last executing test programs:

2m38.20394389s ago: executing program 1 (id=496):
r0 = socket(0x1f, 0x2, 0x9e)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
r1 = openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
write$proc_mixer(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x140c, 0x3a0, 0x70bd28, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x40000)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000940)={{0x0, 0x2000, 0x0, 0xffff}, 'syz0\x00'})
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r2, 0x5501)
write$input_event(r2, &(0x7f00000002c0)={{0x77359400}, 0x12, 0xfe01}, 0x18)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_freezer_state(r4, &(0x7f0000000140), 0x2, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r6, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r6, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r6, 0x7a6, &(0x7f0000000040)={0x7, 0x2, 0x7, 0x4d942c23, 0x4, 0x3})
write$cgroup_freezer_state(r5, &(0x7f0000000040)='FROZEN\x00', 0x7)
mkdirat$cgroup(r4, &(0x7f0000000100)='syz0\x00', 0x1ff)
sendfile(r5, r5, 0x0, 0x9)

2m33.37311077s ago: executing program 1 (id=501):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0xff, 0x0, 0x7ffc0002}]})
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20200, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18)
getsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000003080)=""/4099, &(0x7f0000000100)=0x1003)
epoll_create(0x10001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5000000013000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000102a00030073797a5f74756e0000000000000000a82e001a80187f0a8014000700fc0200"/56], 0x50}}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x88200, 0x0)
r2 = syz_io_uring_setup(0x4a2f, &(0x7f0000000200)={0x0, 0x52bf, 0x10100, 0x0, 0x10008004}, &(0x7f0000001480), &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x200000, 0x0, 0x20000000, 0x3a8}, &(0x7f0000001440)=<r4=>0x0, &(0x7f0000000180))
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r5, 0x1, 0x23, &(0x7f0000000000)=0x7, 0x4)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r5, &(0x7f0000003040)=[{{0x0, 0x0, 0x0}, 0x4c}], 0x1, 0x40000000, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r2, 0x6ed2, 0x8000dae5, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0)
close(r7)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000000)=0xb)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000040)={0x7, 0x80, 0x9, 0x110, 0x1b, "96010000000000000000000000000000000008"})
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)

2m31.91619787s ago: executing program 1 (id=506):
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="a40000003a002902000000000000a60002"], 0xa4}}, 0x0)

2m30.877506408s ago: executing program 1 (id=511):
r0 = io_uring_setup(0x7ffa, &(0x7f0000000280)={0x0, 0x4170, 0x1000, 0x0, 0x2e6})
r1 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000000c0), 0x4)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="041406dcc900000600a6b4ba41b92842a4968f15717ab73bfe5ab155c97036"], 0x9)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
io_uring_setup(0x2a5a, &(0x7f0000000080)={0x0, 0x52c4, 0x4000, 0xffffffff, 0x51, 0x0, r0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000200)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x3, 0xffffff23}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x1b, &(0x7f0000000600)=@raw=[@map_idx={0x18, 0xc1f3c2f354e929a7, 0x5, 0x0, 0xe}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x8}, @jmp={0x5, 0x0, 0xb, 0x3, 0x9, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @call={0x85, 0x0, 0x0, 0x52}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xba}}], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0)
close(r6)
write$P9_RREMOVE(r6, &(0x7f0000000180)={0x7, 0x7b, 0x2}, 0x7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r6, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x3000)
msgsnd(0x0, &(0x7f0000000300)={0x1}, 0x8, 0x800)

