last executing test programs:

35.485785564s ago: executing program 3 (id=1606):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r1}, &(0x7f0000000000)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r2, 0x1, &(0x7f0000000040), 0x0)
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x4)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000340)={r3, r3, 0xd, 0x1, &(0x7f0000000040)="ee", 0x9, 0x1, 0x16c0, 0x5505, 0x8b, 0x1, 0x9, 'syz0\x00'})

34.699729927s ago: executing program 3 (id=1607):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000000000)={0xfc, {"a2e3ad0e090d07f91b5e1a1887f70706d038e7ff7fc6e5539b203c0a8b089b3f32356c030890e0879b0a45c6e70a9b334a959b6696048ed30af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773180acd3b78130daa61d8e8042001005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193971c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2ff7949d1f416e56c71b1931870262f5e801119242ca026bfcc21e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771a0000119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f9804007cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc18892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae1b9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982c04000000000000005c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80c1ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033185563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d5062c59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843ddbd8db411d8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227fff72de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e240100c0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f7524e2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e842729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458ffff5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a898a33a6d88e7cfe0e0000000000d80a4fe654578376e599aff3565b1d531f30912b9945fc83d38a155d5284edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295bf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e542ccea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbd48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6daf60af9310deb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000000ff07000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000", 0xfffffffffffffec0}}, 0x1006)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000001300)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x9, 0xb0bce, 0x151e6f, 0x200000a00000})
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r0, 0x4058587a, &(0x7f0000001200)={{<r3=>r0, &(0x7f0000000080)='/dev/iommu\x00', 0x80000, &(0x7f00000000c0)={@_ha_fsid={[0x2, 0xe]}, {0x3, 0xfffc, 0x8, 0x7}}, 0x400, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x4}, {[0x4, 0x3, 0xfffffff9, 0xa81a]}, 0x7, 0x1000, &(0x7f0000000200)=""/4096})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000001280)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0xff, 0x5}) (async)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000001280)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0xff, 0x5})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0xa}}) (async)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0xa}})
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r4, 0x1000)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x80fe)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001380), 0xc0802, 0x0)
getsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000600)=0x8)
ioctl$PPPIOCSMAXCID(r5, 0x40047451, 0x0)
ioctl$PPPIOCSFLAGS1(r5, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r5, &(0x7f00000005c0)=[{&(0x7f0000000040)="00213ae50deba8cd1caf190e1ae69f52cf98", 0x12}], 0x1, 0x807, 0x0) (async)
pwritev(r5, &(0x7f00000005c0)=[{&(0x7f0000000040)="00213ae50deba8cd1caf190e1ae69f52cf98", 0x12}], 0x1, 0x807, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000ed6a000b2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa2c000003"], 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r6) (async)
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1a3a700080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
sendmsg$NFT_BATCH(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1a3a700080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x5, 0x0) (async)
r8 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x0, 0x0, @private0}], 0x1c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
ioctl$PPPIOCSCOMPRESS(r5, 0x4010744d)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)

33.072490503s ago: executing program 3 (id=1614):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x31)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x56)
r1 = socket(0x2, 0x805, 0x0)
r2 = socket(0x2, 0x805, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f00000001c0)=[@in={0x2, 0x4e20, @rand_addr=0x64010102}, @in={0x2, 0x4e21, @multicast2}]}, 0x0)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="090125bd7000fedbdf8725870000000c009900030000006c000000060048002d0000000600480006000000ec68cc6d38479a3ff77b3d2cdce8c8766f99ce4c4f1019172117603fc4686af9d130a6e9e7a9b0808797b4ae7dece56eec9a308ffa11772a271d5adf97f5dc331561d5906bd4439995a7e388adaf7c2651f4a27244c7a1267e2a417d5ead90db918a3b92f8b96b4c50a75d3175190c1d51db8aeef59dda2a5549c477c3378a0269978bdb2c292e346fcd0f0735d6e0f75cc736b50f9001ed8c2fd3414bb586c46cb7028a5df299cd3ebbbb2058316a0bddebfc086cd3dc104cc5c904a2d7bb7c7be5c437582af9c9c50a74eec05963ed57b898fd1900a4b490d42d75d58e9d521c7fc9d3c48116d47af1c2b667c221c8e334f9ac38aa4143c784122d402dd035f5a249d9598a42c9411fbfd30f8d4c99ba29762fc6a194c64cf7b7f6e33534ffec200e12e4c754701e8f7165bb2573b6e8d5671063d8841452f7563b4e5243befae9be078a3d000000002599b426a0ca0f94d3b262a5d78318ae80c92b297c4f79bebda253ec77ae8d886d1f6a9c2be80c59d18e7769823e861c6379bdeb99359dd9be16189a6c3b2da9a6369508a7ed45e9a36595325b746416d16ae1a0e4cae0d58a935a7e437f86de25534387ea0a19cdfe8276b880f200436f8a74d9e8f96dfeddac"], 0x30}, 0x1, 0x0, 0x0, 0x20004004}, 0x8000)
r3 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000200)={0xc})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000440)={<r4=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f00000004c0)={<r5=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000500)={<r6=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f00000005c0)={<r7=>0x0})
ioctl$DRM_IOCTL_PANTHOR_GROUP_SUBMIT(0xffffffffffffffff, 0xc0186449, &(0x7f0000000740)={0x0, 0x0, {0x28, 0x3, &(0x7f0000000680)=[{0x7, 0x1a61d4e8, 0xef4fa08d1caba6c0, 0x9, 0x0, {0x10, 0x0, 0x0}}, {0x400, 0x7d6eda10, 0x3ba7127d9a228f80, 0x2, 0x0, {0x10, 0x2, &(0x7f0000000380)=[{0x0, 0x0, 0x800}, {0x1, 0x0, 0x10000}]}}, {0x177c, 0xae59bc38, 0xb0c2d3c2f47855c0, 0x9, 0x0, {0x10, 0x8, &(0x7f0000000600)=[{0x1, 0x0, 0x9}, {0xff, 0x0, 0x7fff}, {0x0, 0x0, 0x7}, {0x80000000, r4}, {0x80000000, r5, 0x2}, {0x80000000, 0x0, 0xfffffffffffffff8}, {0x80000000, r6, 0x4}, {0xff, r7, 0x1}]}}]}})
ioctl$IOMMU_VFIO_IOAS$GET(r3, 0x3b88, &(0x7f00000000c0)={0xc, <r8=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f00000004c0)={0x48, 0x1, r8, 0x0, 0x5, 0x2})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000032680)=""/102400, 0x19000)
userfaultfd(0x80001)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r10, 0x8800000)
r11 = openat$null(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
sendfile(r11, r10, 0x0, 0x558410e9)

31.606433929s ago: executing program 3 (id=1616):
close(0xffffffffffffffff)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsopen(0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
waitid(0x2, r2, &(0x7f0000000180), 0x2, &(0x7f00000003c0))
socket$kcm(0x10, 0x2, 0x0)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r5, &(0x7f0000000040), 0x10)
r6 = socket$netlink(0x10, 0x3, 0x4)
writev(r6, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0), 0x111, 0x6}}, 0x20)
r7 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r7, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x2, 0x4}}, 0x20)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a310000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000058000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d616376746170000000080001"], 0xf4}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})

30.23924462s ago: executing program 3 (id=1620):
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)={{0x80a0000, 0xa000, 0x4, 0x9a, 0x3, 0x1, 0xf, 0x0, 0x0, 0xf9, 0x0, 0x7f}, {0xd000, 0x8080000, 0x3, 0x5, 0xc2, 0xc0, 0x9, 0x66, 0xc5, 0x1, 0x30, 0x40}, {0xdddd0000, 0xdddd1000, 0x9, 0x6, 0xb, 0x34, 0xe, 0x6, 0x3, 0xc, 0x2, 0xff}, {0xa000, 0x6000, 0xc, 0x58, 0x7f, 0x76, 0x2, 0xc, 0x7f, 0xfc, 0x9, 0xf}, {0x504ce1cb89483871, 0x1000, 0xa, 0x8f, 0xff, 0x2, 0x9, 0x3, 0x1, 0x8, 0x4, 0x2}, {0xdddd1000, 0x6000, 0x3, 0x2, 0x3, 0x7, 0x1, 0xb7, 0x2, 0x1, 0xf8, 0xd}, {0xffff1000, 0x80a0000, 0x10, 0x2, 0x8, 0x3, 0x6, 0x0, 0x9, 0xb, 0x6, 0x7}, {0xeeee0000, 0x5000, 0x9, 0x6, 0xfc, 0x0, 0x9, 0x80, 0x9, 0x8f, 0xdb, 0x31}, {0xfee22001, 0x59}, {0x4, 0x7}, 0x24, 0x0, 0x1, 0x4165, 0x3, 0x1000, 0xdddd1000, [0x8, 0x8, 0x3, 0x3]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r0 = gettid()
rt_sigqueueinfo(r0, 0x23, &(0x7f0000001340)={0x3, 0x0, 0x7})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = dup(r1)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080)=0x10)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
r4 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000200)={0x90000009})
write$P9_RSTATFS(r2, &(0x7f0000000100)={0x43, 0x9, 0x1, {0x569142f7, 0x4, 0xffffffff, 0x0, 0x7f, 0x5, 0x7, 0x200, 0x6}}, 0x43)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x1b, "0062ba7d820700000000000000000000096304"})
r5 = syz_open_pts(r1, 0x80)
dup3(r5, r1, 0x80000)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000003c0)={0x20001003, 0x4, 0xfffefffe, 0x400c, 0x9, "4698ddc1220200cf0000002c0100", 0xfffffffe, 0xdc2})
read(r1, &(0x7f00000005c0)=""/227, 0x41)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000c113a3202a11010011d80102030109022400010000c0080904530002058d9d0009050f0200020500ff090582"], 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)={{0x80a0000, 0xa000, 0x4, 0x9a, 0x3, 0x1, 0xf, 0x0, 0x0, 0xf9, 0x0, 0x7f}, {0xd000, 0x8080000, 0x3, 0x5, 0xc2, 0xc0, 0x9, 0x66, 0xc5, 0x1, 0x30, 0x40}, {0xdddd0000, 0xdddd1000, 0x9, 0x6, 0xb, 0x34, 0xe, 0x6, 0x3, 0xc, 0x2, 0xff}, {0xa000, 0x6000, 0xc, 0x58, 0x7f, 0x76, 0x2, 0xc, 0x7f, 0xfc, 0x9, 0xf}, {0x504ce1cb89483871, 0x1000, 0xa, 0x8f, 0xff, 0x2, 0x9, 0x3, 0x1, 0x8, 0x4, 0x2}, {0xdddd1000, 0x6000, 0x3, 0x2, 0x3, 0x7, 0x1, 0xb7, 0x2, 0x1, 0xf8, 0xd}, {0xffff1000, 0x80a0000, 0x10, 0x2, 0x8, 0x3, 0x6, 0x0, 0x9, 0xb, 0x6, 0x7}, {0xeeee0000, 0x5000, 0x9, 0x6, 0xfc, 0x0, 0x9, 0x80, 0x9, 0x8f, 0xdb, 0x31}, {0xfee22001, 0x59}, {0x4, 0x7}, 0x24, 0x0, 0x1, 0x4165, 0x3, 0x1000, 0xdddd1000, [0x8, 0x8, 0x3, 0x3]}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]}) (async)
gettid() (async)
rt_sigqueueinfo(r0, 0x23, &(0x7f0000001340)={0x3, 0x0, 0x7}) (async)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) (async)
dup(r1) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080)=0x10) (async)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') (async)
epoll_create(0x7) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000200)={0x90000009}) (async)
write$P9_RSTATFS(r2, &(0x7f0000000100)={0x43, 0x9, 0x1, {0x569142f7, 0x4, 0xffffffff, 0x0, 0x7f, 0x5, 0x7, 0x200, 0x6}}, 0x43) (async)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x1b, "0062ba7d820700000000000000000000096304"}) (async)
syz_open_pts(r1, 0x80) (async)
dup3(r5, r1, 0x80000) (async)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000003c0)={0x20001003, 0x4, 0xfffefffe, 0x400c, 0x9, "4698ddc1220200cf0000002c0100", 0xfffffffe, 0xdc2}) (async)
read(r1, &(0x7f00000005c0)=""/227, 0x41) (async)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000c113a3202a11010011d80102030109022400010000c0080904530002058d9d0009050f0200020500ff090582"], 0x0) (async)

27.185006054s ago: executing program 3 (id=1627):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a00)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(r3, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xc8, 0x0, 0x0}, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000400)=0x40)

15.94803989s ago: executing program 4 (id=1667):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a00)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(r3, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffecd, 0x0, 0x0}, &(0x7f0000001380)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, 0x0)

14.845872792s ago: executing program 4 (id=1671):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, r0, 0x14, 0x0, @void}, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000017c0)={r1, r0, 0x4, r0}, 0x10)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x2c)
recvmmsg(0xffffffffffffffff, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
r4 = syz_clone3(&(0x7f0000000080)={0x100801400, &(0x7f0000000000), 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
wait4(0xffffffffffffffff, 0x0, 0x40000000, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f00000000c0)=0x4)
r5 = syz_open_dev$vbi(&(0x7f0000000180), 0x2, 0x2)
ioctl$VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000380)=@userptr={0x0, 0x6, 0x4, 0x4000, 0x5, {0x0, 0x2710}, {0x5, 0xc, 0xfa, 0xbc, 0x6, 0x7, "50a2400f"}, 0xe, 0x2, {0x0}, 0x7})
syz_pidfd_open(r4, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000c00)={0x0, [{0x3, 0x5b0, 0xc, &(0x7f0000000140)="86b05ab4c9d864c84ec6fa36c6ea4cd4d92c5551e95591ab4a24dd194d98460d54bad5a6f388f4546dc27a4e8b67631a24b97ac3b74f1395dd7379a337579acab57f4ed6f2509d293e2d93dba97cc53611b6714c6ff8560fdccb740c5b0c7640555c0612733c10e47ac7fc9e8960e822dfce800d7f0562ae9e840b0a96cdb4957123e3129cb2f6933ee7305ac40fa088ec2a476c2efcdb28f92964a97b163d0ff08fcda347bf87c80e345754ef30f9013b8cdef2ca60"}, {0x1, 0x6c0, 0x8, &(0x7f0000000200)="dfc3d3102d3370825161f05aee8677d3fb4f429558eb2519afd75e92c6e5845990ab524aedde373bef24e605a90e752723c171414e08539a227dff8248e7973f26b547bb0c2ebce74c30b6966b4ec953d41607d838534798fdbbab1d7130a6db787967c9037a37668bbbb4d3183e4835f25b79de842528620fae3b479558adc690d2efae68801dbbb6f89471eedff4fb35f8949be7b5a627102b714e3853a08b2c54c12b5ced0a17d186f2db431901d82238be3e989a6dab1b91d2a050c30f7c26ce1ded6adc01ddfb39808453e2be237287de3be4e72777"}, {0x2, 0x250, 0x8, &(0x7f0000000300)="5c4b93bb226ff3feb2eb1c6e1dea74b1a964940967a789f9a2c4abc8f34295e2495d04a2b8c6657ebf8bb16338bcf305945cc24de978920a95ef2af0ede71eedafc4f34a9a363617e18d"}, {0x2, 0x4c8, 0x0, &(0x7f00000004c0)="a5a028d3b76b58d435f6cd7ad104a911d0cc7f7d97a747179d9a9ff01d5107f6af80fdd93d45e19c0128906b65d8f88ab6cf40896f9ca2a0b057a5d5fbee7b63f54d6d44817c17834a633258818404bf8ea7b4ca41d00e24eaedd00a37d25a4f4e6785ece799800e97d15076ff6b3f496c2acf8164f246f138014fea8040f8044b44881aaa47db4d6cc45c2d9e073a66135ffd5f8459843e50"}, {0x1, 0x0, 0x0, &(0x7f0000000580)}, {0x3, 0x0, 0x9, 0x0}, {0x0, 0x588, 0x2, &(0x7f0000000600)="938f707941391725a87ffc5397e0a0f7bf43cf2b394f630460339138ea4712dd3b85ab2c3ae17cb5c1356f4cbb58ce8e8b061187408d6218dee67bfa57dd5f38f2fbea2910ecfb9c026d93e6800dbf27b94f01b37b3e680269674fcb32f503ff56435378e7eadc7088bfb9a0f4b09abd95045769e9972c89e060cb5b89bffe34c44568ad310de3eeb9aa40f778edfdacdde4ad6b36c3d28f79201aa4b23b9b2add71079e58d7e75d3d356907f37e78c07f"}, {0x1, 0x0, 0x401, 0x0}, {0x0, 0x640, 0x9, &(0x7f0000000740)="2b6e2b4ccd4077237fa42a0213c2427a8462fe6658dab7a7b21d5282dee55f72359f46723ee7440064ec38326d97c5299db5ab880d95466d4466cf08c9204db3033b2be7b19e2244a93f228348a5c26e178f7fe7927a4b263736b3dc2f9e8d7393c812939ed4b19c18c30bf9c95df3f11f4dc40b67aa5a09afe56f7582fd2e52bb0fe92ef9be584ca646fd0273a27e6f8ef945d6e2a234e3a115601d7c1b3225a07592718d08e973cac20081ede944639de7562a5308be95c8a3a1d80df610644f4bf94652e66052"}, {0x2, 0x0, 0x2, 0x0}, {0x1, 0x158, 0xa727, &(0x7f0000000880)="4db1f9e84b31e8eb34782a5de1b30a16403d3182b66f3ab34f3c93a128fd13e4c788c3934173a825e284ca"}, {0x3, 0x1e0, 0x7, &(0x7f00000008c0)="b7da8e64743723314fdf9d3174f3a0883a4cedd56417572b0e6231acbe241451c462aafdd3f099c2dffe42b6cf476ba9a7c3fe16c2353d7386e3d36e"}, {0x1, 0x1c0, 0xa, &(0x7f00000009c0)="b4fda4a8a61fc45b47929235169289a50f353f0f67143913c72290ed3a504f8a99a5285a4a73cf9c5e59a8184239bfa28b004cf5b90a7352"}, {0x1, 0x428, 0x8, &(0x7f0000000a00)="6978368bf4e64e4117c78c28ed649aeff3b1211113ff0ece18b5875fededfe2237dae4ea2b62cdbf435d150dfc44951a2741fbbe781eaded0cb1bc0e5b939322ba1b389f2fb493a48f18dc1c90c6de255f320a91ffeff1dcffc90be835fd3095fb352a3150ddaeb2701f86f30d7ea36708a9702a018d8bba3a8b06f19bf4269ac0757faf84"}, {0x1, 0x0, 0x2, 0x0}, {0x2, 0x3e0, 0x7fffffff, &(0x7f0000000b80)="b4d3705903b4449b6a945906f539e6476d7eb632f6603a9c52fb1e9c366d96fb34cd63368b48533f74d5441c152fb5fcfb7d03ff5f879c22c9a2cd27a06c7485d604b63b7d60f4b4d14e5ccacb8ebefc1fea7a6e58101d3058a32b298d4bb2d3a83d6990f1f5fffd1e1a6358ff87578ab08fe84ef8e3d4919b57f1de"}]})
write$6lowpan_control(0xffffffffffffffff, 0x0, 0x0)

