.968404][T10642]  ? __pfx_mark_lock+0x10/0x10
[  496.973170][T10642]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  496.978882][T10642]  ? kasan_save_stack+0x42/0x60
[  496.983722][T10642]  ? kasan_save_track+0x14/0x30
[  496.988570][T10642]  ? __kmalloc_noprof+0x21c/0x510
[  496.993585][T10642]  ? copy_splice_read+0x1a8/0xb90
[  496.998614][T10642]  ? sock_splice_read+0xe9/0x110
[  497.003541][T10642]  ? do_splice_read+0x282/0x370
[  497.008387][T10642]  ? splice_file_to_pipe+0x109/0x120
[  497.013667][T10642]  ? do_splice+0x1174/0x1f60
[  497.018248][T10642]  ? __do_splice+0x159/0x360
[  497.022850][T10642]  alloc_pages_bulk_noprof+0x72b/0x10b0
[  497.028412][T10642]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  497.034395][T10642]  ? __kmalloc_noprof+0x23b/0x510
[  497.039418][T10642]  copy_splice_read+0x1e3/0xb90
[  497.044278][T10642]  ? __pfx_copy_splice_read+0x10/0x10
[  497.049650][T10642]  ? pipe_lock+0x64/0x80
[  497.053889][T10642]  ? trace_lock_acquire+0x14e/0x1f0
[  497.059090][T10642]  sock_splice_read+0xe9/0x110
[  497.063849][T10642]  ? __pfx_sock_splice_read+0x10/0x10
[  497.069219][T10642]  do_splice_read+0x282/0x370
[  497.073903][T10642]  splice_file_to_pipe+0x109/0x120
[  497.079010][T10642]  do_splice+0x1174/0x1f60
[  497.083429][T10642]  ? __pfx_do_splice+0x10/0x10
[  497.088187][T10642]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  497.093644][T10642]  ? __pfx_lock_release+0x10/0x10
[  497.098659][T10642]  ? trace_lock_acquire+0x14e/0x1f0
[  497.103859][T10642]  __do_splice+0x159/0x360
[  497.108266][T10642]  ? __pfx___do_splice+0x10/0x10
[  497.113191][T10642]  ? __fget_files+0x206/0x3a0
[  497.117864][T10642]  __x64_sys_splice+0x187/0x250
[  497.122734][T10642]  do_syscall_64+0xcd/0x250
[  497.127241][T10642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.133130][T10642] RIP: 0033:0x7f2595385d29
[  497.137535][T10642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.157135][T10642] RSP: 002b:00007f25961b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  497.165539][T10642] RAX: ffffffffffffffda RBX: 00007f2595575fa0 RCX: 00007f2595385d29
[  497.173499][T10642] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005
[  497.181461][T10642] RBP: 00007f25961b7090 R08: 0800000000000045 R09: 0000000000000000
[  497.189421][T10642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.197379][T10642] R13: 0000000000000000 R14: 00007f2595575fa0 R15: 00007ffc54aaf9d8
[  497.205350][T10642]  </TASK>
[  497.316138][T10647] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1271'.
[  497.732679][T10649] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  498.092217][T10654] fuse: Unknown parameter '017777777777777777777770xffffffffffffffff'
[  498.493109][   T52] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  499.856624][   T29] audit: type=1400 audit(1736518359.011:727): avc:  denied  { create } for  pid=10662 comm="syz.5.1277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  499.889658][   T47] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  500.254262][   T52] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  500.264104][   T52] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  500.273595][   T52] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.283407][   T52] usb 1-1: config 0 descriptor??
[  500.414286][T10675] program syz.1.1278 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  500.588519][ T5896] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  500.856262][   T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  500.866054][   T47] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[  500.877538][   T47] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  500.886601][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.912030][   T47] usb 4-1: config 0 descriptor??