2m30.11942737s ago: executing program 1 (id=514):
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) (async)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x3131354f, [0x400, 0x8000000], [0x8200, 0x1]}}}) (async)
ioctl$VIDIOC_QBUF(r3, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x10, 0x2, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "001500"}, 0x0, 0x2, {<r4=>0xffffffffffffffff}, 0xfffffffc}) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfad6, 0x200}, &(0x7f0000000300)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x18, 0x0, @fd, 0x6, {}, 0x5, 0x15}) (async)
io_uring_enter(r5, 0x47f5, 0x0, 0x0, 0x0, 0x0)
r8 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
r9 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0xfffffffffffffdbc, 0x0) (async)
syz_emit_ethernet(0x46, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00102b00fc020000000000000000000000000000fe8000000000000000000000002500aa67000000000000000000000000089078"], 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0) (async)
r11 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
sendmsg$nl_route(r10, &(0x7f00000003c0)={0x0, 0xffffffffffffff77, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="3400000011000500040000000000000007000000", @ANYRES32=r4, @ANYRES32=r3, @ANYRESHEX=r5], 0x34}, 0x1, 0x0, 0x0, 0x20000890}, 0x0) (async)
sendto$inet(r9, &(0x7f0000000100)="262573c787a95c9f7f138ac5dc5c172732df95c95eefe9d5589840fb5881b3c6b2b7f5515ad290cf114dd33c46408acc6546c5ae3856c4c4fff9b296ccae8dc4c5025fd45fe4931e76d77d9b5676cefe46b8fa5da3d984c70e2c0faff894d582d6a5dc138544221e8910253b89fe5e2c5846ae0ec17e5fb481c439ade2a8c969abdf9eb2df22d6182cf20e703ccea3ccd096a85c9b8f54c2244cdc8cfb44540e9d06e82b6776", 0xa6, 0x4000, &(0x7f0000000200)={0x2, 0x4e23, @broadcast}, 0x10) (async)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0xd) (async)
r12 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r12, &(0x7f0000000080)={0x30000000})

2m26.192396274s ago: executing program 1 (id=525):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0x0, 0x8, 0xfa04, 0x0, 0x6c02, 0x178, 0x194, 0x194, 0x178, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'sit0\x00', 'ip6_vti0\x00', {}, {}, 0x6, 0x0, 0x4a}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@inet=@ecn={{0x28}, {0x10, 0x20, 0x5, 0x8}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0xffff, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270)
r4 = openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000400), 0x12)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x16d)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@initdev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe8)
fchownat(r5, 0xffffffffffffffff, r6, 0x0, 0x1000)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x80, 0x0, 0xfefc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x103, 0x0})

2m10.328458358s ago: executing program 32 (id=525):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0x0, 0x8, 0xfa04, 0x0, 0x6c02, 0x178, 0x194, 0x194, 0x178, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'sit0\x00', 'ip6_vti0\x00', {}, {}, 0x6, 0x0, 0x4a}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@inet=@ecn={{0x28}, {0x10, 0x20, 0x5, 0x8}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0xffff, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270)
r4 = openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000400), 0x12)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x16d)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@initdev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe8)
fchownat(r5, 0xffffffffffffffff, r6, 0x0, 0x1000)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x80, 0x0, 0xfefc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x103, 0x0})

13.100021475s ago: executing program 0 (id=908):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local}], 0x10)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000280)=0x3, 0x4)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="a40000003a002902000000000000a60002"], 0xa4}}, 0x0)

12.312588774s ago: executing program 5 (id=915):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880)
connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}}}, 0x1e)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="081500000005110400000000000000000100000554"], 0x1508}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="1808000060000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0908000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000000000000dbaaf0ff50000000bf8620000000000007080000f8ffffffbfa400000000000007040000f0ffffff910000000800000018220000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000010000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r7, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @sack_perm, @timestamp, @sack_perm, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x5b)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r7, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
read(r6, &(0x7f00000003c0)=""/156, 0x9c)

9.72162568s ago: executing program 0 (id=920):
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r2, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r6}, 0x10)
r7 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20008081)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a09040000351000000000000000040900010073797a30000000000900020073797a320000000028000480240001800b00010065787468647200001400028008000640000000010500020089000000140000001100010000000000000000000000000a4350bbf1dfe40754f3d8a2c42e8269ab6257a5f3d3c4fdeec170d7099b149ed2e1923e1d65b96c56881ddd6f6abc6f98358700bd45ca32c75c570f9fda606d4801598695d41ae2a17aabad43cc2791fe2490f5a07555893e496b"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x0)

9.354392667s ago: executing program 5 (id=922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000380)={0x2, 0x4e22, @multicast1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x0)
setresuid(r3, r3, 0x0)
setsockopt$sock_int(r2, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
listen(r2, 0x7fffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000004000000090000000405000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000007f"], 0x50)
syz_clone3(&(0x7f0000000200)={0x4000000, 0x0, 0x0, 0x0, {0x33}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000008e04"])

8.955322051s ago: executing program 5 (id=926):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00'})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004042, 0x0)
socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000040200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