14.030068146s ago: executing program 0 (id=1672):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000001c40)='net/ip_tables_targets\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f0000000200)=""/100)
socket$nl_xfrm(0x10, 0x3, 0x6)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
bind$unix(r0, &(0x7f00000003c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = socket$unix(0x1, 0x2, 0x0)
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4080}, 0x40000040)
connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000600000003"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

13.889254545s ago: executing program 2 (id=1673):
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="280100000000"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a'], 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
write$FUSE_NOTIFY_DELETE(r3, &(0x7f0000000080)={0x2f, 0x6, 0x0, {0x4, 0x3, 0x6, 0x0, 'vcan0\x00'}}, 0x2f)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

12.869345465s ago: executing program 0 (id=1674):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_open_dev$sndctrl(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x0)
r2 = inotify_init()
fcntl$setstatus(r2, 0x4, 0x42800)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r3 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_PANTHOR_VM_CREATE(0xffffffffffffffff, 0xc0106441, &(0x7f0000000180)={0x0, <r4=>0x0, 0x8})
ioctl$DRM_IOCTL_PANTHOR_BO_CREATE(r3, 0xc0186445, &(0x7f0000000200)={0x1, 0x2, r4})
bpf$LINK_DETACH(0x22, &(0x7f00000000c0), 0x4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000240)=0x9, 0x4)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYBLOB="02"], 0x9)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000400)='`', 0x1}], 0x1}, 0x20000000)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, &(0x7f0000000100)={r6, 0x2}, 0x8)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000340)={0x1, 0x1}, 0x8)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x80)
write$UHID_INPUT2(r7, &(0x7f0000019200), 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)

12.847074884s ago: executing program 1 (id=1675):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004e80)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000000)={0x50, 0x0, r1, {0x7, 0x2d, 0x10, 0x10000000, 0x8001, 0x64, 0x18, 0x6, 0x0, 0x0, 0x40, 0x1}}, 0x50)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000100)={0x28, 0x0, 0xffffd8ef, @hyper}, 0x10)
r2 = syz_open_dev$video(&(0x7f0000000300), 0x9, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f0000000000)={0xd, @pix_mp={0x9, 0x40000055, 0x47524247, 0x6, 0x8, [{0x9, 0x4000}, {0x9, 0x7fffffff}, {0x7f4d6e18, 0x2}, {0x0, 0x2}, {0x8000, 0x200}, {0x4000007, 0xffffffff}, {0x865b, 0x1f}, {0x7311, 0x7fff}], 0xc3, 0x4, 0x8, 0x2, 0x5}})
chdir(&(0x7f0000000c80)='./file0\x00')
umount2(&(0x7f0000000140)='./file0\x00', 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000002dc0)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d93a3d7cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b8098dfbffffffffffffeadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc169d48d39e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034612aa0c151345546b876b53e9f2c06e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2d852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f0a3f37ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9ceebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79f8f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb47716201a9d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e112f4f046d87feec3be04461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83e4cb29fb954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ff2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdff8fffffffb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802140800000000000000322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462dc19182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf319e37199e98486a8d145ce2d996c1909402744cce63664a75e480b197c345360321e830e5912d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89dcb8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000004dc0)={&(0x7f00000002c0)={0x50, 0xffffffffffffff8c, 0x0, {0x7, 0x2d, 0x0, 0x6438207, 0x0, 0xffff, 0x0, 0xf84}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

12.759015122s ago: executing program 4 (id=1676):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x1, &(0x7f0000006680))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a1b000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300"], 0x122}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x4, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, [@generic={0x63, 0x1, 0x0, 0xd5}]}, &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61123000000000006113340000000000bf20000000000000150002000ee600f03d030100000000008701000000000000bc26000000000000bf6700000000000056030000feffffff670200001f000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000008ec0)={0x0, 0x0, &(0x7f0000008e80)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x40000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
exit(0x4)

11.656836593s ago: executing program 32 (id=1627):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a00)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(r3, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xc8, 0x0, 0x0}, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000400)=0x40)

11.64506124s ago: executing program 1 (id=1678):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb9040a1d080006007c095dd2086518000a800000000003600e1208000f0000000406a80016c008", 0x35}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1}, {0x4, 0x10}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a00000208000c"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x14)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d6974"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000", 0x17}], 0x1}, 0x0)
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~//\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f00000003c0)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
getdents64(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='jfs\x00', 0x1a0c000, 0x0)
ioctl$BLKCRYPTOIMPORTKEY(0xffffffffffffffff, 0xc0401289, &(0x7f0000000640)={&(0x7f00000005c0)="afff4ba030f466a02e5dbbed193f5abc08893f7c25e627b5fed6b70a98", 0x1d, &(0x7f0000000600)=""/47, 0x2f})
io_setup(0x81, &(0x7f0000001100)=<r4=>0x0)
r5 = syz_ublk_setup_io_uring(0x6114, &(0x7f0000000180)={0x0, 0xde24, 0x20, 0x3, 0x319, 0x0, r1}, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000480))
r6 = io_uring_setup(0x6d45, &(0x7f0000000500)={0x0, 0xa640, 0x800, 0x1, 0x3e3, 0x0, r5})
r7 = syz_io_uring_setup(0x2afc, &(0x7f0000000900)={0x0, 0xe3f9, 0x11090, 0x3, 0x124, 0x0, r6}, &(0x7f00000003c0), &(0x7f0000000140), 0x0)
io_submit(r4, 0x1, &(0x7f00000008c0)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}])
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r3)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000940)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000980)=ANY=[@ANYBLOB="06737600", @ANYRES16=r8, @ANYBLOB="010029bd7000fddbdf2567000000080001007700000008000300", @ANYRES32=r9, @ANYBLOB="0c009900600000006c0000000800c300741300000800c400ac690000"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)

11.644667316s ago: executing program 2 (id=1679):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0)
sendmsg$IPSET_CMD_TYPE(r2, &(0x7f0000002840)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002800)={&(0x7f0000002880)=ANY=[@ANYBLOB="740000004406057e2bb30c64fdc5b1e101878470000000000000000000030000060e0003006269746d61703a6970000016000300686173683a6e65742c706f72742c6e6574000000100003006269746d61703a706f727400050001000700000005000500020000000500050005000000050001000700000005000000007f7721f3368680e543e3029e0f7c7c65e0018b7366f01981cc5ccce85bdf3cb5ee75cea3fad0817e51ceb7c25cae2a2cdb8261e46067d5495dc0bffe1d3d81aaec21747a8fef972d52c815725b8ffc3e3273f8"], 0x74}}, 0x44)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
read$FUSE(r3, &(0x7f00000005c0)={0x2020}, 0x2020)
splice(r3, 0x0, r4, 0x0, 0x7c1f, 0x8)
r5 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$SNDCTL_SYNTH_ID(r5, 0xc08c5114, &(0x7f00000003c0)={"637bf629b5896eeb77e137c6e7f24b7891d6f012acc9fe23b2a34566bb56", 0x2, 0x1, 0x0, 0x101, 0x81, 0x5, 0x1, 0x6, [0x5, 0x4, 0x1, 0x401, 0x3, 0x2ab9, 0x4e2edc8b, 0x80000001, 0x8, 0x7, 0x3, 0x14, 0x7ef, 0xc, 0xffff0000, 0x2, 0x6, 0x7, 0x6]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_io_uring_setup(0x40cc, &(0x7f0000000700)={0x0, 0x4092ae, 0x800, 0x1, 0x37}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r7, &(0x7f0000000840)=[{&(0x7f0000002680)="94efd07aa3ebdf86313e06cb372f5b7a50e816d4859406fd8b9317f45849c957d0e4d624a694f7c1b88e0887b3ab710f1582012432c7416e09640b0ffc4fba5dd82e85471e6fc0380b33944eb8553af17315c65a56c191ceed150d1277d3462301d361f30fc6b97cfe03e23db5dfed4bacf34c1412dea7f6ff427b37c951348336efb2ed18345a21df4f61b2aa461b493338fdbfa86751029002300cf40cb1a024c620025cd175b09759090f2829cc0916dcc2d4f6f6d6af0ef91aa1005993cbfd8a3a794859c344d1657ca7fb6963e557654cfd688493d12cdd58c037", 0xf000}, {0x0, 0x45}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r8, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r8, &(0x7f0000000780)={&(0x7f0000002600)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003580)=ANY=[@ANYRES64=r6], 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r5, 0x0, 0x20000080)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@map=r5, 0x36, 0x0, 0x1, &(0x7f00000001c0)=[0x0], 0x1, 0x0, &(0x7f0000000480)=[0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)

11.644340068s ago: executing program 4 (id=1680):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x2ffe, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x4b, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x100000000000004)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
syz_usb_connect(0x4, 0xffffffffffffffb2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x8894}, 0x8040)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000000)={0x0, 0x399a, 0x5, 0x1, 0x2})
ioctl$XFS_IOC_PATH_TO_HANDLE(r1, 0xc0385869, 0x0)
sendmsg$TIPC_CMD_GET_NODES(r4, 0x0, 0x20040891)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89101)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)

7.864968017s ago: executing program 2 (id=1681):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r0, 0x4b52, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x7}}, './file0\x00'})
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f00000010c0)={{r1}, 0x0, 0x8, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000005000000000000000400080000000000cd090000000000001000000000000000070000a200000000eda300000000000009000000000000006e0f000000002e00010000000000000008000000080000002b740000000000000700000000000000f8ffffffffffffff"]}, @subvolid=0x1})
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x0, &(0x7f00000002c0))
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000380))
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
close_range(r3, r3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x3)
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000400), 0xc, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000300)={<r5=>0x0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r3, 0x4010641c, &(0x7f0000000440)={r5, &(0x7f00000003c0)=""/61})
read$msr(r4, &(0x7f000001aa40)=""/102392, 0x18ff8)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="12000000050000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r7}, &(0x7f0000000040), &(0x7f0000000140)=r6}, 0x20)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a40)=ANY=[@ANYRESOCT=r2, @ANYRES32=<r9=>0x0, @ANYBLOB="0000000000ffffffe900"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000cd98694f000000000000"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x6, &(0x7f0000000280)=ANY=[@ANYBLOB="00539d8d4dc2e7e43dde3f12191c", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000240)={r10, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f0000000340), <r12=>0x0, 0xa1, &(0x7f0000000940)=[{}], 0x8, 0x10, &(0x7f0000000980), &(0x7f00000009c0), 0x8, 0x4d, 0x8, 0x8, &(0x7f0000000a00)}}, 0x10)
r13 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
read$FUSE(r13, &(0x7f0000001540)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x16, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x9, 0xfe, &(0x7f00000005c0)=""/254, 0x40f00, 0x4, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000800)={0x2, 0xe, 0x6, 0xf2d2}, 0x10, r12, r13, 0x1, &(0x7f0000000b80)=[r8], &(0x7f0000000bc0)=[{0x1, 0x4, 0xe, 0x8}], 0x10, 0x2000004}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0xc, &(0x7f00000005c0)=ANY=[@ANYRESHEX, @ANYRES16=r4, @ANYRES8=r9], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r11, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r12, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

7.475785296s ago: executing program 1 (id=1682):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x2ffe, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x4b, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x100000000000004)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
syz_usb_connect(0x4, 0xffffffffffffffb2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x8894}, 0x8040)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, 0x0)
ioctl$XFS_IOC_PATH_TO_HANDLE(r1, 0xc0385869, 0x0)
sendmsg$TIPC_CMD_GET_NODES(r4, 0x0, 0x20040891)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89101)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)

7.401448864s ago: executing program 2 (id=1683):
memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\x96\xa7f\x9ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\x15n\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z\t\x00\x00\x00\x00\x00\x00\x00\x9b\x01\xf9t\xbb\x1er\x04\xdb\xd3\xcd\xfd\xbdnC\xec#]\xbf\xa2\xa2H\x86\x86[8\x05\xfe\xdc\x11\x04\xa1u\x81', 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r3 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ffd000/0x3000)=nil)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$sock(r4, &(0x7f00000008c0)={&(0x7f0000000900)=@pppoe={0x18, 0x0, {0x4, @broadcast, 'team0\x00'}}, 0x80, 0x0}, 0x20004000)
shmat(r3, &(0x7f0000ffc000/0x2000)=nil, 0x5000)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff, 0x39, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0xc, 0x0, 0x1}}, 0x40)
r5 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{0x0, 0x18}], 0x1}, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r6, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r6, 0x5008, 0x0)
socket(0x400000000010, 0x3, 0x0)
read$msr(r5, &(0x7f0000000300)=""/193, 0xc1)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)

4.152864357s ago: executing program 2 (id=1684):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x140800, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ptype\x00')
r2 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000003c0)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0x20000014})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000180)={0x47, 0x5, 0x8, 0x5, 0x0, 0x9, 0x0, 0x57c73f3a, 0xfa11, 0xffffffff}, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000000206050000000000000000000000000005000400010000000900020073797a32000000000500050002000005050001000600000013000300686173683a6e65742c696661636500"], 0x4c}, 0x1, 0x0, 0x0, 0x20020800}, 0x0)
write$midi(r1, &(0x7f0000000300)="c6b9277c263147239652b8ceb7938b3bd541d6b730152b5e5159b2b79d0bbd69108892ca681685343f63ee555e47b0f40d31f966254f19d7a8e300fa1e79428c4184e7d5eb45e7685a3bc91410", 0x4d)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="28000000030601020000180000000000020000060900020073797a32000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x4845}, 0x200408f0)
fcntl$lock(r5, 0x26, &(0x7f0000000200)={0x2, 0x4, 0x0, 0x100000000000000})
r6 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./bus\x00', 0x980, 0xa0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="02030003120000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000000070c0000000005000500000000000a00000000000003fc0100000000000000000000000000130700000000000000010014"], 0x90}, 0x1, 0x7}, 0x0)
getpgrp(0x0)
fcntl$lock(r0, 0x25, 0x0)
fcntl$setpipe(r6, 0x407, 0xffffffff)
poll(&(0x7f0000000140)=[{r4, 0x2cfc08c20dafc747}, {r2, 0xf102}], 0x2, 0x8000007)
recvmmsg(0xffffffffffffffff, &(0x7f00000051c0), 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)

4.140558875s ago: executing program 0 (id=1685):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000001c40)='net/ip_tables_targets\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f0000000200)=""/100)
socket$nl_xfrm(0x10, 0x3, 0x6)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
bind$unix(r0, &(0x7f00000003c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = socket$unix(0x1, 0x2, 0x0)
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4080}, 0x40000040)
connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.086595334s ago: executing program 4 (id=1686):
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/zoneinfo\x00', 0x0, 0x0)
close(0x3)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x6, 0x2})
syz_usb_control_io$uac2(r0, 0x0, &(0x7f0000000a80)={0x44, &(0x7f0000000740)={0x20, 0x13, 0x4, "aeb01b94"}, 0x0, 0x0, &(0x7f0000000940)={0x20, 0x81, 0x1, "1a"}, 0x0, 0x0, 0x0, 0x0})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f0000000500)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
getdents(r4, &(0x7f0000000300)=""/56, 0x38)
socket$inet_udp(0x2, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x110)
r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r6 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r7, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$IPSET_CMD_DESTROY(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2.892659765s ago: executing program 0 (id=1687):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a00)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(r3, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffecd, 0x0, 0x0}, &(0x7f0000001380)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, 0x0, &(0x7f0000000400))

2.006542453s ago: executing program 1 (id=1688):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
fcntl$getflags(r1, 0x408)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x54, 0x30, 0x1, 0x0, 0x0, {}, [{0x40, 0x1, [@m_xt={0x3c, 0x19, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x1}]}, {0xc, 0x6, "9722ef00009e1298"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4008000}, 0x84)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="a81400002a00070127bd700000000000017c00000c00028005007c80280000000400"], 0x14a8}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)

1.035196625s ago: executing program 1 (id=1689):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000005540)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}], 0x1, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) (fail_nth: 2)

1.026082585s ago: executing program 0 (id=1690):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f3})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
io_uring_enter(r1, 0x5b3, 0x7ecd, 0x17, 0x0, 0x0)
r2 = dup(r0)
ioctl$BLKRRPART(r2, 0x125f, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f0000000000))
read$FUSE(r2, &(0x7f0000006380)={0x2020}, 0x2020)

713.525104ms ago: executing program 1 (id=1691):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000100)=0x10000)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
execve(0x0, 0x0, 0x0)
syz_usb_connect(0x3, 0x3b, &(0x7f0000000e40)={{0x12, 0x1, 0x110, 0x69, 0x1b, 0xfe, 0x20, 0x49f, 0x8511, 0x50c1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x29, 0x1, 0x22, 0x3, 0x40, 0x7, "", [{{0x9, 0x4, 0xe0, 0x1a, 0x0, 0x3c, 0xe6, 0xff, 0x4, [@cdc_ecm={{0x5}, {0x5, 0x24, 0x0, 0x101}, {0xd, 0x24, 0xf, 0x1, 0x9, 0xfc6d, 0x6, 0xfa}}]}}]}}]}}, 0x0)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