[  500.936473][   T47] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  500.973263][ T5896] usb 6-1: device descriptor read/64, error -71
[  501.073194][   T52] hid-steam 0003:28DE:1205.000B: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0
[  501.154995][   T52] hid-steam 0003:28DE:1205.000B: Steam Controller 'XXXXXXXXXX' connected
[  501.166501][   T52] input: Steam Deck as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1205.000B/input/input21
[  501.195239][   T52] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1205.000B/input/input22
[  501.229229][   T52] hid-steam 0003:28DE:1205.000C: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0
[  501.243505][ T5896] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  501.390708][ T5864] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  501.403509][   T29] audit: type=1400 audit(1736518360.470:728): avc:  denied  { ioctl } for  pid=10652 comm="syz.0.1273" path="socket:[27109]" dev="sockfs" ino=27109 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  501.428604][   T29] audit: type=1400 audit(1736518360.470:729): avc:  denied  { getopt } for  pid=10652 comm="syz.0.1273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  501.455551][   T47] usb 1-1: USB disconnect, device number 25
[  501.456542][ T5896] usb 6-1: device descriptor read/64, error -71
[  501.583423][ T5896] usb usb6-port1: attempt power cycle
[  501.592274][ T5864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  501.607613][ T5864] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  501.620780][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.621054][   T59] block nbd2: Possible stuck request ffff8880262c5080: control (read@0,4096B). Runtime 120 seconds
[  501.664267][ T5864] usb 2-1: config 0 descriptor??
[  501.716621][ T5864] pwc: Askey VC010 type 2 USB webcam detected.
[  502.077454][   T47] hid-steam 0003:28DE:1205.000B: Steam Controller 'XXXXXXXXXX' disconnected
[  502.286231][ T5864] pwc: recv_control_msg error -32 req 02 val 2b00
[  502.316091][   T29] audit: type=1400 audit(1736518361.312:730): avc:  denied  { read append } for  pid=10683 comm="syz.1.1282" name="btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  502.340704][   T29] audit: type=1400 audit(1736518361.312:731): avc:  denied  { open } for  pid=10683 comm="syz.1.1282" path="/dev/btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  502.475224][ T5864] pwc: recv_control_msg error -32 req 02 val 2700
[  502.484548][T10684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  502.493655][T10684] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  502.661058][T10700] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  502.709719][T10700] cramfs: wrong magic
[  504.872224][   T29] audit: type=1326 audit(1736518363.716:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  505.624986][ T5864] pwc: recv_control_msg error -71 req 02 val 2c00
[  505.638609][ T5864] pwc: recv_control_msg error -71 req 04 val 1000
[  505.645633][ T5864] pwc: recv_control_msg error -71 req 04 val 1300
[  505.652687][ T5864] pwc: recv_control_msg error -71 req 04 val 1400
[  505.677060][   T29] audit: type=1326 audit(1736518363.716:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  505.700423][    C1] vkms_vblank_simulate: vblank timer overrun
[  505.712403][ T5864] pwc: recv_control_msg error -71 req 02 val 2000
[  505.721784][   T29] audit: type=1326 audit(1736518363.716:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  505.741994][T10711] FAULT_INJECTION: forcing a failure.
[  505.741994][T10711] name failslab, interval 1, probability 0, space 0, times 0
[  505.758806][T10711] CPU: 0 UID: 0 PID: 10711 Comm: syz.0.1288 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  505.769591][T10711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  505.774008][ T5864] pwc: recv_control_msg error -71 req 02 val 2100
[  505.779635][T10711] Call Trace:
[  505.779646][T10711]  <TASK>
[  505.779656][T10711]  dump_stack_lvl+0x16c/0x1f0
[  505.791233][   T29] audit: type=1326 audit(1736518363.716:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  505.792268][T10711]  should_fail_ex+0x497/0x5b0
[  505.792299][T10711]  ? fs_reclaim_acquire+0xae/0x150
[  505.792321][T10711]  should_failslab+0xc2/0x120
[  505.797135][ T5864] pwc: recv_control_msg error -71 req 04 val 1500
[  505.820289][T10711]  __kmalloc_noprof+0xcb/0x510
[  505.820323][T10711]  ? d_absolute_path+0x137/0x1b0
[  505.820346][T10711]  ? rcu_is_watching+0x12/0xc0
[  505.820372][T10711]  tomoyo_encode2+0x100/0x3e0
[  505.820398][T10711]  tomoyo_encode+0x29/0x50
[  505.820417][T10711]  tomoyo_realpath_from_path+0x19d/0x720
[  505.820447][T10711]  tomoyo_path_number_perm+0x248/0x590
[  505.820468][T10711]  ? tomoyo_path_number_perm+0x235/0x590
[  505.820493][T10711]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  505.820539][T10711]  ? __pfx_lock_release+0x10/0x10
[  505.820559][T10711]  ? trace_lock_acquire+0x14e/0x1f0
[  505.820588][T10711]  ? lock_acquire+0x2f/0xb0
[  505.902045][T10711]  ? __fget_files+0x40/0x3a0
[  505.906643][T10711]  ? __fget_files+0x206/0x3a0
[  505.911314][T10711]  security_file_ioctl+0x9b/0x240
[  505.916339][T10711]  __x64_sys_ioctl+0xb7/0x200
[  505.921018][T10711]  do_syscall_64+0xcd/0x250
[  505.925527][T10711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.931419][T10711] RIP: 0033:0x7f2595385d29
[  505.935830][T10711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.955517][T10711] RSP: 002b:00007f25961b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  505.963924][T10711] RAX: ffffffffffffffda RBX: 00007f2595575fa0 RCX: 00007f2595385d29
[  505.971898][T10711] RDX: 0000000020000600 RSI: 00000000408c5333 RDI: 0000000000000003
[  505.979861][T10711] RBP: 00007f25961b7090 R08: 0000000000000000 R09: 0000000000000000
[  505.987828][T10711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.995812][T10711] R13: 0000000000000000 R14: 00007f2595575fa0 R15: 00007ffc54aaf9d8
[  506.003798][T10711]  </TASK>
[  506.031424][T10711] ERROR: Out of memory at tomoyo_realpath_from_path.