8.050583088s ago: executing program 0 (id=927):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = signalfd(r0, &(0x7f0000000040)={[0x4b6b64b1]}, 0x8)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x20010, r1, 0x8000000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x118, &(0x7f0000000400)=0xcf5, 0x0, 0x4)
r3 = io_uring_setup(0x2b34, &(0x7f0000000080)={0x0, 0x17a3, 0x800, 0x1, 0x337})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
inotify_init1(0x80000)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x13, &(0x7f0000000100)=[0x7fff, 0x520e], 0x2)
r5 = mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x8000)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
r7 = mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r6, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
socket$inet(0x2, 0x80000, 0xab)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000002c0)={0xc, 0x0, &(0x7f0000001640)=[@free_buffer={0x40086303, r7}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000002c0)={0x98, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000200)={@fda={0x66646185, 0x9, 0x2, 0x25}, @ptr={0x70742a85, 0x1, &(0x7f0000000080)=""/245, 0xf5, 0x0, 0xa}, @fda={0x66646185, 0x4, 0x1, 0x2a}}, &(0x7f0000000180)={0x0, 0x20, 0x48}}}, @free_buffer={0x40086303, r5}, @release, @free_buffer={0x40086303, r7}, @dead_binder_done, @acquire_done={0x40106309, 0x1}, @acquire_done], 0x22, 0x0, &(0x7f0000000280)="00fb4c56681a952078cfc8a0b4d9d2583ebf7c70baf84e44f782a6afdf3985679606"})

7.958827198s ago: executing program 5 (id=928):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000340)=0x4000000)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)={0x3, 0x0, [{0x3000, 0xe1, &(0x7f0000000580)=""/225}, {0xd000, 0x0, 0x0}, {0x1, 0x8a, &(0x7f0000000700)=""/138}]})
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x501483, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r6, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)
fchown(0xffffffffffffffff, 0x0, 0xee01)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = fcntl$dupfd(r7, 0x0, r8)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDSIGACCEPT(r7, 0x400455c8, 0xb)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000300)=0x2)
openat$dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)

7.864164968s ago: executing program 3 (id=930):
socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000796412000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="f9000000000000106608000000001000180000000000001000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000200085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

7.825223848s ago: executing program 4 (id=931):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local}], 0x10)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000280)=0x3, 0x4)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="a40000003a002902000000000000a60002"], 0xa4}}, 0x0)

7.330720887s ago: executing program 3 (id=932):
socket$netlink(0x10, 0x3, 0x4)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b8500000007000000850000000700000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90)
rt_sigpending(0x0, 0x1000000)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
accept$inet6(r2, 0x0, &(0x7f0000000080))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYRES64=r1], 0x0, 0x56, 0x0, 0x0, 0x1, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0a00e3050000000000000000010000006e800000", @ANYRESOCT, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000400"/20, @ANYBLOB="f6c2ba8837678277bd76dc2d5ce0c081639f9c292fcfc49ba8524cc38bb1119b81a5fe3aa5a0f77493239a93bd4187f14d62bd9c23d766f40d3092cd5bde8603ada659a6dbe3079f9f15c935a530258e69363b455711c65788547549c62cad675937d65940d5ace29a3722a4617bb0d70148c0835ca25d38c660458e9184f7f88fb2d38ed5ef94f38eec600cc648b719e0f258765d8632e61ce0ea40061bca820c9bb42ab9a451892ddf563b97dc880f5fd50095c5953d70f9097e65b5f497de7946d242db433d869a487101db01c8e919227efbe86e3cfcef629ac6d795cc06eeb328941a256bca23b00b", @ANYBLOB='\x00\x00\x00\x00'], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r6 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r6, &(0x7f0000000240)=""/112, 0x349b7f55)
capset(0x0, &(0x7f0000002080)={0x1, 0xffff, 0x0, 0x3, 0xb, 0x6})
syz_open_dev$loop(&(0x7f00000001c0), 0x5, 0x400)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000099908c87", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000000), &(0x7f0000000180)=r8}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='module_request\x00', r8}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))

6.820376763s ago: executing program 0 (id=933):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
setuid(0xee00)
write$cgroup_int(r0, 0x0, 0x0)

6.541470027s ago: executing program 3 (id=934):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
timerfd_create(0x0, 0x80800)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2b"], 0x0, 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(0xffffffffffffffff, 0x4161, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0xffe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0xd, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, "a730ba01"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000000)=0x1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000100), r4)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x14, r5, 0x3d810686a7d95765, 0x70bd2a, 0x25dfdbf9}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x24004052)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x1000000000000f, &(0x7f00000000c0)=0x7fffffff, 0x4)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r7, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f00000003c0)={<r8=>0x0})
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f0000000240)={r8, 0x0, r7})
unshare(0x4020400)