695.077437ms ago: executing program 4 (id=1692):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x8, 0x4)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r1, 0x0}])
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='yeah', 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f00000001c0)=0xa3, 0x4)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = accept4(r1, &(0x7f0000000100)=@x25={0x9, @remote}, &(0x7f0000000200)=0x80, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r7, 0x407, 0x0)
write$FUSE_INIT(r7, &(0x7f0000000340)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x28, 0x2, 0xffffffffc28c554a, 0x0, 0x40, 0x8, 0x3, 0x0, 0x0, 0x4, 0x8}}, 0x50)
vmsplice(r7, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r7, 0x407, 0x2020000)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0xb0}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0x51}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r5}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000300)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r4, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004814}, 0x4000000)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f00000000c0), 0xffffffffffffffef, 0x0, 0x0, 0x0)

338.703273ms ago: executing program 2 (id=1693):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001040)=ANY=[@ANYBLOB="1c0000002500090122bdac39d4f0270b965f00000800030047"], 0x1c}, 0x1, 0x0, 0x0, 0xc0147}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x68)
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000002c0)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000fe9000/0x13000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff5000/0x2000)=nil, &(0x7f0000000140)="530feb542392864e7c3cc09214a6da1f675053b9caa9de1e6361792ace8ab977bcaa11df67a35de8cc80fc9eb97f1a87a3196a35e4c968250d5b625260f0211a936162e7", 0x44}, 0x68)
creat(&(0x7f0000000480)='./bus\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r4, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r4], 0x40c}}, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000040)={0x200001fe0000, 0x1})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r5, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r6, 0x3000003, 0x2011, r5, 0x0)

0s ago: executing program 0 (id=1694):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x12, 0xa8, 0x5, 0x2, 0x88, 0x1, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x5}, 0x50)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000640)={0x3ff, 0x1, 0x5, 0x401, 0x6, 0x0, [{0x100, 0x401, 0x6, '\x00', 0x8}, {0x96a9, 0x2, 0x4, '\x00', 0x180}, {0xbfe, 0x6, 0x2, '\x00', 0x801}, {0x1, 0x2800, 0x71be, '\x00', 0x900}, {0x3, 0x3, 0x9, '\x00', 0x2403}, {0x101, 0x5, 0xf, '\x00', 0x400}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
r5 = socket$inet(0xa, 0x801, 0x84)
listen(r5, 0xfffffffd)
r6 = socket$inet(0xa, 0x801, 0x84)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0x148, 0x30, 0x25, 0x0, 0x0, {}, [{0x134, 0x1, [@m_pedit={0x130, 0x1, 0x0, 0x0, {{0xa}, {0x104, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x30, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x4}]}, @TCA_PEDIT_KEYS_EX={0xd0, 0x5, 0x0, 0x1, [{0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x2c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x7caa07e50148ae5d}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}]}, {0x3c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0xba058820d5fcb49}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x148}}, 0x0)
sched_setaffinity(r7, 0x0, 0x0)
ptrace(0x420f, r7)
listen(r6, 0xfffffffd)
r9 = socket$inet(0xa, 0x801, 0x84)
listen(r9, 0x8)
r10 = socket$inet(0xa, 0x801, 0x84)
listen(r10, 0x8)
r11 = socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r11)
ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000000)={0x9, 0x5, 0x6, 0x9, 0x5a41, 0x6})
writev(r11, &(0x7f00000002c0)=[{&(0x7f00000004c0)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{0xeeee8000, 0x4, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0x0, 0xd7, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x15, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x8080000, 0xdddd1000, 0xb, 0xfd, 0x2, 0x0, 0x4, 0x1, 0x81, 0x0, 0xc4, 0x5}, {0x50000, 0x2000, 0x8, 0xf8, 0x7f, 0x46, 0xff, 0xd, 0x6, 0x3, 0x44, 0x1}, {0xeeef0000, 0xcdf36000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x5, 0x2e, 0x4b}, {0x106000, 0x0, 0xb, 0x0, 0x3, 0x1, 0x1, 0xfb, 0x4, 0x90, 0x1, 0xff}, {0x4, 0x4000, 0x3, 0xff, 0x3, 0xff, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0xc000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x10, 0x54, 0x1, 0xff, 0x7}, {0xeeef0000, 0x5}, {0x4, 0x9}, 0x40010000, 0x0, 0xffff1000, 0x300, 0x5, 0xf000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})

kernel console output (not intermixed with test programs):