[  506.036199][ T5864] pwc: recv_control_msg error -71 req 02 val 2500
[  506.049067][   T29] audit: type=1326 audit(1736518363.716:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  506.050501][ T5864] pwc: recv_control_msg error -71 req 02 val 2400
[  506.072457][    C1] vkms_vblank_simulate: vblank timer overrun
[  506.077741][   T29] audit: type=1326 audit(1736518363.716:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  506.108715][   T29] audit: type=1326 audit(1736518363.716:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  506.132264][   T29] audit: type=1326 audit(1736518363.716:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10704 comm="syz.0.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2595385d29 code=0x7ffc0000
[  506.256164][   T29] audit: type=1400 audit(1736518365.007:740): avc:  denied  { read } for  pid=10708 comm="syz.1.1289" path="socket:[26538]" dev="sockfs" ino=26538 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  506.287542][ T5864] pwc: recv_control_msg error -71 req 02 val 2600
[  506.290259][ T5864] pwc: recv_control_msg error -71 req 02 val 2900
[  506.312116][ T5864] pwc: recv_control_msg error -71 req 02 val 2800
[  506.332317][ T5864] pwc: recv_control_msg error -71 req 04 val 1100
[  506.354366][ T5864] pwc: recv_control_msg error -71 req 04 val 1200
[  506.604738][ T5864] pwc: Registered as video103.
[  506.614248][ T5864] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input23
[  506.666838][ T9916] usb 4-1: USB disconnect, device number 28
[  506.783698][T10721] FAULT_INJECTION: forcing a failure.
[  506.783698][T10721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  506.934263][ T5864] usb 2-1: USB disconnect, device number 24
[  506.938147][T10721] CPU: 0 UID: 0 PID: 10721 Comm: syz.5.1290 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  506.950977][T10721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  506.961026][T10721] Call Trace:
[  506.964310][T10721]  <TASK>
[  506.967253][T10721]  dump_stack_lvl+0x16c/0x1f0
[  506.971961][T10721]  should_fail_ex+0x497/0x5b0
[  506.976665][T10721]  _copy_to_user+0x32/0xd0
[  506.981103][T10721]  simple_read_from_buffer+0xd0/0x160
[  506.986499][T10721]  proc_fail_nth_read+0x198/0x270
[  506.991546][T10721]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  506.997142][T10721]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  507.003212][T10721]  vfs_read+0x1df/0xbe0
[  507.007388][T10721]  ? __fget_files+0x1fc/0x3a0
[  507.012337][T10721]  ? __pfx___mutex_lock+0x10/0x10
[  507.017383][T10721]  ? __pfx_vfs_read+0x10/0x10
[  507.022085][T10721]  ? __fget_files+0x206/0x3a0
[  507.026790][T10721]  ksys_read+0x12b/0x250
[  507.031050][T10721]  ? __pfx_ksys_read+0x10/0x10
[  507.035838][T10721]  do_syscall_64+0xcd/0x250
[  507.040363][T10721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.046281][T10721] RIP: 0033:0x7fd93598473c
[  507.050705][T10721] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  507.070324][T10721] RSP: 002b:00007fd93678c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  507.078751][T10721] RAX: ffffffffffffffda RBX: 00007fd935b75fa0 RCX: 00007fd93598473c
[  507.086722][T10721] RDX: 000000000000000f RSI: 00007fd93678c0a0 RDI: 0000000000000005
[  507.094681][T10721] RBP: 00007fd93678c090 R08: 0000000000000000 R09: 0000000000000000
[  507.102642][T10721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.110617][T10721] R13: 0000000000000000 R14: 00007fd935b75fa0 R15: 00007ffc8274a178
[  507.118583][T10721]  </TASK>
[  510.352587][   T47] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  510.889571][T10772] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1307'.