6.472238847s ago: executing program 0 (id=935):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
io_setup(0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf200000000000002600020007ffffffbd03100000ff900095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee60000bf150000000000001d5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc138cea0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233ba3d4ce26ed703dcb9fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874cd004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f5705ebf9a98a0d9f18135cb1d8d567c3436fa697b72c5035d98b9e4f7f3379c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff75a257310f2d92cb1d1e16468949f5675262ee6609cf26ae4a8f5eac0ebf318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0f72c4a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee8072d1f88cb781e4cdb04af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98c5a471f3521956f8da6a4ccf2071095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a4fdde69c350e59f11f1d26a4d04d8c8b2c4a4d23ee931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe056e2d686e796aaf09e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b00"/3699], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

6.328856819s ago: executing program 2 (id=937):
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r2, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r6}, 0x10)
r7 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20008081)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a09040000351000000000000000040900010073797a30000000000900020073797a320000000028000480240001800b00010065787468647200001400028008000640000000010500020089000000140000001100010000000000000000000000000a4350bbf1dfe40754f3d8a2c42e8269ab6257a5f3d3c4fdeec170d7099b149ed2e1923e1d65b96c56881ddd6f6abc6f98358700bd45ca32c75c570f9fda606d4801598695d41ae2a17aabad43cc2791fe2490f5a07555893e496b"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x0)

5.379396833s ago: executing program 4 (id=938):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0000}]})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000280)=0x7863)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = epoll_create1(0x0)
r5 = fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
setsockopt$inet6_tcp_int(r5, 0x6, 0x7, &(0x7f0000000040)=0xffffff1f, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x32, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x9, 0xfea, &(0x7f0000001e00)=""/4074, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
mount$overlay(0x0, 0x0, 0x0, 0x1000000, 0x0)
r7 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r7, &(0x7f0000000100)=""/107, 0x6b)
write$nci(r7, &(0x7f0000000100)=ANY=[], 0x4)
write$nci(r7, &(0x7f0000000500)=ANY=[@ANYBLOB="6105070502008204090500070109a7208d06ba97ac9b3b7512c11c4c5f2482e31a311f9fbaa375d801ea4c44ce09d160"], 0x30)
chdir(0x0)

5.264107954s ago: executing program 2 (id=939):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x40, 0x9, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}, @IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0xfad6}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002200)={'wlan1\x00'})
ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x1)
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000cc0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4048004}, 0x800)