 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  569.395815][T10525] xt_hashlimit: size too large, truncated to 1048576
[  569.404451][T10525] xt_hashlimit: max too large, truncated to 1048576
[  570.710947][T10536] sctp: [Deprecated]: syz.1.1234 (pid 10536) Use of int in max_burst socket option.
[  570.710947][T10536] Use struct sctp_assoc_value instead
[  570.770921][   T30] audit: type=1400 audit(2000000012.590:411): avc:  denied  { read } for  pid=10538 comm="syz.0.1235" name="sg0" dev="devtmpfs" ino=825 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  570.821225][   T30] audit: type=1400 audit(2000000012.590:412): avc:  denied  { open } for  pid=10538 comm="syz.0.1235" path="/dev/sg0" dev="devtmpfs" ino=825 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  570.852887][T10547] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1236'.
[  570.885307][T10547] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1236'.
[  570.889706][   T30] audit: type=1400 audit(2000000012.600:413): avc:  denied  { create } for  pid=10538 comm="syz.0.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  570.906634][T10547] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1236'.
[  570.936983][T10552] xt_hashlimit: size too large, truncated to 1048576
[  571.163872][T10552] xt_hashlimit: max too large, truncated to 1048576
[  571.606541][T10564] FAULT_INJECTION: forcing a failure.
[  571.606541][T10564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  571.630661][T10564] CPU: 1 UID: 0 PID: 10564 Comm: syz.1.1240 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  571.630694][T10564] Tainted: [L]=SOFTLOCKUP
[  571.630701][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  571.630713][T10564] Call Trace:
[  571.630719][T10564]  <TASK>
[  571.630727][T10564]  dump_stack_lvl+0x100/0x190
[  571.630759][T10564]  should_fail_ex.cold+0x5/0xa
[  571.630782][T10564]  _copy_to_user+0x32/0xd0
[  571.630801][T10564]  simple_read_from_buffer+0xcb/0x170
[  571.630817][T10564]  proc_fail_nth_read+0x1af/0x230
[  571.630833][T10564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  571.630847][T10564]  ? rw_verify_area+0xce/0x6d0
[  571.630858][T10564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  571.630870][T10564]  vfs_read+0x1e4/0xb30
[  571.630884][T10564]  ? __pfx_vfs_read+0x10/0x10
[  571.630896][T10564]  ? __fget_files+0x215/0x3d0
[  571.630913][T10564]  ? __fget_files+0x21f/0x3d0
[  571.630931][T10564]  ksys_read+0x12a/0x250
[  571.630943][T10564]  ? __pfx_ksys_read+0x10/0x10
[  571.630956][T10564]  ? rcu_is_watching+0x12/0xc0
[  571.630976][T10564]  do_syscall_64+0x10b/0xf80
[  571.630991][T10564]  ? clear_bhb_loop+0x40/0x90
[  571.631005][T10564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.631017][T10564] RIP: 0033:0x7fcd1eb5d68e
[  571.631027][T10564] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  571.631038][T10564] RSP: 002b:00007fcd1fab9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  571.631051][T10564] RAX: ffffffffffffffda RBX: 00007fcd1faba6c0 RCX: 00007fcd1eb5d68e
[  571.631063][T10564] RDX: 000000000000000f RSI: 00007fcd1faba0a0 RDI: 0000000000000005
[  571.631073][T10564] RBP: 00007fcd1faba090 R08: 0000000000000000 R09: 0000000000000000
[  571.631084][T10564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  571.631096][T10564] R13: 00007fcd1ee16038 R14: 00007fcd1ee15fa0 R15: 00007ffd1e9368f8
[  571.631116][T10564]  </TASK>
[  571.828955][T10566] Mount JFS Failure: -5
[  572.480147][ T8688] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  572.652968][ T8688] usb 1-1: not running at top speed; connect to a high speed hub
[  572.667202][ T8688] usb 1-1: config 3 has an invalid interface number: 52 but max is 0
[  572.676816][ T8688] usb 1-1: config 3 has no interface number 0
[  572.689325][ T8688] usb 1-1: config 3 interface 52 has no altsetting 0
[  572.699450][ T8688] usb 1-1: New USB device found, idVendor=1164, idProduct=0622, bcdDevice=ef.ca
[  572.708777][ T8688] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  572.717321][ T8688] usb 1-1: Product: syz
[  572.721667][ T8688] usb 1-1: Manufacturer: syz
[  572.726605][ T8688] usb 1-1: SerialNumber: syz
[  572.764692][   T30] audit: type=1400 audit(2000000014.600:414): avc:  denied  { create } for  pid=10581 comm="syz.2.1248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  572.816860][   T30] audit: type=1400 audit(2000000014.600:415): avc:  denied  { ioctl } for  pid=10581 comm="syz.2.1248" path="socket:[27800]" dev="sockfs" ino=27800 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  572.841616][   T24] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  572.853518][   T30] audit: type=1400 audit(2000000014.600:416): avc:  denied  { map } for  pid=10581 comm="syz.2.1248" path="socket:[27800]" dev="sockfs" ino=27800 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  572.877360][   T30] audit: type=1400 audit(2000000014.600:417): avc:  denied  { read } for  pid=10581 comm="syz.2.1248" path="socket:[27800]" dev="sockfs" ino=27800 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  573.501184][   T24] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  573.511029][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.519995][   T24] usb 4-1: Product: syz
[  573.524308][   T24] usb 4-1: Manufacturer: syz
[  573.528939][   T24] usb 4-1: SerialNumber: syz
[  574.125459][   T30] audit: type=1400 audit(2000000015.980:418): avc:  denied  { block_suspend } for  pid=10598 comm="syz.0.1252" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  574.157874][T10600] __nla_validate_parse: 3 callbacks suppressed
[  574.157893][T10600] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.1252'.
[  574.547606][T10607] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  574.565166][T10607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1254'.
[  575.568083][T10614] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1257'.
[  575.608465][   T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  575.627762][T10614] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  575.662096][   T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  575.694495][   T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  575.760722][T10619] Mount JFS Failure: -5
[  575.852661][   T24] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  575.901854][   T30] audit: type=1400 audit(2000000017.730:419): avc:  denied  { write } for  pid=10609 comm="syz.1.1255" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  575.932687][   T24] usb 4-1: USB disconnect, device number 25
[  575.953486][T10623] FAULT_INJECTION: forcing a failure.
[  575.953486][T10623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  576.013110][T10623] CPU: 1 UID: 0 PID: 10623 Comm: syz.3.1259 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  576.013143][T10623] Tainted: [L]=SOFTLOCKUP
[  576.013149][T10623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  576.013159][T10623] Call Trace:
[  576.013166][T10623]  <TASK>
[  576.013173][T10623]  dump_stack_lvl+0x100/0x190
[  576.013202][T10623]  should_fail_ex.cold+0x5/0xa
[  576.013231][T10623]  _copy_from_user+0x2e/0xd0
[  576.013262][T10623]  move_addr_to_kernel+0x65/0x170
[  576.013291][T10623]  copy_msghdr_from_user+0x417/0x4f0
[  576.013320][T10623]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  576.013346][T10623]  ? __pfx__kstrtoull+0x10/0x10
[  576.013373][T10623]  ___sys_sendmsg+0x106/0x1e0
[  576.013403][T10623]  ? __pfx____sys_sendmsg+0x10/0x10
[  576.013443][T10623]  ? find_held_lock+0x2b/0x80
[  576.013465][T10623]  __sys_sendmmsg+0x205/0x430
[  576.013479][T10623]  ? __pfx___sys_sendmmsg+0x10/0x10
[  576.013495][T10623]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  576.013540][T10623]  ? fput+0x79/0x100
[  576.013567][T10623]  ? ksys_write+0x1ac/0x250
[  576.013589][T10623]  ? __pfx_ksys_write+0x10/0x10
[  576.013604][T10623]  __x64_sys_sendmmsg+0x9c/0x100
[  576.013616][T10623]  ? lockdep_hardirqs_on+0x78/0x100
[  576.013631][T10623]  do_syscall_64+0x10b/0xf80
[  576.013647][T10623]  ? clear_bhb_loop+0x40/0x90
[  576.013670][T10623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.013690][T10623] RIP: 0033:0x7f6f0399ce59
[  576.013707][T10623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  576.013728][T10623] RSP: 002b:00007f6f047d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  576.013747][T10623] RAX: ffffffffffffffda RBX: 00007f6f03c15fa0 RCX: 00007f6f0399ce59
[  576.013760][T10623] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003
[  576.013767][T10623] RBP: 00007f6f047d9090 R08: 0000000000000000 R09: 0000000000000000
[  576.013773][T10623] R10: 0000000000008060 R11: 0000000000000246 R12: 0000000000000001
[  576.013779][T10623] R13: 00007f6f03c16038 R14: 00007f6f03c15fa0 R15: 00007fff8101ed48
[  576.013795][T10623]  </TASK>
[  576.416312][T10610] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  576.426177][T10610] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  576.435403][T10610] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  576.511162][T10610] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  576.522694][T10610] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  576.697343][T10633] gfs2: error -5 reading superblock
[  576.819106][T10638] netlink: 'syz.1.1264': attribute type 1 has an invalid length.
[  576.995331][T10638] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1264'.
[  577.129843][T10649] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  577.493642][T10645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1268'.
[  577.571211][   T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  577.656937][   T30] audit: type=1400 audit(2000000019.510:420): avc:  denied  { shutdown } for  pid=10629 comm="syz.3.1262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  577.697700][   T30] audit: type=1400 audit(2000000019.540:421): avc:  denied  { read } for  pid=10629 comm="syz.3.1262" path="socket:[27352]" dev="sockfs" ino=27352 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  577.746477][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  577.758163][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  577.779219][   T24] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  577.905506][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  577.934088][   T24] usb 5-1: SerialNumber: syz
[  577.950778][ T8688] pvrusb2: Hardware description: Gotview USB 2.0 DVD 2
[  577.960164][ T8688] usb 1-1: selecting invalid altsetting 0
[  577.966469][ T4929] Bluetooth: hci0: command 0x0406 tx timeout
[  578.974446][ T5609] Bluetooth: hci1: command 0x0406 tx timeout
[  578.980643][ T5609] Bluetooth: hci3: command 0x0406 tx timeout
[  578.986741][ T4929] Bluetooth: hci2: command 0x0406 tx timeout
[  578.992809][ T5609] Bluetooth: hci4: command 0x0406 tx timeout
[  579.437016][T10666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1272'.
[  580.022374][   T30] audit: type=1400 audit(2000000021.870:422): avc:  denied  { read } for  pid=10678 comm="syz.1.1276" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  580.027207][T10677] xt_CT: You must specify a L4 protocol and not use inversions on it
[  580.058346][   T30] audit: type=1400 audit(2000000021.880:423): avc:  denied  { open } for  pid=10678 comm="syz.1.1276" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  580.083677][   T30] audit: type=1400 audit(2000000021.910:424): avc:  denied  { ioctl } for  pid=10678 comm="syz.1.1276" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x7003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  580.415052][T10684] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1277'.
[  580.825991][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1280'.
[  581.130890][   T30] audit: type=1800 audit(2000000022.930:425): pid=10679 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.1276" name="file1" dev="overlay" ino=1412 res=0 errno=0
[  581.412338][   T24] usb 5-1: 0:2 : does not exist
[  581.683793][T10704] FAULT_INJECTION: forcing a failure.
[  581.683793][T10704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.801807][T10704] CPU: 1 UID: 0 PID: 10704 Comm: syz.3.1285 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  581.801849][T10704] Tainted: [L]=SOFTLOCKUP
[  581.801856][T10704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  581.801868][T10704] Call Trace:
[  581.801875][T10704]  <TASK>
[  581.801883][T10704]  dump_stack_lvl+0x100/0x190
[  581.801914][T10704]  should_fail_ex.cold+0x5/0xa
[  581.801943][T10704]  _copy_from_user+0x2e/0xd0
[  581.801975][T10704]  copy_msghdr_from_user+0x9f/0x4f0
[  581.802005][T10704]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  581.802039][T10704]  ? __lock_acquire+0x4a5/0x2630
[  581.802072][T10704]  ___sys_recvmsg+0xdd/0x1a0
[  581.802101][T10704]  ? __pfx____sys_recvmsg+0x10/0x10
[  581.802132][T10704]  ? find_held_lock+0x2b/0x80
[  581.802170][T10704]  do_recvmmsg+0x301/0x760
[  581.802208][T10704]  ? __pfx_do_recvmmsg+0x10/0x10
[  581.802234][T10704]  ? ksys_write+0x190/0x250
[  581.802261][T10704]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  581.802291][T10704]  ? kernel_write+0x653/0x6c0
[  581.802321][T10704]  ? __fget_files+0x21f/0x3d0
[  581.802354][T10704]  __x64_sys_recvmmsg+0x22a/0x280
[  581.802379][T10704]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  581.802404][T10704]  ? rcu_is_watching+0x12/0xc0
[  581.802439][T10704]  do_syscall_64+0x10b/0xf80
[  581.802466][T10704]  ? clear_bhb_loop+0x40/0x90
[  581.802492][T10704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.802513][T10704] RIP: 0033:0x7f6f0399ce59
[  581.802531][T10704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  581.802550][T10704] RSP: 002b:00007f6f047d9028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  581.802571][T10704] RAX: ffffffffffffffda RBX: 00007f6f03c15fa0 RCX: 00007f6f0399ce59
[  581.802585][T10704] RDX: 0000000000000f00 RSI: 0000200000000400 RDI: 0000000000000003
[  581.802597][T10704] RBP: 00007f6f047d9090 R08: 0000000000000000 R09: 0000000000000000
[  581.802610][T10704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  581.802622][T10704] R13: 00007f6f03c16038 R14: 00007f6f03c15fa0 R15: 00007fff8101ed48
[  581.802651][T10704]  </TASK>
[  582.040507][T10708] FAULT_INJECTION: forcing a failure.
[  582.040507][T10708] name failslab, interval 1, probability 0, space 0, times 0
[  582.055627][T10708] CPU: 0 UID: 0 PID: 10708 Comm: syz.1.1284 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  582.055662][T10708] Tainted: [L]=SOFTLOCKUP
[  582.055670][T10708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  582.055682][T10708] Call Trace:
[  582.055688][T10708]  <TASK>
[  582.055696][T10708]  dump_stack_lvl+0x100/0x190
[  582.055727][T10708]  should_fail_ex.cold+0x5/0xa
[  582.055756][T10708]  ? tomoyo_encode2+0xfb/0x3c0
[  582.055784][T10708]  should_failslab+0xc2/0x120
[  582.055806][T10708]  __kmalloc_noprof+0xe0/0x850
[  582.055836][T10708]  ? d_absolute_path+0x136/0x1b0
[  582.055864][T10708]  tomoyo_encode2+0xfb/0x3c0
[  582.055897][T10708]  tomoyo_encode+0x29/0x50
[  582.055925][T10708]  tomoyo_realpath_from_path+0x18c/0x690
[  582.055963][T10708]  tomoyo_path_number_perm+0x23c/0x580
[  582.055986][T10708]  ? tomoyo_path_number_perm+0x22e/0x580
[  582.056012][T10708]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  582.056068][T10708]  ? find_held_lock+0x2b/0x80
[  582.056088][T10708]  ? __fget_files+0x215/0x3d0
[  582.056112][T10708]  ? hook_file_ioctl_common+0x149/0x410
[  582.056142][T10708]  ? __fget_files+0x215/0x3d0
[  582.056173][T10708]  ? __fget_files+0x21f/0x3d0
[  582.056204][T10708]  security_file_ioctl+0xd3/0x230
[  582.056233][T10708]  __x64_sys_ioctl+0xb7/0x210
[  582.056258][T10708]  do_syscall_64+0x10b/0xf80
[  582.056286][T10708]  ? clear_bhb_loop+0x40/0x90
[  582.056321][T10708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.056343][T10708] RIP: 0033:0x7fcd1eb9ce59
[  582.056360][T10708] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  582.056380][T10708] RSP: 002b:00007fcd1faba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  582.056400][T10708] RAX: ffffffffffffffda RBX: 00007fcd1ee15fa0 RCX: 00007fcd1eb9ce59
[  582.056415][T10708] RDX: ffffffffffffffff RSI: 0000000040084504 RDI: 0000000000000003
[  582.056428][T10708] RBP: 00007fcd1faba090 R08: 0000000000000000 R09: 0000000000000000
[  582.056441][T10708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  582.056453][T10708] R13: 00007fcd1ee16038 R14: 00007fcd1ee15fa0 R15: 00007ffd1e9368f8
[  582.056483][T10708]  </TASK>
[  582.056570][T10708] ERROR: Out of memory at tomoyo_realpath_from_path.
[  582.088560][   T24] usb 5-1: USB disconnect, device number 19
[  582.325433][ T2356] pvrusb2: Timed out control-write
[  582.335354][ T2356] pvrusb2: Device being rendered inoperable
[  582.401658][ T2356] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  582.521983][ T2356] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  582.886727][T10713] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1287'.
[  583.083565][T10713] bridge0: port 3(netdevsim0) entered disabled state
[  583.696849][   T30] audit: type=1400 audit(2000000025.550:426): avc:  denied  { lock } for  pid=10698 comm="syz.4.1283" path="socket:[27418]" dev="sockfs" ino=27418 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  583.765374][   T30] audit: type=1400 audit(2000000025.580:427): avc:  denied  { map } for  pid=10718 comm="syz.0.1290" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  583.872743][   T30] audit: type=1400 audit(2000000025.610:428): avc:  denied  { lock } for  pid=10698 comm="syz.4.1283" path="socket:[28168]" dev="sockfs" ino=28168 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  584.023829][T10732] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1292'.
[  584.316476][T10735] fuse: fd is not a fuse device
[  584.437038][T10739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  584.448731][T10739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  584.484664][T10739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  584.521260][T10739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  584.758909][T10747] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1295'.
[  587.893885][   T30] audit: type=1400 audit(2000000029.740:429): avc:  denied  { remount } for  pid=10771 comm="syz.3.1303" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  587.962691][T10775] FAULT_INJECTION: forcing a failure.
[  587.962691][T10775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  588.015606][T10778] netlink: 'syz.1.1304': attribute type 1 has an invalid length.
[  588.040225][T10775] CPU: 0 UID: 0 PID: 10775 Comm: syz.0.1306 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.040259][T10775] Tainted: [L]=SOFTLOCKUP
[  588.040265][T10775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  588.040276][T10775] Call Trace:
[  588.040282][T10775]  <TASK>
[  588.040290][T10775]  dump_stack_lvl+0x100/0x190
[  588.040320][T10775]  should_fail_ex.cold+0x5/0xa
[  588.040349][T10775]  _copy_from_user+0x2e/0xd0
[  588.040381][T10775]  move_addr_to_kernel+0x65/0x170
[  588.040411][T10775]  copy_msghdr_from_user+0x417/0x4f0
[  588.040439][T10775]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  588.040481][T10775]  ___sys_sendmsg+0x106/0x1e0
[  588.040511][T10775]  ? __pfx____sys_sendmsg+0x10/0x10
[  588.040575][T10775]  __sys_sendmsg+0x170/0x220
[  588.040598][T10775]  ? __pfx___sys_sendmsg+0x10/0x10
[  588.040632][T10775]  ? rcu_is_watching+0x12/0xc0
[  588.040667][T10775]  do_syscall_64+0x10b/0xf80
[  588.040695][T10775]  ? clear_bhb_loop+0x40/0x90
[  588.040730][T10775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.040751][T10775] RIP: 0033:0x7f768419ce59
[  588.040768][T10775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  588.040788][T10775] RSP: 002b:00007f768504a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  588.040809][T10775] RAX: ffffffffffffffda RBX: 00007f7684415fa0 RCX: 00007f768419ce59
[  588.040823][T10775] RDX: 0000000006008045 RSI: 0000200000000300 RDI: 0000000000000003
[  588.040836][T10775] RBP: 00007f768504a090 R08: 0000000000000000 R09: 0000000000000000
[  588.040849][T10775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.040861][T10775] R13: 00007f7684416038 R14: 00007f7684415fa0 R15: 00007fff15ef83f8
[  588.040890][T10775]  </TASK>
[  588.217439][T10778] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1304'.
[  588.279458][T10782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  588.296143][T10782] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1305'.
[  589.727092][   T30] audit: type=1400 audit(2000000031.580:430): avc:  denied  { setopt } for  pid=10794 comm="syz.0.1310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  589.852785][   T30] audit: type=1400 audit(2000000031.610:431): avc:  denied  { map } for  pid=10794 comm="syz.0.1310" path="socket:[27525]" dev="sockfs" ino=27525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  589.931158][   T30] audit: type=1400 audit(2000000031.610:432): avc:  denied  { accept } for  pid=10794 comm="syz.0.1310" path="socket:[27525]" dev="sockfs" ino=27525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  589.957372][   T30] audit: type=1400 audit(2000000031.630:433): avc:  denied  { name_connect } for  pid=10799 comm="syz.2.1312" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  590.480818][   T30] audit: type=1400 audit(2000000032.100:434): avc:  denied  { append } for  pid=10783 comm="syz.3.1307" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  591.820818][T10663] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  592.164144][   T30] audit: type=1400 audit(2000000033.640:435): avc:  denied  { mount } for  pid=10814 comm="syz.1.1315" name="/" dev="ramfs" ino=28366 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  592.401419][ T8688] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  592.581132][ T2225] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  592.595220][ T8688] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  592.621944][ T8688] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  592.632714][ T8688] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  592.642104][ T8688] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.671044][T10819] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  592.682085][ T8688] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  592.771210][ T2225] usb 4-1: Using ep0 maxpacket: 32