[  510.939656][T10768] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  511.439343][T10776] netlink: 192 bytes leftover after parsing attributes in process `syz.4.1308'.
[  511.621343][   T29] audit: type=1400 audit(1736518369.974:741): avc:  denied  { bind } for  pid=10770 comm="syz.3.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  513.219613][ T5819] Bluetooth: hci0: command 0x0406 tx timeout
[  513.232815][ T5826] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  514.318859][T10802] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  514.839887][    T9] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  515.043318][T10789] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  515.289922][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  515.388526][T10819] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  515.398695][T10819] cramfs: wrong magic
[  515.907595][    T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[  515.917572][    T9] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  515.926709][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.939415][ T5826] Bluetooth: hci0: command 0x0406 tx timeout
[  516.022511][    T9] usb 4-1: config 0 descriptor??
[  516.076920][    T9] usb 4-1: can't set config #0, error -71
[  516.103735][    T9] usb 4-1: USB disconnect, device number 30
[  516.739214][T10834] Invalid ELF header magic: != ELF
[  516.750553][T10834] ntfs3(nullb0): Primary boot signature is not NTFS.
[  516.757923][T10834] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  519.383668][T10854] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  519.394722][T10854] cramfs: wrong magic
[  520.943373][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  522.008454][T10871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  522.062868][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.073317][    T9] usb 2-1: config 0 has no interfaces?
[  522.179246][T10870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  522.227470][    T9] usb 2-1: New USB device found, idVendor=0403, idProduct=f06a, bcdDevice=30.00
[  522.236864][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.244858][    T9] usb 2-1: Product: syz
[  522.254807][ T5819] Bluetooth: hci5: command 0x0406 tx timeout
[  522.266586][    T9] usb 2-1: Manufacturer: syz
[  522.277546][    T9] usb 2-1: SerialNumber: syz
[  522.286517][    T9] usb 2-1: config 0 descriptor??
[  522.450565][ T9916] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  522.767619][T10894] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  522.774973][T10894] cramfs: wrong magic
[  524.173586][ T9916] usb 1-1: device descriptor read/64, error -71
[  524.232352][   T47] usb 2-1: USB disconnect, device number 25
[  524.475731][ T9916] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  525.238586][ T9916] usb 1-1: device descriptor read/64, error -71
[  525.585480][ T9916] usb usb1-port1: attempt power cycle
[  526.494135][T10921] netlink: 192 bytes leftover after parsing attributes in process `syz.4.1344'.
[  528.786992][T10947] netlink: 'syz.1.1350': attribute type 1 has an invalid length.
[  530.376078][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  531.665038][   T30] INFO: task syz.2.849:9207 blocked for more than 143 seconds.