5.027126128s ago: executing program 3 (id=940):
clock_gettime(0x0, &(0x7f0000000700)={<r0=>0x0, <r1=>0x0})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000680)=[{{&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000080)=""/126, 0x7e}], 0x1, &(0x7f0000000140)=[@rights={{0x20, 0x1, 0x1, [<r2=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff]}}], 0x58}}, {{&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000240)=""/6, 0x6}, {&(0x7f0000000280)=""/177, 0xb1}, {&(0x7f0000000340)=""/230, 0xe6}, {&(0x7f0000000440)=""/156, 0x9c}], 0x4, &(0x7f0000000540)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r7=>0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}}], 0x2, 0x0, &(0x7f0000000740)={r0, r1+60000000})
openat$dir(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0x10000, 0x22) (async)
setpriority(0x2, r7, 0x8000000000000000) (async)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000007c0)=<r9=>0x0)
sched_rr_get_interval(r9, &(0x7f0000000800)) (async)
io_setup(0x5, &(0x7f0000000840)=<r10=>0x0)
io_pgetevents(r10, 0xffffffffffffff03, 0x5, &(0x7f0000000880)=[{}, {}, {}, {}, {}], &(0x7f0000000940)={0x0, 0x989680}, &(0x7f00000009c0)={&(0x7f0000000980)={[0x40]}, 0x8}) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x50, r5, 0x0) (async)
r11 = accept$phonet_pipe(r4, &(0x7f0000000a00), &(0x7f0000000a40)=0x10)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000a80)={'geneve0\x00'}) (async)
r12 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, &(0x7f0000000ac0)={0x5, r12, 0x39, {0x4, 0x2}, 0x99}, 0x1)
io_setup(0x2, &(0x7f0000000b00)=<r13=>0x0)
io_getevents(r13, 0x2, 0x4, &(0x7f0000000b40)=[{}, {}, {}, {}], &(0x7f0000000bc0)={0x0, 0x989680}) (async)
getdents64(r6, &(0x7f0000000c00)=""/16, 0x10) (async)
ioctl$sock_netdev_private(r8, 0x89fd, &(0x7f0000000c40)="6186767413b33d31b9a55229088811819bb71d0b87030114738416191b4bcd7396294e92d06825b45e96b2ca4bd21d17bbdf7fdd3b639d2b99095d571fe94ed841d3e836b25deed81da7ba51bc764ee1da3181c8ac0680482dbca5e0ab78ecc343fa1936f1dfeba14d8a97d2d52f868359d847634d5d92ddc41fce275959482f3bea1473cd491c733d22f267be93b90df97e7bfe6a713b7aea8a")
ioctl$KVM_PPC_ALLOCATE_HTAB(r5, 0xc004aea7, &(0x7f0000000d00)=0x3) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000d40)) (async)
io_getevents(r10, 0x1000, 0x6, &(0x7f0000000d80)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000e40)) (async)
r14 = syz_open_dev$audion(&(0x7f0000000e80), 0xef, 0x200)
ioctl$UI_DEV_CREATE(r14, 0x5501) (async)
io_setup(0x5, &(0x7f0000000ec0))
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000f00)=0x561) (async)
io_setup(0x10001, &(0x7f0000000f40)=<r15=>0x0)
io_destroy(r15)
syz_emit_ethernet(0x430, &(0x7f0000000f80)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x3, 0x6, "6b081b", 0x3fa, 0x2f, 0x0, @dev={0xfe, 0x80, '\x00', 0x33}, @private2, {[@fragment={0x2c, 0x0, 0x10, 0x1, 0x0, 0x9, 0x67}, @routing={0x32, 0x14, 0x2, 0x4, 0x0, [@remote, @private0, @local, @private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x1b}, @remote, @private0, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1]}, @hopopts={0x0, 0x7, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x1}, @hao={0xc9, 0x10, @private1}, @ra={0x5, 0x2, 0x9}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @private1}, @enc_lim={0x4, 0x1, 0xd}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x880b, 0xa6, 0x0, [0x6], "aea8a2b05b0ee5c80544380649df440c579634c03620e1a4efbff518e0a5387c2cb9f5a14754670e832a2435235806c4edd8fafff97743f4c591bc83fd47e37ac645dae20819f58dcd8583f249d6d471bafa9938cfa61bb8212bcaa47ef2cdb7fff5f59e62f323a90d58c0f484b3f5a63da34a9d7ce4fa32a8ad37a80c15c47a6783afecfd9bc5d5c24f05ac27d2b0526873c4c2e4b481911b14b46aaf1371643f1160045209"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x2, 0x826a, 0x9], "e79c75d4f50e8134e4791d17fd6ec6886f4f1ae11d983dd7283ad66096d95a6e92a0eab00da45def4084f40de214301d2f4021ae59ceaaf6a22bdae21e32ecaf7cf5bbcb5a97616f66d0f58605fb8987ee4417ef5f02"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x86dd, [], "d03c46c5c1cad3814e518430b66cbe05bbc0b46d2d2543eaf18672205fd82a55cc5b7e6af8fa1452ea9e7ec6f27b750ecf62dd72ca6bd36f7b03ac840c6a3751946416fce3d14c13fc07439e98a93a3ef9f28bfbebfee295a5c1eeb7079516f80161611d7a56a569d9ee0a7f69a8794303f8d26a9e058cf0e6cbbf16f643710a482f60a27a933f00ed82cf3762756b0b7d4a96b7812479caf8cb5746dc097797ce899a05ef7f2469bb7d8e988adc8bd57548338c2192bc430c6f8d5803bed7800edfeac50868dbbf3cde53251a7284249d68dc7fefc7f6ca483381094fe8c8"}, {0x8, 0x88be, 0x4, {{0x7, 0x1, 0x7, 0x1, 0x1, 0x0, 0x1, 0x55}}}, {0x8, 0x22eb, 0x1, {{0x3, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0xd7}, 0x2, {0x2, 0x4, 0x3, 0x1, 0x0, 0x1, 0x2}}}, {0x8, 0x6558, 0x2, "7fa3f6d1fd23e37d8554aaf44fc75f637327d92584619a6ecd9c515d6cbd8be6dc6a210a1aed7f630924e555703a7da437204b1b5ca813b8b4f2a3cc469fe14da7b754e2a2df3ae6d336c1d89fd18ddd8040734d0c6ea7e92ab3e3a092f7fc556d73e06207711ce30de5737e84174715915b0a6d8ed241fa0d9a1dbb84a3a58e19fe1453487cf0d0aef6d19d17cc078f6a7403c3cdd1ac03edbd80df8d769434f6410a5565379bcdd1541d36181d0c6c34566cc90ead23bb2ade95748ba41f7f7142e89296441825bd02a032d8512689f5039c9f24cba72a248c50"}}}}}}}, &(0x7f00000013c0)={0x0, 0x4, [0xf8b, 0xb91, 0x710, 0x9f1]}) (async)
r16 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001400), 0x400002)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r16, 0xc0505405, &(0x7f0000001440)={{0x0, 0x1, 0x3, 0x2, 0xf3}, 0x9, 0x8000000000000000, 0x9}) (async)
io_setup(0x4c, &(0x7f00000014c0))