[  592.889157][ T2225] usb 4-1: New USB device found, idVendor=047f, idProduct=c010, bcdDevice= 0.40
[  593.404181][ T2225] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.417824][ T2225] usb 4-1: Product: Б
[  593.449525][ T2225] usb 4-1: Manufacturer: ఊ
[  593.479841][ T2225] usb 4-1: SerialNumber: 托‵췃쭡慯Ř獝蠾᳍夾⿦ᮼ翮혮첼␮ȓ힂児ᬽꀉ芯튆볍⪜ꘟ䵧칪丸씉弣眰욞瑎폯呴钨㛹಍龒둚笯࠻
[  593.817467][T10830] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1319'.
[  594.295554][ T8688] usb 2-1: USB disconnect, device number 17
[  594.486596][T10821] syzkaller0: entered promiscuous mode
[  594.607152][T10821] syzkaller0: entered allmulticast mode
[  595.513644][   T30] audit: type=1400 audit(2000000037.270:436): avc:  denied  { node_bind } for  pid=10834 comm="syz.4.1321" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  595.610021][ T2225] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -71
[  595.687091][ T2225] usb 4-1: USB disconnect, device number 26
[  595.901406][   T24] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  596.956051][   T24] usb 2-1: Using ep0 maxpacket: 8
[  596.964539][   T24] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  596.976746][   T24] usb 2-1: config 179 has no interface number 0
[  596.983490][   T24] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  596.999555][   T24] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  597.011399][   T24] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  597.023033][   T24] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  597.045273][   T24] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  597.058986][   T24] usb 2-1: config 179 interface 65 has no altsetting 0
[  597.076046][   T24] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  597.088434][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.205687][   T24] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input17
[  597.259441][   T30] audit: type=1400 audit(2000000039.110:437): avc:  denied  { read } for  pid=4964 comm="acpid" name="js2" dev="devtmpfs" ino=3063 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  597.309909][   T30] audit: type=1400 audit(2000000039.110:438): avc:  denied  { open } for  pid=4964 comm="acpid" path="/dev/input/js2" dev="devtmpfs" ino=3063 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  597.382791][   T30] audit: type=1400 audit(2000000039.150:439): avc:  denied  { module_request } for  pid=10866 comm="syz.2.1331" kmod="net-pf-2-proto-0-type-6" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  599.934991][    T9] usb 2-1: USB disconnect, device number 18
[  599.935084][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  600.763900][   T30] audit: type=1400 audit(2000000002.130:440): avc:  denied  { connect } for  pid=10891 comm="syz.1.1335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  600.980281][   T30] audit: type=1400 audit(2000000002.130:441): avc:  denied  { write } for  pid=10891 comm="syz.1.1335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  601.559012][   T30] audit: type=1400 audit(2000000002.920:442): avc:  denied  { ioctl } for  pid=10898 comm="syz.4.1339" path="socket:[28544]" dev="sockfs" ino=28544 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  601.861818][   T30] audit: type=1400 audit(2000000003.190:443): avc:  denied  { bind } for  pid=10898 comm="syz.4.1339" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  602.502818][T10913] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1337'.
[  602.899684][   T30] audit: type=1400 audit(2000000004.260:444): avc:  denied  { write } for  pid=10916 comm="syz.1.1343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  603.406309][   T30] audit: type=1400 audit(2000000004.750:445): avc:  denied  { ioctl } for  pid=10916 comm="syz.1.1343" path="socket:[28780]" dev="sockfs" ino=28780 ioctlcmd=0x5882 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  604.724192][   T30] audit: type=1400 audit(2000000006.090:446): avc:  denied  { connect } for  pid=10935 comm="syz.4.1348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  604.727733][T10936] FAULT_INJECTION: forcing a failure.
[  604.727733][T10936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  604.846328][T10936] CPU: 0 UID: 0 PID: 10936 Comm: syz.4.1348 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  604.846366][T10936] Tainted: [L]=SOFTLOCKUP
[  604.846373][T10936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  604.846385][T10936] Call Trace:
[  604.846392][T10936]  <TASK>
[  604.846400][T10936]  dump_stack_lvl+0x100/0x190
[  604.846431][T10936]  should_fail_ex.cold+0x5/0xa
[  604.846461][T10936]  _copy_to_iter+0x5a4/0x1720
[  604.846498][T10936]  ? __pfx__copy_to_iter+0x10/0x10
[  604.846527][T10936]  ? ping_get_first.isra.0+0x1ab/0x250
[  604.846557][T10936]  ? find_held_lock+0x2b/0x80
[  604.846577][T10936]  ? seq_read_iter+0xd33/0x1270
[  604.846601][T10936]  ? seq_read_iter+0xd33/0x1270
[  604.846631][T10936]  seq_read_iter+0xdab/0x1270
[  604.846667][T10936]  seq_read+0x33b/0x4c0
[  604.846691][T10936]  ? __pfx_seq_read+0x10/0x10
[  604.846716][T10936]  ? __lock_acquire+0x4a5/0x2630
[  604.846745][T10936]  ? import_ubuf+0x1b6/0x220
[  604.846777][T10936]  ? selinux_file_permission+0x8f/0x6d0
[  604.846813][T10936]  ? __pfx_seq_read+0x10/0x10
[  604.846837][T10936]  proc_reg_read+0x240/0x330
[  604.846867][T10936]  ? __pfx_proc_reg_read+0x10/0x10
[  604.846893][T10936]  vfs_readv+0x5d8/0x8d0
[  604.846923][T10936]  ? __pfx_vfs_readv+0x10/0x10
[  604.846944][T10936]  ? find_held_lock+0x2b/0x80
[  604.846979][T10936]  ? __fget_files+0x21f/0x3d0
[  604.847010][T10936]  ? do_preadv+0x1ac/0x270
[  604.847027][T10936]  do_preadv+0x1ac/0x270
[  604.847047][T10936]  ? __pfx_do_preadv+0x10/0x10
[  604.847068][T10936]  ? rcu_is_watching+0x12/0xc0
[  604.847099][T10936]  do_syscall_64+0x10b/0xf80
[  604.847125][T10936]  ? clear_bhb_loop+0x40/0x90
[  604.847158][T10936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.847179][T10936] RIP: 0033:0x7fda0d59ce59
[  604.847197][T10936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  604.847216][T10936] RSP: 002b:00007fda0e43b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  604.847236][T10936] RAX: ffffffffffffffda RBX: 00007fda0d815fa0 RCX: 00007fda0d59ce59
[  604.847250][T10936] RDX: 0000000000000001 RSI: 00002000000004c0 RDI: 0000000000000004
[  604.847262][T10936] RBP: 00007fda0e43b090 R08: 0000000000007400 R09: 0000000000000000
[  604.847275][T10936] R10: 00000000000000a3 R11: 0000000000000246 R12: 0000000000000001
[  604.847287][T10936] R13: 00007fda0d816038 R14: 00007fda0d815fa0 R15: 00007ffca9e3dfb8
[  604.847315][T10936]  </TASK>
[  605.856038][T10944] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1349'.
[  606.329307][T10953] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1352'.
[  606.815429][T10962] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  606.839506][T10962] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1356'.
[  607.389672][T10966] Mount JFS Failure: -5
[  607.402630][   T30] audit: type=1400 audit(2000000008.770:447): avc:  denied  { listen } for  pid=10967 comm="syz.2.1358" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  607.558712][   T30] audit: type=1400 audit(2000000008.920:448): avc:  denied  { accept } for  pid=10967 comm="syz.2.1358" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  609.125402][T10981] atomic_op ffff88807d054998 conn xmit_atomic 0000000000000000
[  609.370515][T10991] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1364'.
[  609.871509][T10991] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1364'.
[  609.981141][   T24] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  610.122899][   T24] usb 2-1: device descriptor read/64, error -71
[  610.215709][   T30] audit: type=1400 audit(2000000011.580:449): avc:  denied  { create } for  pid=10980 comm="syz.4.1362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  610.278533][   T30] audit: type=1400 audit(2000000011.580:450): avc:  denied  { write } for  pid=10980 comm="syz.4.1362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  610.310321][   T30] audit: type=1400 audit(2000000011.630:451): avc:  denied  { map } for  pid=11000 comm="syz.0.1368" path="socket:[29885]" dev="sockfs" ino=29885 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  610.401904][   T24] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  610.551443][   T24] usb 2-1: device descriptor read/64, error -71
[  611.111565][   T24] usb usb2-port1: attempt power cycle
[  611.312430][T11016] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  611.336200][T11016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1371'.
[  611.722431][   T30] audit: type=1400 audit(2000000013.070:452): avc:  denied  { read } for  pid=11000 comm="syz.0.1368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  611.793185][T11018] Mount JFS Failure: -5
[  611.845752][T11020] fuse: fd is not a fuse device
[  612.292015][   T29] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  613.399543][   T29] usb 5-1: Using ep0 maxpacket: 16
[  614.416615][T11036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1377'.
[  614.425560][T11036] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1377'.
[  616.198863][   T29] usb 5-1: unable to read config index 0 descriptor/all
[  616.206629][   T29] usb 5-1: can't read configurations, error -71
[  616.667628][T11049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1383'.
[  616.676646][T11049] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1383'.
[  616.693749][T11050] FAULT_INJECTION: forcing a failure.
[  616.693749][T11050] name failslab, interval 1, probability 0, space 0, times 0
[  616.753900][T11050] CPU: 0 UID: 0 PID: 11050 Comm: syz.4.1381 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  616.753920][T11050] Tainted: [L]=SOFTLOCKUP
[  616.753924][T11050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  616.753932][T11050] Call Trace:
[  616.753936][T11050]  <TASK>
[  616.753941][T11050]  dump_stack_lvl+0x100/0x190
[  616.753961][T11050]  should_fail_ex.cold+0x5/0xa
[  616.753979][T11050]  should_failslab+0xc2/0x120
[  616.753992][T11050]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  616.754010][T11050]  ? __alloc_skb+0x140/0x710
[  616.754020][T11050]  ? __alloc_skb+0x5b7/0x710
[  616.754032][T11050]  __alloc_skb+0x140/0x710
[  616.754042][T11050]  ? __alloc_skb+0x5b7/0x710
[  616.754051][T11050]  ? __pfx___alloc_skb+0x10/0x10
[  616.754066][T11050]  netlink_alloc_large_skb+0x69/0x150
[  616.754083][T11050]  netlink_sendmsg+0x680/0xda0
[  616.754100][T11050]  ? __pfx_netlink_sendmsg+0x10/0x10
[  616.754114][T11050]  ? __might_fault+0x30/0x140
[  616.754135][T11050]  ____sys_sendmsg+0x9e1/0xb70
[  616.754149][T11050]  ? __pfx_netlink_sendmsg+0x10/0x10
[  616.754165][T11050]  ? __pfx_____sys_sendmsg+0x10/0x10
[  616.754185][T11050]  ___sys_sendmsg+0x190/0x1e0
[  616.754201][T11050]  ? __pfx____sys_sendmsg+0x10/0x10
[  616.754233][T11050]  __sys_sendmsg+0x170/0x220
[  616.754246][T11050]  ? __pfx___sys_sendmsg+0x10/0x10
[  616.754263][T11050]  ? rcu_is_watching+0x12/0xc0
[  616.754283][T11050]  do_syscall_64+0x10b/0xf80
[  616.754298][T11050]  ? clear_bhb_loop+0x40/0x90
[  616.754312][T11050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.754323][T11050] RIP: 0033:0x7fda0d59ce59
[  616.754333][T11050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  616.754344][T11050] RSP: 002b:00007fda0e43b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  616.754355][T11050] RAX: ffffffffffffffda RBX: 00007fda0d815fa0 RCX: 00007fda0d59ce59
[  616.754362][T11050] RDX: 0000000000009080 RSI: 0000200000000200 RDI: 0000000000000004
[  616.754369][T11050] RBP: 00007fda0e43b090 R08: 0000000000000000 R09: 0000000000000000
[  616.754375][T11050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  616.754381][T11050] R13: 00007fda0d816038 R14: 00007fda0d815fa0 R15: 00007ffca9e3dfb8
[  616.754396][T11050]  </TASK>
[  617.253106][T11064] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  617.269195][T11064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1386'.
[  618.048204][T11071] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'.
[  618.057309][T11071] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1390'.
[  618.891649][    T9] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  619.553889][    T9] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  619.579304][    T9] usb 2-1: config 0 has no interface number 0
[  619.593829][    T9] usb 2-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  619.659112][    T9] usb 2-1: config 0 interface 67 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  619.691804][    T9] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  619.720553][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  619.748260][    T9] usb 2-1: Product: syz
[  619.762439][    T9] usb 2-1: Manufacturer: syz
[  619.774933][    T9] usb 2-1: SerialNumber: syz
[  619.884888][    T9] usb 2-1: config 0 descriptor??
[  619.918610][T11067] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  619.964785][T11067] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  620.119144][T11123] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  620.209116][T11123] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  620.287655][T11067] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  620.361551][T11067] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  620.612451][    T9] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  620.637482][T11067] fuse: Bad value for 'fd'
[  620.656068][    T9] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  620.686784][    T9] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  620.710172][    T9] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  620.736730][    T9] usb 2-1: USB disconnect, device number 22
[  621.057714][T11094] syz_tun: entered allmulticast mode
[  621.067337][ T1342] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  621.091157][ T1342] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  621.118175][T11096] syz_tun: left allmulticast mode
[  621.132549][ T1342] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  621.161706][ T1342] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  621.291965][T11155] FAULT_INJECTION: forcing a failure.
[  621.291965][T11155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  621.337047][T11155] CPU: 0 UID: 0 PID: 11155 Comm: syz.0.1400 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  621.337079][T11155] Tainted: [L]=SOFTLOCKUP
[  621.337085][T11155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  621.337094][T11155] Call Trace:
[  621.337100][T11155]  <TASK>
[  621.337108][T11155]  dump_stack_lvl+0x100/0x190
[  621.337136][T11155]  should_fail_ex.cold+0x5/0xa
[  621.337165][T11155]  _copy_from_user+0x2e/0xd0
[  621.337195][T11155]  move_addr_to_kernel+0x65/0x170
[  621.337224][T11155]  copy_msghdr_from_user+0x417/0x4f0
[  621.337252][T11155]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  621.337285][T11155]  ? __pfx__kstrtoull+0x10/0x10
[  621.337314][T11155]  ___sys_sendmsg+0x106/0x1e0
[  621.337341][T11155]  ? __pfx____sys_sendmsg+0x10/0x10
[  621.337377][T11155]  ? find_held_lock+0x2b/0x80
[  621.337412][T11155]  __sys_sendmmsg+0x205/0x430
[  621.337435][T11155]  ? __pfx___sys_sendmmsg+0x10/0x10
[  621.337464][T11155]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  621.337504][T11155]  ? fput+0x79/0x100
[  621.337531][T11155]  ? ksys_write+0x1ac/0x250
[  621.337552][T11155]  ? __pfx_ksys_write+0x10/0x10
[  621.337579][T11155]  __x64_sys_sendmmsg+0x9c/0x100
[  621.337599][T11155]  ? lockdep_hardirqs_on+0x78/0x100
[  621.337624][T11155]  do_syscall_64+0x10b/0xf80
[  621.337650][T11155]  ? clear_bhb_loop+0x40/0x90
[  621.337672][T11155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.337697][T11155] RIP: 0033:0x7f768419ce59
[  621.337712][T11155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  621.337731][T11155] RSP: 002b:00007f768504a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  621.337751][T11155] RAX: ffffffffffffffda RBX: 00007f7684415fa0 RCX: 00007f768419ce59
[  621.337764][T11155] RDX: 0000000000000001 RSI: 0000200000000800 RDI: 0000000000000003
[  621.337777][T11155] RBP: 00007f768504a090 R08: 0000000000000000 R09: 0000000000000000
[  621.337790][T11155] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001
[  621.337802][T11155] R13: 00007f7684416038 R14: 00007f7684415fa0 R15: 00007fff15ef83f8
[  621.337829][T11155]  </TASK>
[  622.180964][T11167] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  622.197346][T11167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1401'.
[  623.097752][T11174] overlayfs: failed to clone upperpath
[  623.588669][T11185] syz_tun: entered allmulticast mode
[  623.632108][T11185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1406'.
[  623.829935][T11191] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1410'.
[  623.852077][   T30] audit: type=1400 audit(2000000025.210:453): avc:  denied  { write } for  pid=11188 comm="syz.2.1410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  624.048995][   T30] audit: type=1400 audit(2000000025.410:454): avc:  denied  { ioctl } for  pid=11179 comm="syz.1.1406" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0x943d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  624.074736][T11195] fuse: fd is not a fuse device
[  624.125733][ T1310] ieee802154 phy1 wpan1: encryption failed: -22
[  624.318574][T11179] syz_tun: left allmulticast mode
[  624.476386][T11198] tc_dump_action: action bad kind
[  624.633214][ T5749] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  624.666376][T11206] FAULT_INJECTION: forcing a failure.
[  624.666376][T11206] name failslab, interval 1, probability 0, space 0, times 0
[  624.689915][T11206] CPU: 0 UID: 0 PID: 11206 Comm: syz.3.1414 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  624.689949][T11206] Tainted: [L]=SOFTLOCKUP
[  624.689955][T11206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  624.689967][T11206] Call Trace:
[  624.689974][T11206]  <TASK>
[  624.689982][T11206]  dump_stack_lvl+0x100/0x190
[  624.690012][T11206]  should_fail_ex.cold+0x5/0xa
[  624.690042][T11206]  ? tomoyo_encode2+0xfb/0x3c0
[  624.690069][T11206]  should_failslab+0xc2/0x120
[  624.690092][T11206]  __kmalloc_noprof+0xe0/0x850
[  624.690129][T11206]  tomoyo_encode2+0xfb/0x3c0
[  624.690162][T11206]  tomoyo_encode+0x29/0x50
[  624.690188][T11206]  tomoyo_realpath_from_path+0x18c/0x690
[  624.690224][T11206]  tomoyo_path_number_perm+0x23c/0x580
[  624.690255][T11206]  ? tomoyo_path_number_perm+0x22e/0x580
[  624.690282][T11206]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  624.690337][T11206]  ? find_held_lock+0x2b/0x80
[  624.690357][T11206]  ? __fget_files+0x215/0x3d0
[  624.690382][T11206]  ? hook_file_ioctl_common+0x149/0x410
[  624.690412][T11206]  ? __fget_files+0x215/0x3d0
[  624.690443][T11206]  ? __fget_files+0x21f/0x3d0
[  624.690473][T11206]  security_file_ioctl+0xd3/0x230
[  624.690505][T11206]  __x64_sys_ioctl+0xb7/0x210
[  624.690530][T11206]  do_syscall_64+0x10b/0xf80
[  624.690557][T11206]  ? clear_bhb_loop+0x40/0x90
[  624.690583][T11206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.690605][T11206] RIP: 0033:0x7f6f0399ce59
[  624.690622][T11206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  624.690641][T11206] RSP: 002b:00007f6f047d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  624.690661][T11206] RAX: ffffffffffffffda RBX: 00007f6f03c15fa0 RCX: 00007f6f0399ce59
[  624.690674][T11206] RDX: 00002000000002c0 RSI: 00000000800448d4 RDI: 0000000000000004
[  624.690687][T11206] RBP: 00007f6f047d9090 R08: 0000000000000000 R09: 0000000000000000
[  624.690699][T11206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.690710][T11206] R13: 00007f6f03c16038 R14: 00007f6f03c15fa0 R15: 00007fff8101ed48
[  624.690737][T11206]  </TASK>
[  624.690812][T11206] ERROR: Out of memory at tomoyo_realpath_from_path.
[  624.971537][ T5749] usb 5-1: device descriptor read/64, error -71
[  625.456388][ T5749] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  625.474526][T11217] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  625.499217][T11217] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1416'.
[  626.101757][ T5749] usb 5-1: device descriptor read/64, error -71
[  626.228225][T11220] Mount JFS Failure: -5
[  626.276976][ T5749] usb usb5-port1: attempt power cycle
[  627.218483][ T5749] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  627.271586][T11233] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1420'.
[  627.299710][T11235] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1421'.
[  627.551393][T11242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1422'.
[  627.617378][ T5749] usb 5-1: device not accepting address 24, error -71
[  627.751356][   T24] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  627.931327][   T24] usb 4-1: Using ep0 maxpacket: 32
[  627.942024][   T24] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  627.951745][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.959788][   T24] usb 4-1: Product: syz
[  627.966436][   T24] usb 4-1: Manufacturer: syz
[  627.974351][   T24] usb 4-1: SerialNumber: syz
[  627.988663][   T24] usb 4-1: config 0 descriptor??
[  628.104982][T11255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  628.128262][T11255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  628.254475][T11255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  628.336673][T11255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  628.583573][T11255] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  628.644927][    T9] usb 4-1: USB disconnect, device number 27
[  628.920235][T11255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  628.926721][T11269] random: crng reseeded on system resumption
[  628.956113][   T30] audit: type=1400 audit(2000000030.320:455): avc:  denied  { lock } for  pid=11268 comm="syz.3.1432" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  628.974493][T11255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  629.626195][T11278] Mount JFS Failure: -5
[  630.670005][T11276] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  631.291317][T11287] capability: warning: `syz.2.1438' uses deprecated v2 capabilities in a way that may be insecure
[  631.401219][T10663] Bluetooth: hci0: command 0x0406 tx timeout
[  631.803986][T11300] overlayfs: failed to clone upperpath
[  632.471531][    T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  632.634494][    T9] usb 5-1: Using ep0 maxpacket: 32