[  531.673452][   T30]       Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  531.682078][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  531.690814][   T30] task:syz.2.849       state:D stack:26048 pid:9207  tgid:9207  ppid:5821   flags:0x00000004
[  531.701092][   T30] Call Trace:
[  531.704380][   T30]  <TASK>
[  531.707326][   T30]  __schedule+0xe58/0x5ad0
[  531.716240][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  531.721555][   T30]  ? __pfx___schedule+0x10/0x10
[  531.726995][   T30]  ? schedule+0x298/0x350
[  531.734202][   T30]  ? __pfx_lock_release+0x10/0x10
[  531.739267][   T30]  ? __mutex_trylock_common+0x78/0x250
[  531.744935][   T30]  ? lock_acquire+0x2f/0xb0
[  531.749460][   T30]  ? schedule+0x1fd/0x350
[  531.753961][   T30]  schedule+0xe7/0x350
[  531.758054][   T30]  schedule_preempt_disabled+0x13/0x30
[  531.763586][   T30]  __mutex_lock+0x62b/0xa60
[  531.768271][   T30]  ? bdev_release+0x15a/0x6d0
[  531.775426][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  531.780560][   T30]  ? __pfx_lock_release+0x10/0x10
[  531.785827][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  531.791806][   T30]  ? bdev_release+0x15a/0x6d0
[  531.796518][   T30]  bdev_release+0x15a/0x6d0
[  531.801046][   T30]  ? __pfx_blkdev_release+0x10/0x10
[  531.806305][   T30]  blkdev_release+0x15/0x20
[  531.811044][   T30]  __fput+0x3f8/0xb60
[  531.815502][   T30]  task_work_run+0x14e/0x250
[  531.820281][   T30]  ? __pfx_task_work_run+0x10/0x10
[  531.825580][   T30]  ? __pfx___do_sys_close_range+0x10/0x10
[  531.831538][   T30]  syscall_exit_to_user_mode+0x27b/0x2a0
[  531.837253][   T30]  do_syscall_64+0xda/0x250
[  531.842705][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.849837][   T30] RIP: 0033:0x7f4986185d29
[  531.854272][   T30] RSP: 002b:00007fff7ba62408 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  531.868548][   T30] RAX: 0000000000000000 RBX: 00007f4986377ba0 RCX: 00007f4986185d29
[  531.877051][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  532.136338][   T30] RBP: 00007f4986377ba0 R08: 0000000000000220 R09: 00007fff7ba626ff
[  532.146027][   T30] R10: 00007f4986377ac0 R11: 0000000000000246 R12: 000000000005647f
[  532.154211][   T30] R13: 00007fff7ba62510 R14: 0000000000000032 R15: ffffffffffffffff
[  532.162484][   T30]  </TASK>
[  532.165714][   T30] INFO: task syz.2.849:9210 blocked for more than 144 seconds.
[  532.173428][   T30]       Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  532.181195][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  532.194395][   T30] task:syz.2.849       state:D stack:28208 pid:9210  tgid:9207  ppid:5821   flags:0x00004004
[  532.326688][   T30] Call Trace:
[  532.330102][   T30]  <TASK>
[  532.333032][   T30]  __schedule+0xe58/0x5ad0
[  532.337560][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  532.342845][   T30]  ? __pfx___schedule+0x10/0x10
[  532.347728][   T30]  ? schedule+0x298/0x350
[  532.352142][   T30]  ? __pfx_lock_release+0x10/0x10
[  532.357281][   T30]  ? __mutex_trylock_common+0x78/0x250
[  532.363204][   T30]  ? lock_acquire+0x2f/0xb0
[  532.367716][   T30]  ? schedule+0x1fd/0x350
[  532.372162][   T30]  schedule+0xe7/0x350
[  532.376222][   T30]  schedule_preempt_disabled+0x13/0x30
[  532.381685][   T30]  __mutex_lock+0x62b/0xa60
[  532.386212][   T30]  ? bdev_release+0x15a/0x6d0
[  532.390886][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  532.396015][   T30]  ? __pfx_lock_release+0x10/0x10
[  532.401035][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  532.406264][   T30]  ? bdev_release+0x15a/0x6d0
[  532.410928][   T30]  bdev_release+0x15a/0x6d0
[  532.415499][   T30]  ? task_work_run+0x126/0x250
[  532.420298][   T30]  ? __pfx_blkdev_release+0x10/0x10
[  532.425585][   T30]  blkdev_release+0x15/0x20
[  532.430113][   T30]  __fput+0x3f8/0xb60
[  532.434283][   T30]  task_work_run+0x14e/0x250
[  532.441215][   T30]  ? __pfx_task_work_run+0x10/0x10
[  532.446391][   T30]  syscall_exit_to_user_mode+0x27b/0x2a0
[  532.452728][   T30]  do_syscall_64+0xda/0x250
[  532.458466][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.464699][   T30] RIP: 0033:0x7f4986185d29
[  532.470481][   T30] RSP: 002b:00007f4986f85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  532.504206][   T30] RAX: 0000000000000000 RBX: 00007f4986376080 RCX: 00007f4986185d29
[  532.515551][   T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000009
[  532.523711][   T30] RBP: 00007f4986201b08 R08: 0000000000000000 R09: 0000000000000000