[  632.721092][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  632.761295][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  632.779314][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  632.791689][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.974120][    T9] usb 5-1: config 0 descriptor??
[  632.992575][    T9] hub 5-1:0.0: USB hub found
[  634.564767][    T9] hub 5-1:0.0: 26 ports detected
[  634.890713][    T9] hub 5-1:0.0: insufficient power available to use all downstream ports
[  634.985132][    T9] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  635.008978][    T9] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  635.034438][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  635.044584][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  635.083331][    T9] usb 5-1: USB disconnect, device number 26
[  635.159168][T11337] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  635.221148][   T29] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  635.381345][   T29] usb 4-1: Using ep0 maxpacket: 8
[  635.402185][   T29] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  635.426922][   T29] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 2047, setting to 1024
[  635.453398][   T29] usb 4-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40
[  635.466480][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.475746][   T29] usb 4-1: Product: syz
[  635.480015][   T29] usb 4-1: Manufacturer: syz
[  635.489856][   T29] usb 4-1: SerialNumber: syz
[  635.717626][   T29] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  635.724790][   T29] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  635.757588][   T29] usb 4-1: USB disconnect, device number 28
[  635.761822][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  635.864755][   T24] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  636.215303][   T24] usb 5-1: device descriptor read/64, error -71
[  636.275789][ T5610] udevd[5610]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  636.391683][    T9] usb 2-1: device descriptor read/64, error -71
[  636.611260][   T24] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  636.767480][   T24] usb 5-1: device descriptor read/64, error -71
[  636.949303][   T24] usb usb5-port1: attempt power cycle
[  637.011523][    T9] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  637.141374][    T9] usb 2-1: device descriptor read/64, error -71
[  637.232905][T11358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1459'.
[  637.346659][    T9] usb usb2-port1: attempt power cycle
[  637.521663][   T24] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  637.524917][ T8688] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  637.647916][   T24] usb 5-1: device descriptor read/8, error -71
[  637.691112][ T8688] usb 4-1: Using ep0 maxpacket: 16
[  637.697617][ T8688] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  637.709156][ T8688] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  637.720439][ T8688] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  637.797037][T11363] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1460'.
[  638.184161][ T8688] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  638.201267][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  638.208917][ T8688] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  638.217468][ T8688] usb 4-1: Manufacturer: syz
[  638.227272][ T8688] usb 4-1: config 0 descriptor??
[  638.232987][    T9] usb 2-1: device descriptor read/8, error -71
[  638.341177][   T24] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  638.362008][   T24] usb 5-1: device descriptor read/8, error -71
[  638.879580][   T24] usb usb5-port1: unable to enumerate USB device
[  638.955652][    T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  638.968387][T11371] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  638.971760][T11373] FAULT_INJECTION: forcing a failure.
[  638.971760][T11373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  638.990494][T11373] CPU: 1 UID: 0 PID: 11373 Comm: syz.1.1463 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  638.990527][T11373] Tainted: [L]=SOFTLOCKUP
[  638.990534][T11373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  638.990544][T11373] Call Trace:
[  638.990551][T11373]  <TASK>
[  638.990559][T11373]  dump_stack_lvl+0x100/0x190
[  638.990589][T11373]  should_fail_ex.cold+0x5/0xa
[  638.990618][T11373]  _copy_to_user+0x32/0xd0
[  638.990650][T11373]  bpf_prog_test_run_syscall+0x5ea/0xad0
[  638.990681][T11373]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  638.990709][T11373]  ? fput+0x79/0x100
[  638.990738][T11373]  ? __bpf_prog_get+0x97/0x2a0
[  638.990764][T11373]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  638.990793][T11373]  __sys_bpf+0x1725/0x4b90
[  638.990817][T11373]  ? __pfx___sys_bpf+0x10/0x10
[  638.990835][T11373]  ? proc_fail_nth_write+0x9f/0x220
[  638.990857][T11373]  ? find_held_lock+0x2b/0x80
[  638.990883][T11373]  ? find_held_lock+0x2b/0x80
[  638.990903][T11373]  ? ksys_write+0x190/0x250
[  638.990923][T11373]  ? ksys_write+0x190/0x250
[  638.990950][T11373]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  638.990980][T11373]  ? kernel_write+0x653/0x6c0
[  638.991001][T11373]  ? __fget_files+0x215/0x3d0
[  638.991039][T11373]  ? fput+0x79/0x100
[  638.991064][T11373]  ? ksys_write+0x1ac/0x250
[  638.991085][T11373]  ? __pfx_ksys_write+0x10/0x10
[  638.991113][T11373]  __x64_sys_bpf+0x7b/0xc0
[  638.991132][T11373]  ? lockdep_hardirqs_on+0x78/0x100
[  638.991160][T11373]  do_syscall_64+0x10b/0xf80
[  638.991187][T11373]  ? clear_bhb_loop+0x40/0x90
[  638.991212][T11373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.991232][T11373] RIP: 0033:0x7fcd1eb9ce59
[  638.991250][T11373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  638.991269][T11373] RSP: 002b:00007fcd1faba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  638.991288][T11373] RAX: ffffffffffffffda RBX: 00007fcd1ee15fa0 RCX: 00007fcd1eb9ce59
[  638.991301][T11373] RDX: 0000000000000048 RSI: 0000200000000500 RDI: 000000000000000a
[  638.991313][T11373] RBP: 00007fcd1faba090 R08: 0000000000000000 R09: 0000000000000000
[  638.991326][T11373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  638.991337][T11373] R13: 00007fcd1ee16038 R14: 00007fcd1ee15fa0 R15: 00007ffd1e9368f8
[  638.991365][T11373]  </TASK>
[  639.232820][    T9] usb 2-1: device not accepting address 26, error -71
[  639.240574][    T9] usb usb2-port1: unable to enumerate USB device
[  639.438699][T11380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  639.448059][T11380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  640.218257][   T29] usb 4-1: USB disconnect, device number 29
[  641.377973][T11391] Mount JFS Failure: -5
[  642.711481][T11398] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  643.391517][T11413] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1471'.
[  644.097793][T11432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  644.111197][   T29] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  644.121841][T11432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  644.152013][T11432] fuse: Bad value for 'fd'
[  644.261288][   T29] usb 2-1: Using ep0 maxpacket: 8
[  644.268204][   T29] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  644.286823][   T29] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  644.307427][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  644.325189][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  644.343879][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  644.362688][   T29] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  644.388296][   T29] usb 2-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  644.404344][   T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  644.418376][   T29] usb 2-1: Product: syz
[  644.427091][   T29] usb 2-1: Manufacturer: syz
[  644.435061][   T29] usb 2-1: SerialNumber: syz
[  644.447060][   T29] usb 2-1: config 0 descriptor??
[  644.459455][T11418] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  644.698191][T11418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  644.741970][T11418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  645.385618][T11418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  645.404236][T11418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  645.430558][T11418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  645.453091][T11418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  645.481193][   T24] usb 5-1: new full-speed USB device number 31 using dummy_hcd
[  645.653123][   T24] usb 5-1: not running at top speed; connect to a high speed hub
[  645.678971][   T24] usb 5-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice= 0.40
[  645.691558][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.708251][   T24] usb 5-1: Product: ㅟ㮀蒖鷍簱㞵繺䶗鞔犃✀㔇ᕦ໤⑽刀咤훈㗸⦥将둢ꧏ翖擘县颾즳移뗽誯쨥죣鏽㚶榋숌䋍ꯌ笒튽䂿类혽蹳굸裉瓖떃쓷⵭錿㠼숪톽ꕽ㎄䙾摅馠䃻㕵䤢㈟䥒텠ꕪ㓹䯒晼쿪矲僄ᅧ쁧鑏ڶꕥ呠댯寶뱥㘟蜒Ẓ岘漢
[  645.876154][   T24] usb 5-1: Manufacturer: 믶弶ꃤ뢿㑆頎貉賙첖擰鿌濾댫ⷯ뿵뷹担닪╰욍᮲먑ꋆ츢崩㈨䴂
[  645.904333][   T24] usb 5-1: SerialNumber: syz
[  645.942292][   T29] rc_core: IR keymap rc-snapstream-firefly not found
[  645.949139][   T29] Registered IR keymap rc-empty
[  646.125583][T11443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  646.135365][   T29] rc rc0: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  646.152037][T11443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  646.155806][   T29] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input18
[  646.193981][   T30] audit: type=1400 audit(2000000047.560:456): avc:  denied  { ioctl } for  pid=4964 comm="acpid" path="/dev/input/event6" dev="devtmpfs" ino=3085 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  646.225812][   T29] input: syz syz mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input19
[  646.262303][T11443] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  646.292017][   T29] usb 2-1: USB disconnect, device number 27
[  646.298031][    C1] ati_remote 2-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19
[  646.793621][T11443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  646.828456][T11443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  646.880379][   T24] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -71
[  646.899456][T11456] FAULT_INJECTION: forcing a failure.
[  646.899456][T11456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  646.922192][T11456] CPU: 0 UID: 0 PID: 11456 Comm: syz.0.1486 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  646.922226][T11456] Tainted: [L]=SOFTLOCKUP
[  646.922233][T11456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  646.922245][T11456] Call Trace:
[  646.922251][T11456]  <TASK>
[  646.922259][T11456]  dump_stack_lvl+0x100/0x190
[  646.922288][T11456]  should_fail_ex.cold+0x5/0xa
[  646.922318][T11456]  _copy_from_user+0x2e/0xd0
[  646.922349][T11456]  memdup_user+0x6b/0xe0
[  646.922371][T11456]  strndup_user+0x78/0xe0
[  646.922393][T11456]  __x64_sys_mount+0x136/0x310
[  646.922424][T11456]  ? __pfx___x64_sys_mount+0x10/0x10
[  646.922458][T11456]  ? rcu_is_watching+0x12/0xc0
[  646.922493][T11456]  do_syscall_64+0x10b/0xf80
[  646.922523][T11456]  ? clear_bhb_loop+0x40/0x90
[  646.922548][T11456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.922570][T11456] RIP: 0033:0x7f768419ce59
[  646.922588][T11456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  646.922609][T11456] RSP: 002b:00007f768504a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  646.922634][T11456] RAX: ffffffffffffffda RBX: 00007f7684415fa0 RCX: 00007f768419ce59
[  646.922648][T11456] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000000000000000
[  646.922662][T11456] RBP: 00007f768504a090 R08: 0000200000000180 R09: 0000000000000000
[  646.922675][T11456] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000001
[  646.922687][T11456] R13: 00007f7684416038 R14: 00007f7684415fa0 R15: 00007fff15ef83f8
[  646.922716][T11456]  </TASK>
[  646.932651][   T24] snd-usb-audio 5-1:1.1: probe with driver snd-usb-audio failed with error -71
[  647.246070][   T24] snd-usb-audio 5-1:1.2: probe with driver snd-usb-audio failed with error -71
[  647.269400][   T24] usb 5-1: USB disconnect, device number 31
[  647.367942][T11460] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1487'.
[  648.679679][   T30] audit: type=1400 audit(2000000050.040:457): avc:  denied  { setopt } for  pid=11470 comm="syz.4.1492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  649.566814][T11478] Mount JFS Failure: -5
[  650.405813][   T30] audit: type=1400 audit(2000000051.770:458): avc:  denied  { bind } for  pid=11481 comm="syz.4.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  650.965106][   T30] audit: type=1400 audit(2000000052.290:459): avc:  denied  { listen } for  pid=11481 comm="syz.4.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  650.967662][   T30] audit: type=1400 audit(2000000052.290:460): avc:  denied  { connect } for  pid=11481 comm="syz.4.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  651.871551][   T29] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  652.108810][T11513] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1494'.
[  652.131185][    T9] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  652.131368][   T29] usb 5-1: Using ep0 maxpacket: 32
[  652.155762][   T29] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  652.270004][   T29] usb 5-1: config 0 has no interface number 0
[  652.270311][   T29] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  652.270371][   T29] usb 5-1: config 0 interface 1 has no altsetting 0
[  652.291400][   T29] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  652.291485][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.291544][   T29] usb 5-1: Product: syz
[  652.291594][   T29] usb 5-1: Manufacturer: syz
[  652.291646][   T29] usb 5-1: SerialNumber: syz
[  652.440395][   T29] usb 5-1: config 0 descriptor??
[  652.737154][T11518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  652.748920][T11518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  652.766694][T11518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  652.787785][   T30] audit: type=1400 audit(2000000054.150:461): avc:  denied  { write } for  pid=11512 comm="syz.2.1494" path="socket:[30921]" dev="sockfs" ino=30921 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  652.822547][T11518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  652.833992][    T9] usb 2-1: not running at top speed; connect to a high speed hub
[  652.846415][   T30] audit: type=1400 audit(2000000054.210:462): avc:  denied  { getopt } for  pid=11517 comm="syz.0.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  652.871660][T11518] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1501'.
[  652.877006][   T30] audit: type=1400 audit(2000000054.230:463): avc:  denied  { ioctl } for  pid=11517 comm="syz.0.1501" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  652.899942][    T9] usb 2-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice= 0.40
[  652.928719][   T29] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  652.935453][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.949462][    T9] usb 2-1: Product: ㅟ㮀蒖鷍簱㞵繺䶗鞔犃✀㔇ᕦ໤⑽刀咤훈㗸⦥将둢ꧏ翖擘县颾즳移뗽誯쨥죣鏽㚶榋숌䋍ꯌ笒튽䂿类혽蹳굸裉瓖떃쓷⵭錿㠼숪톽ꕽ㎄䙾摅馠䃻㕵䤢㈟䥒텠ꕪ㓹䯒晼쿪矲僄ᅧ쁧鑏ڶꕥ呠댯寶뱥㘟蜒Ẓ岘漢
[  652.980990][   T29] cx231xx 5-1:0.1: Failed to read PCB config
[  652.983208][    T9] usb 2-1: Manufacturer: 믶弶ꃤ뢿㑆頎貉賙첖擰鿌濾댫ⷯ뿵뷹担닪╰욍᮲먑ꋆ츢崩㈨䴂
[  652.988179][   T29] cx231xx 5-1:0.1: probe with driver cx231xx failed with error -71
[  653.001609][    T9] usb 2-1: SerialNumber: syz
[  653.013593][   T29] usb 5-1: USB disconnect, device number 32
[  653.242987][T11508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.251945][T11508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.261449][T11508] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  653.334172][T11524] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1503'.
[  653.487382][T11508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.529280][   T29] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  653.579033][T11508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.742203][    T9] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71
[  653.754519][   T29] usb 5-1: Using ep0 maxpacket: 32
[  653.758995][    T9] snd-usb-audio 2-1:1.1: probe with driver snd-usb-audio failed with error -71
[  653.766069][   T29] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  653.784856][    T9] snd-usb-audio 2-1:1.2: probe with driver snd-usb-audio failed with error -71
[  653.793904][   T29] usb 5-1: config 0 has no interface number 0
[  653.797431][    T9] usb 2-1: USB disconnect, device number 28
[  653.810667][   T29] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  653.844281][   T29] usb 5-1: config 0 interface 1 has no altsetting 0
[  653.863281][   T29] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  653.873708][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.883321][   T29] usb 5-1: Product: syz
[  653.887734][   T29] usb 5-1: Manufacturer: syz
[  653.895749][   T29] usb 5-1: SerialNumber: syz
[  653.909657][   T29] usb 5-1: config 0 descriptor??
[  654.233313][   T29] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  654.264448][   T29] cx231xx 5-1:0.1: Identified as Conexant Hybrid TV - RDU253S (card=4)
[  654.391434][   T29] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --110
[  654.440124][   T29] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --32
[  654.483381][   T29] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --32
[  654.532177][   T29] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --32
[  654.914392][   T29] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --32
[  654.943839][   T29] cx231xx 5-1:0.1: Failed to set devmode to analog: error: -32
[  655.297339][   T29] i2c i2c-2: Added multiplexed i2c bus 4
[  655.328378][   T29] i2c i2c-2: Added multiplexed i2c bus 5
[  655.349700][   T29] cx231xx 5-1:0.1: cx231xx_dev_init: Failed to set Power - errCode [-32]!
[  655.378624][   T29] cx231xx 5-1:0.1: cx231xx_init_dev: cx231xx_i2c_register - errCode [-32]!
[  656.089085][   T29] cx231xx 5-1:0.1: probe with driver cx231xx failed with error -32
[  656.456454][    T9] usb 5-1: USB disconnect, device number 33
[  656.529698][T11564] fuse: fd is not a fuse device
[  656.581942][   T29] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  656.795467][   T29] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  657.053817][   T29] usb 4-1: config 0 has no interface number 0
[  657.065775][   T29] usb 4-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  657.090602][   T29] usb 4-1: config 0 interface 67 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  657.141970][   T29] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  657.171199][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.173557][T11575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  657.202993][   T29] usb 4-1: Product: syz
[  657.217074][   T29] usb 4-1: Manufacturer: syz
[  657.222494][T11575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  657.332458][   T29] usb 4-1: SerialNumber: syz
[  657.346311][   T29] usb 4-1: config 0 descriptor??
[  657.352573][T11557] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  657.359864][T11557] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  657.467047][ T5725] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  657.805180][T11557] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  657.833415][T11557] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  658.089007][T11557] fuse: Bad value for 'fd'
[  658.196960][   T29] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  658.213186][   T29] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  658.227429][ T5725] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  658.287967][   T29] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  658.402180][ T5725] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.471193][   T29] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[  658.525997][ T5725] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  658.623213][   T29] usb 4-1: USB disconnect, device number 30
[  658.629714][ T5725] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.648601][ T5725] usb 2-1: config 0 descriptor??
[  659.889126][ T5725] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[  659.896138][ T5725] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[  659.906707][ T5725] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[  659.926497][ T5725] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[  659.957268][ T5725] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[  660.024216][ T5725] elan 0003:04F3:0755.0002: failed to start in urb: -90
[  660.071589][T11573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.080725][T11612] netlink: 'syz.3.1531': attribute type 1 has an invalid length.
[  660.088128][ T5725] elan 0003:04F3:0755.0002: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  660.101569][T11573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.113780][T11612] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1531'.
[  660.152282][T11616] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  660.166577][ T5725] usb 2-1: USB disconnect, device number 29
[  660.316942][T11618] fido_id[11618]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  661.318018][T11634] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1534'.
[  661.349968][T11634] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1534'.
[  661.372694][T11634] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1534'.
[  662.415302][T11120] Bluetooth: hci5: Frame reassembly failed (-84)
[  663.301271][   T29] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  663.811131][   T29] usb 5-1: device descriptor read/64, error -71
[  664.027701][T11668] FAULT_INJECTION: forcing a failure.
[  664.027701][T11668] name failslab, interval 1, probability 0, space 0, times 0
[  664.043963][T11668] CPU: 0 UID: 0 PID: 11668 Comm: syz.0.1546 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  664.043995][T11668] Tainted: [L]=SOFTLOCKUP
[  664.044002][T11668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  664.044010][T11668] Call Trace:
[  664.044014][T11668]  <TASK>
[  664.044019][T11668]  dump_stack_lvl+0x100/0x190
[  664.044038][T11668]  should_fail_ex.cold+0x5/0xa
[  664.044055][T11668]  ? tomoyo_encode2+0xfb/0x3c0
[  664.044070][T11668]  should_failslab+0xc2/0x120
[  664.044083][T11668]  __kmalloc_noprof+0xe0/0x850
[  664.044099][T11668]  ? d_absolute_path+0x136/0x1b0
[  664.044114][T11668]  tomoyo_encode2+0xfb/0x3c0
[  664.044135][T11668]  tomoyo_encode+0x29/0x50
[  664.044149][T11668]  tomoyo_realpath_from_path+0x18c/0x690
[  664.044168][T11668]  tomoyo_path_number_perm+0x23c/0x580
[  664.044182][T11668]  ? tomoyo_path_number_perm+0x22e/0x580
[  664.044196][T11668]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  664.044225][T11668]  ? find_held_lock+0x2b/0x80
[  664.044236][T11668]  ? __fget_files+0x215/0x3d0
[  664.044249][T11668]  ? hook_file_ioctl_common+0x149/0x410
[  664.044266][T11668]  ? __fget_files+0x215/0x3d0
[  664.044282][T11668]  ? __fget_files+0x21f/0x3d0
[  664.044298][T11668]  security_file_ioctl+0xd3/0x230
[  664.044313][T11668]  __x64_sys_ioctl+0xb7/0x210
[  664.044327][T11668]  do_syscall_64+0x10b/0xf80
[  664.044342][T11668]  ? clear_bhb_loop+0x40/0x90
[  664.044356][T11668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  664.044368][T11668] RIP: 0033:0x7f768419ce59
[  664.044378][T11668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  664.044389][T11668] RSP: 002b:00007f768504a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  664.044400][T11668] RAX: ffffffffffffffda RBX: 00007f7684415fa0 RCX: 00007f768419ce59
[  664.044407][T11668] RDX: 0000000000000000 RSI: 000000008004745a RDI: 0000000000000004
[  664.044414][T11668] RBP: 00007f768504a090 R08: 0000000000000000 R09: 0000000000000000
[  664.044421][T11668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  664.044427][T11668] R13: 00007f7684416038 R14: 00007f7684415fa0 R15: 00007fff15ef83f8
[  664.044442][T11668]  </TASK>
[  664.044454][T11668] ERROR: Out of memory at tomoyo_realpath_from_path.
[  664.161337][   T29] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  664.450250][T10663] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  664.485504][   T29] usb 5-1: device descriptor read/64, error -71
[  664.550602][   T30] audit: type=1400 audit(2000000065.910:464): avc:  denied  { connect } for  pid=11673 comm="syz.0.1548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  664.590304][T11672] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1549'.
[  664.633908][   T29] usb usb5-port1: attempt power cycle
[  664.641156][   T30] audit: type=1400 audit(2000000065.980:465): avc:  denied  { create } for  pid=11671 comm="syz.1.1549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  664.700583][T11672] SELinux: ebitmap: truncated map
[  664.729295][T11672] SELinux: failed to load policy
[  664.735920][   T30] audit: type=1400 audit(2000000066.040:466): avc:  denied  { load_policy } for  pid=11671 comm="syz.1.1549" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  665.057753][   T29] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  665.082388][   T29] usb 5-1: device descriptor read/8, error -71
[  665.727835][T11695] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  666.540982][T11702] overlayfs: failed to clone upperpath
[  666.727841][   T30] audit: type=1400 audit(2000000068.090:467): avc:  denied  { mounton } for  pid=11699 comm="syz.0.1556" path="/proc/1163/task" dev="proc" ino=31244 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  667.731310][   T29] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  667.892829][   T29] usb 5-1: Using ep0 maxpacket: 16
[  667.909977][   T29] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  667.928293][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  667.946170][T11729] input: syz0 as /devices/virtual/input/input20
[  667.963733][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  667.975553][   T29] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  668.130155][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  668.311969][   T30] audit: type=1400 audit(2000000069.640:468): avc:  denied  { search } for  pid=11734 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  668.335202][   T30] audit: type=1400 audit(2000000069.640:469): avc:  denied  { search } for  pid=11734 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=1772 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  668.335651][   T29] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  668.377705][   T29] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  668.398776][   T30] audit: type=1400 audit(2000000069.640:470): avc:  denied  { search } for  pid=11734 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  668.399235][   T29] usb 5-1: Manufacturer: syz
[  668.916631][   T30] audit: type=1400 audit(2000000069.640:471): avc:  denied  { search } for  pid=11734 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1777 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  668.940462][   T29] usb 5-1: config 0 descriptor??
[  668.954780][   T30] audit: type=1400 audit(2000000069.650:472): avc:  denied  { read } for  pid=11735 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1777 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  669.008281][   T30] audit: type=1400 audit(2000000069.650:473): avc:  denied  { read open } for  pid=11735 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1777 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  670.576986][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  670.577001][   T30] audit: type=1400 audit(2000000071.940:483): avc:  denied  { write } for  pid=11760 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  670.712426][   T30] audit: type=1400 audit(2000000071.940:484): avc:  denied  { remove_name } for  pid=11760 comm="rm" name="resolv.conf.lapb4.link" dev="tmpfs" ino=7844 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  670.744127][   T30] audit: type=1400 audit(2000000071.940:485): avc:  denied  { unlink } for  pid=11760 comm="rm" name="resolv.conf.lapb4.link" dev="tmpfs" ino=7844 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  671.312757][T10663] Bluetooth: hci0: command 0x0406 tx timeout
[  671.320417][T11348] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  671.328211][T11348] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  671.341191][   T29] rc_core: IR keymap rc-hauppauge not found
[  671.348629][   T29] Registered IR keymap rc-empty
[  671.353929][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  671.391296][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.011042][T11772] FAULT_INJECTION: forcing a failure.
[  672.011042][T11772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  672.015606][   T29] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  672.036195][T11772] CPU: 1 UID: 0 PID: 11772 Comm: syz.1.1574 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  672.036214][T11772] Tainted: [L]=SOFTLOCKUP
[  672.036218][T11772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  672.036225][T11772] Call Trace:
[  672.036229][T11772]  <TASK>
[  672.036234][T11772]  dump_stack_lvl+0x100/0x190
[  672.036253][T11772]  should_fail_ex.cold+0x5/0xa
[  672.036270][T11772]  _copy_from_user+0x2e/0xd0
[  672.036288][T11772]  copy_from_sockptr_offset.constprop.0+0x12c/0x150
[  672.036305][T11772]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  672.036324][T11772]  do_sock_getsockopt+0x530/0x6e0
[  672.036337][T11772]  ? __lock_acquire+0x4a5/0x2630
[  672.036354][T11772]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  672.036372][T11772]  ? find_held_lock+0x2b/0x80
[  672.036387][T11772]  ? __fget_files+0x21f/0x3d0
[  672.036405][T11772]  __sys_getsockopt+0x148/0x260
[  672.036421][T11772]  ? __x64_sys_getsockopt+0xbd/0x160
[  672.036431][T11772]  __x64_sys_getsockopt+0xbd/0x160
[  672.036441][T11772]  ? do_syscall_64+0x90/0xf80
[  672.036457][T11772]  ? lockdep_hardirqs_on+0x78/0x100
[  672.036472][T11772]  do_syscall_64+0x10b/0xf80
[  672.036487][T11772]  ? clear_bhb_loop+0x40/0x90
[  672.036501][T11772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.036512][T11772] RIP: 0033:0x7fcd1eb9ce59
[  672.036523][T11772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  672.036534][T11772] RSP: 002b:00007fcd1fa78028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  672.036546][T11772] RAX: ffffffffffffffda RBX: 00007fcd1ee16180 RCX: 00007fcd1eb9ce59
[  672.036553][T11772] RDX: 0000000000000003 RSI: 000000000000011c RDI: 0000000000000006
[  672.036560][T11772] RBP: 00007fcd1fa78090 R08: 0000000000000000 R09: 0000000000000000
[  672.036566][T11772] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  672.036573][T11772] R13: 00007fcd1ee16218 R14: 00007fcd1ee16180 R15: 00007ffd1e9368f8
[  672.036588][T11772]  </TASK>
[  672.243972][   T29] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input21
[  672.328517][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.351121][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.381221][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.402040][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.423843][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.451151][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.482484][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.516727][   T30] audit: type=1400 audit(2000000073.880:486): avc:  denied  { write } for  pid=11756 comm="syz.3.1571" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  672.542265][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  672.575406][T11782] vti0: entered promiscuous mode
[  672.594591][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  673.191327][   T29] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  673.226062][   T29] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  673.236406][   T29] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  673.259128][   T29] usb 5-1: USB disconnect, device number 38
[  673.390509][T11791] netlink: 'syz.1.1577': attribute type 2 has an invalid length.
[  673.401887][T10663] Bluetooth: hci1: command 0x0406 tx timeout
[  673.455597][T11797] netlink: 'syz.1.1577': attribute type 2 has an invalid length.
[  673.470617][T11348] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  673.495840][T11348] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  674.927929][   T30] audit: type=1400 audit(2000000076.290:487): avc:  denied  { write } for  pid=11775 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  675.083127][   T29] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  675.139188][   T30] audit: type=1400 audit(2000000076.500:488): avc:  denied  { write } for  pid=11827 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  675.271726][   T29] usb 4-1: Using ep0 maxpacket: 16
[  675.279055][T11833] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1586'.
[  675.297105][   T29] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  675.324450][   T29] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  675.356325][   T29] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  675.389004][   T29] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  675.514323][   T29] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  675.544293][   T29] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  675.614371][T11838] FAULT_INJECTION: forcing a failure.
[  675.614371][T11838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  675.628064][T11838] CPU: 0 UID: 0 PID: 11838 Comm: syz.0.1587 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  675.628097][T11838] Tainted: [L]=SOFTLOCKUP
[  675.628104][T11838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  675.628116][T11838] Call Trace:
[  675.628125][T11838]  <TASK>
[  675.628134][T11838]  dump_stack_lvl+0x100/0x190
[  675.628166][T11838]  should_fail_ex.cold+0x5/0xa
[  675.628196][T11838]  _copy_from_user+0x2e/0xd0
[  675.628228][T11838]  do_sys_poll+0x345/0xe90
[  675.628258][T11838]  ? __lock_acquire+0x4a5/0x2630
[  675.628290][T11838]  ? __pfx_do_sys_poll+0x10/0x10
[  675.628340][T11838]  ? find_held_lock+0x2b/0x80
[  675.628360][T11838]  ? finish_task_switch.isra.0+0x2c6/0x1010
[  675.628382][T11838]  ? finish_task_switch.isra.0+0x2c6/0x1010
[  675.628464][T11838]  ? __x64_sys_ppoll+0x293/0x350
[  675.628494][T11838]  __x64_sys_ppoll+0x2b5/0x350
[  675.628523][T11838]  ? __pfx___x64_sys_ppoll+0x10/0x10
[  675.628548][T11838]  ? ksys_write+0x1ac/0x250
[  675.628571][T11838]  ? __pfx_ksys_write+0x10/0x10
[  675.628593][T11838]  ? trace_irq_enable.constprop.0+0x31/0x160
[  675.628625][T11838]  ? rcu_is_watching+0x12/0xc0
[  675.628660][T11838]  do_syscall_64+0x10b/0xf80
[  675.628688][T11838]  ? clear_bhb_loop+0x40/0x90
[  675.628714][T11838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  675.628736][T11838] RIP: 0033:0x7f768419ce59
[  675.628754][T11838] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  675.628774][T11838] RSP: 002b:00007f7685008028 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  675.628794][T11838] RAX: ffffffffffffffda RBX: 00007f7684416180 RCX: 00007f768419ce59
[  675.628808][T11838] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  675.628821][T11838] RBP: 00007f7685008090 R08: 0000000000000000 R09: 0000000000000000
[  675.628834][T11838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  675.628846][T11838] R13: 00007f7684416218 R14: 00007f7684416180 R15: 00007fff15ef83f8
[  675.628875][T11838]  </TASK>
[  675.629882][T10663] Bluetooth: hci2: command 0x0406 tx timeout
[  675.804539][T11348] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  675.848745][   T29] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  675.870985][   T29] usb 4-1: Manufacturer: syz
[  675.899515][   T29] usb 4-1: config 0 descriptor??
[  675.995294][T11348] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  676.619089][   T30] audit: type=1400 audit(2000000077.980:489): avc:  denied  { write } for  pid=11834 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  677.055645][   T30] audit: type=1400 audit(2000000078.110:490): avc:  denied  { name_bind } for  pid=11853 comm="syz.0.1589" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  677.359914][T11861] Mount JFS Failure: -5
[  678.121072][T10663] Bluetooth: hci3: command 0x0406 tx timeout
[  678.145119][T11348] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  678.196663][T11348] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  678.245799][   T30] audit: type=1400 audit(2000000079.610:491): avc:  denied  { write } for  pid=11859 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  678.267880][   T29] rc_core: IR keymap rc-hauppauge not found
[  678.267899][   T29] Registered IR keymap rc-empty
[  678.268014][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  678.281174][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  678.323601][   T29] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  679.175472][   T29] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input22
[  679.462066][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  679.483655][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  679.971166][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.001127][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.138183][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.161403][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.201860][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.318275][T10663] Bluetooth: hci4: command 0x0406 tx timeout
[  680.331800][T11348] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  680.441341][T11891] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1598'.
[  680.743488][T11348] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[  680.831218][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.871159][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.903147][   T29] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  680.965199][   T29] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  681.012970][   T29] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  681.170143][   T29] usb 4-1: USB disconnect, device number 31
[  683.207773][   T30] audit: type=1400 audit(2000000084.530:492): avc:  denied  { append } for  pid=11915 comm="syz.1.1604" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  684.401678][   T30] audit: type=1400 audit(2000000085.720:493): avc:  denied  { write } for  pid=11875 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  684.680126][   T30] audit: type=1400 audit(2000000085.980:494): avc:  denied  { write } for  pid=11928 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  684.766022][T11937] FAULT_INJECTION: forcing a failure.
[  684.766022][T11937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  684.766046][T11937] CPU: 0 UID: 0 PID: 11937 Comm: syz.0.1608 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  684.766062][T11937] Tainted: [L]=SOFTLOCKUP
[  684.766066][T11937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  684.766073][T11937] Call Trace:
[  684.766077][T11937]  <TASK>
[  684.766081][T11937]  dump_stack_lvl+0x100/0x190
[  684.766099][T11937]  should_fail_ex.cold+0x5/0xa
[  684.766116][T11937]  strncpy_from_user+0x3b/0x2d0
[  684.766136][T11937]  do_getname+0x78/0x390
[  684.766155][T11937]  do_sys_openat2+0xc5/0x1e0
[  684.766171][T11937]  ? __pfx_do_sys_openat2+0x10/0x10
[  684.766189][T11937]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  684.766208][T11937]  ? __fget_files+0x21f/0x3d0
[  684.766225][T11937]  __x64_sys_openat+0x12d/0x210
[  684.766241][T11937]  ? __pfx___x64_sys_openat+0x10/0x10
[  684.766256][T11937]  ? ksys_write+0x1ac/0x250
[  684.766270][T11937]  ? rcu_is_watching+0x12/0xc0
[  684.766290][T11937]  do_syscall_64+0x10b/0xf80
[  684.766306][T11937]  ? clear_bhb_loop+0x40/0x90
[  684.766319][T11937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.766330][T11937] RIP: 0033:0x7f768419ce59
[  684.766340][T11937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  684.766351][T11937] RSP: 002b:00007f768504a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  684.766362][T11937] RAX: ffffffffffffffda RBX: 00007f7684415fa0 RCX: 00007f768419ce59
[  684.766370][T11937] RDX: 0000000000028a43 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  684.766377][T11937] RBP: 00007f768504a090 R08: 0000000000000000 R09: 0000000000000000
[  684.766383][T11937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  684.766390][T11937] R13: 00007f7684416038 R14: 00007f7684415fa0 R15: 00007fff15ef83f8
[  684.766405][T11937]  </TASK>
[  684.948608][T11945] FAULT_INJECTION: forcing a failure.
[  684.948608][T11945] name failslab, interval 1, probability 0, space 0, times 0
[  684.948639][T11945] CPU: 0 UID: 0 PID: 11945 Comm: syz.0.1609 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  684.948655][T11945] Tainted: [L]=SOFTLOCKUP
[  684.948659][T11945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  684.948666][T11945] Call Trace:
[  684.948670][T11945]  <TASK>
[  684.948674][T11945]  dump_stack_lvl+0x100/0x190
[  684.948693][T11945]  should_fail_ex.cold+0x5/0xa
[  684.948709][T11945]  ? tomoyo_encode2+0xfb/0x3c0
[  684.948725][T11945]  should_failslab+0xc2/0x120
[  684.948738][T11945]  __kmalloc_noprof+0xe0/0x850
[  684.948758][T11945]  tomoyo_encode2+0xfb/0x3c0
[  684.948775][T11945]  tomoyo_encode+0x29/0x50
[  684.948795][T11945]  tomoyo_realpath_from_path+0x18c/0x690
[  684.948814][T11945]  tomoyo_path_number_perm+0x23c/0x580
[  684.948827][T11945]  ? tomoyo_path_number_perm+0x22e/0x580
[  684.948841][T11945]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  684.948870][T11945]  ? find_held_lock+0x2b/0x80
[  684.948881][T11945]  ? __fget_files+0x215/0x3d0
[  684.948895][T11945]  ? hook_file_ioctl_common+0x149/0x410
[  684.948912][T11945]  ? __fget_files+0x215/0x3d0
[  684.948927][T11945]  ? __fget_files+0x21f/0x3d0
[  684.948944][T11945]  security_file_ioctl+0xd3/0x230
[  684.948961][T11945]  __x64_sys_ioctl+0xb7/0x210
[  684.948974][T11945]  do_syscall_64+0x10b/0xf80
[  684.948990][T11945]  ? clear_bhb_loop+0x40/0x90
[  684.949004][T11945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.949016][T11945] RIP: 0033:0x7f768419ce59
[  684.949025][T11945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  684.949036][T11945] RSP: 002b:00007f768504a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  684.949047][T11945] RAX: ffffffffffffffda RBX: 00007f7684415fa0 RCX: 00007f768419ce59
[  684.949055][T11945] RDX: 0000200000000340 RSI: 00000000400448c8 RDI: 0000000000000004
[  684.949063][T11945] RBP: 00007f768504a090 R08: 0000000000000000 R09: 0000000000000000
[  684.949071][T11945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  684.949077][T11945] R13: 00007f7684416038 R14: 00007f7684415fa0 R15: 00007fff15ef83f8
[  684.949092][T11945]  </TASK>
[  684.952759][T11945] ERROR: Out of memory at tomoyo_realpath_from_path.
[  685.237924][T11954] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  685.685437][ T1310] ieee802154 phy1 wpan1: encryption failed: -22
[  687.641301][T11972] Mount JFS Failure: -5
[  687.837540][   T30] audit: type=1400 audit(2000000089.200:495): avc:  denied  { write } for  pid=11939 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  688.496377][T11983] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1616'.
[  688.940988][   T30] audit: type=1400 audit(2000000090.300:496): avc:  denied  { watch watch_reads } for  pid=11985 comm="syz.0.1618" path="pipe:[32462]" dev="pipefs" ino=32462 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  689.270388][   T30] audit: type=1326 audit(2000000090.630:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  689.745846][   T30] audit: type=1326 audit(2000000090.630:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  689.837227][   T30] audit: type=1326 audit(2000000090.630:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  689.991073][   T30] audit: type=1326 audit(2000000090.630:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  690.088901][   T30] audit: type=1400 audit(2000000090.650:501): avc:  denied  { write } for  pid=11992 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  690.111457][    T9] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  690.170669][T12000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  690.184014][   T30] audit: type=1326 audit(2000000091.120:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  690.201647][ T5718] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  690.219472][T12000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  690.235186][   T30] audit: type=1326 audit(2000000091.120:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  690.333937][T12011] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  690.545422][ T5718] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  690.831482][    T9] usb 4-1: Using ep0 maxpacket: 32