[  532.531842][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  532.539859][   T30] R13: 0000000000000001 R14: 00007f4986376080 R15: 00007fff7ba622a8
[  532.547948][   T30]  </TASK>
[  532.551121][   T30] 
[  532.551121][   T30] Showing all locks held in the system:
[  532.564032][   T30] 1 lock held by khungtaskd/30:
[  532.571771][   T30]  #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[  532.582150][   T30] 2 locks held by getty/5566:
[  532.586945][   T30]  #0: ffff888031f210a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  532.597127][   T30]  #1: ffffc900033132f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[  532.607636][   T30] 1 lock held by udevd/5833:
[  532.612303][   T30]  #0: ffff8880261034c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe20
[  532.621916][   T30] 1 lock held by syz.2.849/9207:
[  532.626891][   T30]  #0: ffff8880261034c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x15a/0x6d0
[  532.636849][   T30] 1 lock held by syz.2.849/9210:
[  532.641858][   T30]  #0: ffff8880261034c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x15a/0x6d0
[  532.651833][   T30] 2 locks held by kworker/u8:6/10847:
[  532.657237][   T30] 2 locks held by syz.3.1353/10953:
[  532.662596][   T30]  #0: ffff88807fc11408 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: __sock_release+0x86/0x270
[  532.673557][   T30]  #1: ffffffff8e1c7238 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x282/0x3b0
[  532.683909][   T30] 3 locks held by syz.5.1358/10970:
[  532.689178][   T30]  #0: ffff8880b863ebd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  532.699620][   T30]  #1: ffff8880b8628a88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: try_to_wake_up+0xb6/0x1490
[  532.711280][   T30]  #2: ffff8880b863ebd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  532.721485][   T30] 1 lock held by syz.4.1359/10977:
[  532.726751][   T30] 
[  532.729144][   T30] =============================================
[  532.729144][   T30] 
[  532.737706][   T30] NMI backtrace for cpu 1
[  532.742033][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  532.752538][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  532.762585][   T30] Call Trace:
[  532.765859][   T30]  <TASK>
[  532.768785][   T30]  dump_stack_lvl+0x116/0x1f0
[  532.773457][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  532.778384][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  532.784365][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  532.790333][   T30]  watchdog+0xf14/0x1240
[  532.794579][   T30]  ? __pfx_watchdog+0x10/0x10
[  532.799273][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  532.804472][   T30]  ? __kthread_parkme+0x148/0x220
[  532.809499][   T30]  ? __pfx_watchdog+0x10/0x10
[  532.814177][   T30]  kthread+0x2c1/0x3a0
[  532.818249][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  532.823445][   T30]  ? __pfx_kthread+0x10/0x10
[  532.828032][   T30]  ret_from_fork+0x45/0x80
[  532.832447][   T30]  ? __pfx_kthread+0x10/0x10
[  532.837045][   T30]  ret_from_fork_asm+0x1a/0x30
[  532.841826][   T30]  </TASK>
[  532.845290][   T30] Sending NMI from CPU 1 to CPUs 0:
[  532.850524][    C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x1a/0x20
[  532.851540][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  532.866498][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  532.876975][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  532.887097][   T30] Call Trace:
[  532.890358][   T30]  <TASK>
[  532.893268][   T30]  dump_stack_lvl+0x3d/0x1f0
[  532.897854][   T30]  panic+0x71d/0x800
[  532.901729][   T30]  ? __pfx_panic+0x10/0x10
[  532.906129][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  532.911482][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  532.917445][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  532.922799][   T30]  ? watchdog+0xd7e/0x1240
[  532.927218][   T30]  ? watchdog+0xd71/0x1240
[  532.931636][   T30]  watchdog+0xd8f/0x1240
[  532.935881][   T30]  ? __pfx_watchdog+0x10/0x10
[  532.940551][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  532.945746][   T30]  ? __kthread_parkme+0x148/0x220
[  532.950763][   T30]  ? __pfx_watchdog+0x10/0x10
[  532.955424][   T30]  kthread+0x2c1/0x3a0
[  532.959481][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  532.964678][   T30]  ? __pfx_kthread+0x10/0x10
[  532.969268][   T30]  ret_from_fork+0x45/0x80
[  532.973680][   T30]  ? __pfx_kthread+0x10/0x10
[  532.978271][   T30]  ret_from_fork_asm+0x1a/0x30
[  532.983034][   T30]  </TASK>
[  532.986339][   T30] Kernel Offset: disabled
[  532.990664][   T30] Rebooting in 86400 seconds..