[  690.839375][    T9] usb 4-1: config 0 has an invalid interface number: 83 but max is 0
[  690.851076][    T9] usb 4-1: config 0 has no interface number 0
[  690.857286][   T30] audit: type=1326 audit(2000000091.120:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  690.884339][    T9] usb 4-1: config 0 interface 83 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 777
[  690.908146][    T9] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=d8.11
[  690.948088][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.974407][   T30] audit: type=1326 audit(2000000091.120:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11990 comm="syz.3.1620" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6f0399ce59 code=0x7ffc0000
[  691.012958][    T9] usb 4-1: Product: syz
[  691.028775][    T9] usb 4-1: Manufacturer: syz
[  691.045251][    T9] usb 4-1: SerialNumber: syz
[  691.065734][    T9] usb 4-1: config 0 descriptor??
[  691.098458][T11993] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  691.136824][    T9] redrat3 4-1:0.83: Couldn't find all endpoints
[  692.243592][ T2225] usb 4-1: USB disconnect, device number 32
[  693.872391][T12048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.012648][T12048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  694.060841][T12048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.093214][T12048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  694.115473][T12048] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  694.388250][T12048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.437836][T12048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  695.229005][   T30] kauditd_printk_skb: 80 callbacks suppressed
[  695.229037][   T30] audit: type=1326 audit(2000000096.540:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.538403][   T30] audit: type=1326 audit(2000000096.540:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.630577][   T30] audit: type=1326 audit(2000000096.540:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.687197][   T30] audit: type=1326 audit(2000000096.540:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.760748][   T30] audit: type=1326 audit(2000000096.540:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.824927][   T30] audit: type=1326 audit(2000000096.540:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.883683][   T30] audit: type=1326 audit(2000000096.550:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  695.927372][   T30] audit: type=1326 audit(2000000096.550:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  696.033526][   T30] audit: type=1326 audit(2000000096.550:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  696.035942][T12081] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[  696.104933][T12081] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  696.113461][   T30] audit: type=1326 audit(2000000096.550:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12064 comm="syz.2.1637" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f810179ce59 code=0x7ffc0000
[  696.140786][T12081] overlayfs: failed to get uuid (307/file2, err=-13); falling back to uuid=null.
[  697.690764][T12104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  697.761675][T12104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  697.827449][T12104] fuse: Bad value for 'fd'
[  698.517301][T12118] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  699.231119][ T8688] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  699.424707][ T8688] usb 2-1: config 0 has no interfaces?
[  699.442350][ T8688] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  699.465319][ T8688] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  699.512994][ T8688] usb 2-1: SerialNumber: syz
[  699.561881][ T8688] usb 2-1: config 0 descriptor??
[  699.791876][T12131] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1658'.
[  700.498537][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  700.498554][   T30] audit: type=1400 audit(2000000101.860:662): avc:  denied  { read } for  pid=12115 comm="syz.1.1652" path="socket:[32958]" dev="sockfs" ino=32958 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  700.556571][T12117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  700.582201][T12117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  701.725388][ T8688] usb 2-1: USB disconnect, device number 30
[  702.322087][ T5718] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  702.503150][ T5718] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  702.536554][ T5718] usb 2-1: config 0 has no interface number 0
[  702.560215][ T5718] usb 2-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  702.661359][ T5718] usb 2-1: config 0 interface 67 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  703.077141][ T5718] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  703.174596][ T5718] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.201082][ T5718] usb 2-1: Product: syz
[  703.217733][ T5718] usb 2-1: Manufacturer: syz
[  703.235344][ T5718] usb 2-1: SerialNumber: syz
[  703.254499][ T5718] usb 2-1: config 0 descriptor??
[  703.280677][T12154] netlink: 5204 bytes leftover after parsing attributes in process `syz.4.1661'.
[  703.283036][T12146] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  703.349149][T12146] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  703.763597][T12146] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  704.196857][T12164] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1669'.
[  704.435178][T12146] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  704.496912][T12170] fuse: Bad value for 'fd'
[  704.523913][ T5718] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  704.550776][ T5610] udevd[5610]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory
[  704.723500][ T5718] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  704.743376][ T5718] usb 2-1: USB disconnect, device number 31
[  707.567578][   T30] audit: type=1326 audit(2000000108.220:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd1eb9ce59 code=0x7ffc0000
[  707.740204][   T30] audit: type=1326 audit(2000000108.220:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd1eb9ce59 code=0x7ffc0000
[  707.827346][T12197] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1679'.
[  707.863188][   T30] audit: type=1326 audit(2000000108.220:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7fcd1eb9ce59 code=0x7ffc0000
[  708.528696][T12208] Mount JFS Failure: -5
[  709.091563][T12204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1604 sclass=netlink_route_socket pid=12204 comm=syz.2.1679
[  710.114535][T10663] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  710.173239][ T5609] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  710.252323][T10663] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  710.443663][T10663] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  710.652193][T10663] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  710.684238][T10663] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  711.010223][   T30] audit: type=1326 audit(2000000108.220:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd1eb9ce59 code=0x7ffc0000
[  711.049395][ T9741] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  711.067073][ T9741] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  711.092518][ T9741] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  711.110382][ T9741] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  711.125493][ T9741] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  711.161554][   T30] audit: type=1326 audit(2000000108.220:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcd1eb5d68e code=0x7ffc0000
[  711.314673][   T30] audit: type=1326 audit(2000000108.220:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcd1eb5d68e code=0x7ffc0000
[  711.421761][   T30] audit: type=1326 audit(2000000108.970:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd1eb9ce59 code=0x7ffc0000
[  711.530646][   T30] audit: type=1326 audit(2000000108.970:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12185 comm="syz.1.1675" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd1eb9ce59 code=0x7ffc0000
[  711.981474][ T1342] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  712.003757][ T1342] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.167081][T10663] Bluetooth: hci6: command tx timeout
[  716.485377][ T1342] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  716.529973][ T1342] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.551685][ T8688] usb 5-1: new full-speed USB device number 39 using dummy_hcd
[  716.741175][ T8688] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  716.760260][ T1342] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  716.781068][ T8688] usb 5-1: config 0 has no interface number 0
[  716.787516][ T8688] usb 5-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  716.803836][ T1342] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.829770][ T8688] usb 5-1: config 0 interface 67 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  716.858428][ T8688] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  716.878412][ T8688] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  716.898180][ T8688] usb 5-1: Product: syz
[  716.907140][ T8688] usb 5-1: Manufacturer: syz
[  716.921274][ T8688] usb 5-1: SerialNumber: syz
[  716.932847][ T1342] bridge0: port 3(netdevsim0) entered disabled state
[  716.958547][ T1342] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode
[  716.969896][ T1342] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[  716.979857][ T8688] usb 5-1: config 0 descriptor??
[  716.982257][ T1342] bridge0: port 3(netdevsim0) entered disabled state
[  717.001865][T12242] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  717.009278][T12242] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  717.019906][ T1342] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  717.052776][ T1342] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.241479][ T9741] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  717.242110][ T5609] Bluetooth: hci4: command 0x1003 tx timeout
[  717.256835][T10663] Bluetooth: hci6: command tx timeout
[  717.273095][T12242] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  717.294449][T12242] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  717.370855][   T30] audit: type=1400 audit(2000000118.730:671): avc:  denied  { read } for  pid=5274 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  717.579817][ T8688] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  717.583182][T12242] fuse: Bad value for 'fd'
[  717.626731][ T8688] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  718.101805][ T8688] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  718.135633][ T8688] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71
[  718.143767][T12257] netlink: 5204 bytes leftover after parsing attributes in process `syz.1.1688'.
[  718.252411][ T8688] usb 5-1: USB disconnect, device number 39
[  718.433258][T12215] udevd[12215]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[  718.456893][ T1342] bridge_slave_1: left allmulticast mode
[  718.462435][T12263] FAULT_INJECTION: forcing a failure.
[  718.462435][T12263] name failslab, interval 1, probability 0, space 0, times 0
[  718.510302][ T1342] bridge_slave_1: left promiscuous mode
[  718.531566][ T1342] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.535443][T12263] CPU: 0 UID: 0 PID: 12263 Comm: syz.1.1689 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  718.535476][T12263] Tainted: [L]=SOFTLOCKUP
[  718.535483][T12263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  718.535495][T12263] Call Trace:
[  718.535501][T12263]  <TASK>
[  718.535509][T12263]  dump_stack_lvl+0x100/0x190
[  718.535538][T12263]  should_fail_ex.cold+0x5/0xa
[  718.535567][T12263]  ? sock_kmalloc+0x111/0x170
[  718.535592][T12263]  should_failslab+0xc2/0x120
[  718.535615][T12263]  __kmalloc_noprof+0xe0/0x850
[  718.535643][T12263]  ? do_raw_spin_lock+0x128/0x260
[  718.535678][T12263]  sock_kmalloc+0x111/0x170
[  718.535705][T12263]  af_alg_alloc_areq+0xbc/0x240
[  718.535732][T12263]  skcipher_recvmsg+0x314/0x1060
[  718.535770][T12263]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  718.535801][T12263]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  718.535830][T12263]  sock_recvmsg+0x1a4/0x1f0
[  718.535857][T12263]  ____sys_recvmsg+0x218/0x640
[  718.535887][T12263]  ? __pfx_____sys_recvmsg+0x10/0x10
[  718.535924][T12263]  ? __lock_acquire+0x4a5/0x2630
[  718.535954][T12263]  ___sys_recvmsg+0x16a/0x1a0
[  718.535982][T12263]  ? __pfx____sys_recvmsg+0x10/0x10
[  718.536040][T12263]  __sys_recvmsg+0x16d/0x220
[  718.536062][T12263]  ? __pfx___sys_recvmsg+0x10/0x10
[  718.536095][T12263]  ? rcu_is_watching+0x12/0xc0
[  718.536129][T12263]  do_syscall_64+0x10b/0xf80
[  718.536156][T12263]  ? clear_bhb_loop+0x40/0x90
[  718.536181][T12263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.536201][T12263] RIP: 0033:0x7fcd1eb9ce59
[  718.536216][T12263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  718.536236][T12263] RSP: 002b:00007fcd1faba028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  718.536255][T12263] RAX: ffffffffffffffda RBX: 00007fcd1ee15fa0 RCX: 00007fcd1eb9ce59
[  718.536268][T12263] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  718.536280][T12263] RBP: 00007fcd1faba090 R08: 0000000000000000 R09: 0000000000000000
[  718.536292][T12263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  718.536304][T12263] R13: 00007fcd1ee16038 R14: 00007fcd1ee15fa0 R15: 00007ffd1e9368f8
[  718.536332][T12263]  </TASK>
[  718.808203][ T1342] bridge_slave_0: left allmulticast mode
[  718.833535][ T1342] bridge_slave_0: left promiscuous mode
[  718.850597][T12270] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x362aa
[  718.868164][ T1342] bridge0: port 1(bridge_slave_0) entered disabled state
[  718.884649][   T30] audit: type=1400 audit(2000000120.230:672): avc:  denied  { write } for  pid=12273 comm="syz.4.1692" path="socket:[33243]" dev="sockfs" ino=33243 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  718.926818][   T30] audit: type=1400 audit(2000000120.230:673): avc:  denied  { accept } for  pid=12273 comm="syz.4.1692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  718.938839][T12270] memcg:ffff88807b1d1400
[  719.003090][T12270] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff)
[  719.028934][T12270] raw: 00fff00000000001 0000000000000000 dead000000000122 0000000000000000
[  719.038149][T12270] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff88807b1d1400
[  719.047497][T12270] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping))
[  719.058097][T12270] page_owner tracks the page as allocated
[  719.066755][   T30] audit: type=1400 audit(2000000120.430:674): avc:  denied  { read } for  pid=4961 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  719.088679][T12270] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 12270, tgid 12270 (syz.1.1691), ts 718850560296, free_ts 718402126278
[  719.088800][T12270]  post_alloc_hook+0x153/0x170
[  719.164948][T12270]  get_page_from_freelist+0x11a6/0x33b0
[  719.166075][   T30] audit: type=1400 audit(2000000120.430:675): avc:  denied  { search } for  pid=4961 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  719.175306][T12270]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  719.202440][   T30] audit: type=1400 audit(2000000120.430:676): avc:  denied  { write search } for  pid=4961 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  719.229776][   T30] audit: type=1400 audit(2000000120.430:677): avc:  denied  { add_name } for  pid=4961 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  719.234620][T12270]  alloc_pages_mpol+0x1fb/0x540
[  719.253524][   T30] audit: type=1400 audit(2000000120.430:678): avc:  denied  { create } for  pid=4961 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  719.276346][   T30] audit: type=1400 audit(2000000120.430:679): avc:  denied  { append open } for  pid=4961 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  719.291085][T12270]  folio_alloc_noprof+0x22/0x250
[  719.306590][   T30] audit: type=1400 audit(2000000120.430:680): avc:  denied  { getattr } for  pid=4961 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  719.321051][T12270]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  719.336213][ T9741] Bluetooth: hci6: command tx timeout
[  719.352967][T12270]  filemap_alloc_folio_noprof+0x5e/0x80
[  719.376934][T12270]  page_cache_ra_order+0x54b/0xf10
[  719.391414][T12270]  filemap_fault+0x1900/0x2e90
[  719.410944][T12270]  __do_fault+0x10b/0x440
[  719.434975][T12270]  do_fault+0x2db/0x1750
[  719.454165][T12270]  __handle_mm_fault+0x187d/0x2a00
[  719.462998][T12270]  handle_mm_fault+0x36d/0xa20
[  719.477454][T12270]  do_user_addr_fault+0x5a3/0x12f0
[  719.499089][T12270]  exc_page_fault+0x6f/0xd0
[  719.503926][T12270]  asm_exc_page_fault+0x26/0x30
[  719.508882][T12270] page last free pid 23 tgid 23 stack trace:
[  719.527038][T12270]  __free_frozen_pages+0x747/0x1040
[  719.542504][T12270]  tlb_remove_table_rcu+0x2cf/0x380
[  719.552717][T12288] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12288 comm=syz.0.1694
[  719.566200][T12270]  rcu_core+0x5a2/0x10d0
[  719.570556][T12270]  handle_softirqs+0x1ea/0xa00
[  719.575470][T12270]  run_ksoftirqd+0x38/0x60
[  719.584430][T12270]  smpboot_thread_fn+0x3d3/0xaa0
[  719.595361][T12270]  kthread+0x370/0x450
[  719.603360][T12270]  ret_from_fork+0x72b/0xd50
[  719.614151][T12270]  ret_from_fork_asm+0x1a/0x30
[  719.669707][T12270] ------------[ cut here ]------------
[  719.675667][T12270] kernel BUG at mm/filemap.c:859!
[  719.716721][T12270] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  719.723164][T12270] CPU: 0 UID: 0 PID: 12270 Comm: syz.1.1691 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  719.734083][T12270] Tainted: [L]=SOFTLOCKUP
[  719.738381][T12270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  719.748434][T12270] RIP: 0010:__filemap_add_folio+0xf81/0x1350
[  719.754408][T12270] Code: a5 9e c3 ff 48 8d 3d ae 01 97 0e 67 48 0f b9 3a e9 07 fd ff ff e8 8f 9e c3 ff 48 c7 c6 60 56 bd 8b 4c 89 ef e8 a0 bb 12 00 90 <0f> 0b 4c 8b 6c 24 60 e8 73 9e c3 ff 48 c7 84 24 a0 00 00 00 03 00
[  719.773998][T12270] RSP: 0018:ffffc9000fb97820 EFLAGS: 00010293
[  719.780049][T12270] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  719.787997][T12270] RDX: ffff88802fa34a00 RSI: ffffffff8257cc88 RDI: ffff88802fa34ec4
[  719.795963][T12270] RBP: 0000000000112cc0 R08: 0000000000000001 R09: 0000000000000000
[  719.803911][T12270] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000004
[  719.811864][T12270] R13: ffffea0000d8aa80 R14: 0000000000000000 R15: 1ffff92001f72f2f
[  719.819819][T12270] FS:  0000555555793500(0000) GS:ffff88812436d000(0000) knlGS:0000000000000000
[  719.829110][T12270] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  719.835675][T12270] CR2: 000055c2ffb8cda8 CR3: 000000007b65e000 CR4: 00000000003526f0
[  719.843711][T12270] Call Trace:
[  719.846966][T12270]  <TASK>
[  719.849881][T12270]  ? __pfx___filemap_add_folio+0x10/0x10
[  719.855515][T12270]  filemap_add_folio+0x1d8/0x690
[  719.860440][T12270]  ? __lock_acquire+0x4a5/0x2630
[  719.865360][T12270]  ? __pfx_filemap_add_folio+0x10/0x10
[  719.870807][T12270]  page_cache_ra_order+0x614/0xf10
[  719.875912][T12270]  filemap_fault+0x1900/0x2e90
[  719.880658][T12270]  ? __pfx_filemap_fault+0x10/0x10
[  719.885750][T12270]  ? __pfx_filemap_map_pages+0x10/0x10
[  719.891193][T12270]  __do_fault+0x10b/0x440
[  719.895503][T12270]  do_fault+0x2db/0x1750
[  719.899727][T12270]  ? __lock_acquire+0x4a5/0x2630
[  719.904647][T12270]  __handle_mm_fault+0x187d/0x2a00
[  719.909743][T12270]  ? reacquire_held_locks+0xce/0x1e0
[  719.915018][T12270]  ? __pfx___handle_mm_fault+0x10/0x10
[  719.920463][T12270]  ? lock_vma_under_rcu+0x17c/0x590
[  719.925651][T12270]  handle_mm_fault+0x36d/0xa20
[  719.930402][T12270]  do_user_addr_fault+0x5a3/0x12f0
[  719.935502][T12270]  exc_page_fault+0x6f/0xd0
[  719.939990][T12270]  asm_exc_page_fault+0x26/0x30
[  719.944825][T12270] RIP: 0033:0x7fcd1ea727f7
[  719.949218][T12270] Code: 83 ea 01 48 d3 e2 44 89 c1 49 d3 e1 f7 d2 89 c1 22 17 49 f7 d1 89 d0 4c 21 ce 48 d3 e6 09 f0 88 07 c3 90 48 85 d2 75 98 89 f0 <88> 07 c3 48 89 d7 e8 6e 22 fe ff 66 2e 0f 1f 84 00 00 00 00 00 66
[  719.968805][T12270] RSP: 002b:00007ffd1e936a18 EFLAGS: 00010246
[  719.974851][T12270] RAX: 0000000000000012 RBX: 0000000000000001 RCX: 0000000000000000
[  719.982805][T12270] RDX: 0000000000000000 RSI: 0000000000000012 RDI: 0000200000000e40
[  719.990752][T12270] RBP: 00007ffd1e936b40 R08: 0000000000000000 R09: 0000000000000000
[  719.998701][T12270] R10: 0000000000000012 R11: 0000000000000000 R12: 00007ffd1e936b80
[  720.006669][T12270] R13: 00007fcd1ee1609c R14: 00000000000af717 R15: 00007fcd1ee16090
[  720.014625][T12270]  </TASK>
[  720.017635][T12270] Modules linked in:
[  720.028545][T12270] ---[ end trace 0000000000000000 ]---
[  720.034453][T12270] RIP: 0010:__filemap_add_folio+0xf81/0x1350
[  720.040658][T12270] Code: a5 9e c3 ff 48 8d 3d ae 01 97 0e 67 48 0f b9 3a e9 07 fd ff ff e8 8f 9e c3 ff 48 c7 c6 60 56 bd 8b 4c 89 ef e8 a0 bb 12 00 90 <0f> 0b 4c 8b 6c 24 60 e8 73 9e c3 ff 48 c7 84 24 a0 00 00 00 03 00
[  720.060617][T12270] RSP: 0018:ffffc9000fb97820 EFLAGS: 00010293
[  720.067090][T12270] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  720.075644][T12270] RDX: ffff88802fa34a00 RSI: ffffffff8257cc88 RDI: ffff88802fa34ec4
[  720.100022][T12270] RBP: 0000000000112cc0 R08: 0000000000000001 R09: 0000000000000000
[  720.113893][T12270] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000004
[  720.121995][T12270] R13: ffffea0000d8aa80 R14: 0000000000000000 R15: 1ffff92001f72f2f
[  720.130932][T12270] FS:  0000555555793500(0000) GS:ffff88812446d000(0000) knlGS:0000000000000000
[  720.149215][T12270] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  720.160041][T12270] CR2: 00007f76843ea2f8 CR3: 000000007b65e000 CR4: 00000000003526f0
[  720.169244][T12270] Kernel panic - not syncing: Fatal exception
[  720.175547][T12270] Kernel Offset: disabled
[  720.179848][T12270] Rebooting in 86400 seconds..