4.402482032s ago: executing program 2 (id=941):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000002e80)=[{{&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000ac0)=[{&(0x7f0000000300)="b82c5b5b74519b66ba0c86b5ba2c59ed260021ea06da734a13627dda2a6324da6f41", 0x22}, {&(0x7f0000000340)="87c71ca188dae17781bc20b407a39fc2c129a5613c8aa13c80aa6589625d955b5e1a271dc67be987f882dc2694e0418b1722b946a3a058b626184c0b4d731915627b791aa26c1336e6501554f5cae7eb7bfc1857f8a88dfc2ab0ed6e90060d03e6cdb68417f9e3113c9510ca38bee11e7e3362cc0937157f89ecde8ff7e2", 0x7e}, {&(0x7f0000000440)="d2e4044afa4f4518f3edbb8fac1cb96b09a0e5698de915e9b78686486df76674f08e42f9bd5ce48f9f0940399cb27755b46211755f4f43d56486b10f61f6cbef52bf8d0ca72ba01d428ce8f6cc7bec5df9c51477dd885b3d16f32f932df48d803ce27815cf160d701f684dd796945f032246b53c5ffe1c31498753c4cd9ab7efc48842656215afca51d1edfbf233dad99d54dc973193e47e575123139374db94a9e9909c02fe5c9e188b784c443e568044a881472164a24e21ec4e928f5e5dbdf6e8a53325", 0xc5}, {&(0x7f0000000680)}, {&(0x7f00000006c0)="d419b3e37eed16c885c27235180e058a2c55c6369cb0d781129d70806336449ac6280b5c802c34a41cc70fcad58d02900914a221dfe4524bb56231c88349f387b1fd64258752d0048f290ff65cba4452b8f9c8f1ff993a0527c523545fe5a9df30c85c911f37b9e114471ce16f623de05846734b166b84f8bfdf600098b540a0ab7c9efabb2b516d93086f87c009b1d9dbedf62e5e2cbee332a9b24cb5bc8ed6c68620dbf7921a3a16b1c4e3285b05744396bf44fa85c203ecf06c65ca13e96915dd5459acf6cd", 0xc7}, {&(0x7f00000007c0)="667be333ce56599330337607b2f56b3c687b7daa1de0c0da869597d50f079716c0abdfc1d1b7d4a8b9", 0x29}, {&(0x7f0000000800)="feb408fddb91fc3b47ec6f7d9639d107094a220d50b6fa446117be7c983aab9a8e9ea26639f3f239c20d2dcb18885f4212140cb3daf02bc8c0a6f75c846a77a749fb1f064f084db1b396714b9fb943982bf5ec0d1858e1d05540faca12c7a1016c7371a360f646720f3a1da0e444ee17f132adb5c14e044d543ae63ecb425fd5bbd1daf7585876802c769f3a65f27f78378d2fd55feaec774438835b0764cda0309b67e34e877aaec44186f8a66137ff1227701bbe9c033c43d644bdec95cc85d514f872965482329b3e11f50e15f85c9637633c3442ca50c5f9cb0ca944ab6b84dad9b5c983be", 0xe7}, {&(0x7f0000000900)="22d57f8e2c3c1c29d3f398a69271dab00db56807d27a4e25d7ae2330ca470ea84e6807bdb2379c3a13061a0dda838e0cb90a3485fd594a6fad37bc1b07cb315d09f25771d8ff7725cf364ab84a435cd6a0a2a7ac3248d2ae170a107909b6410cea36b304af1f29911c83a89d2a39004525d0a95daf2b3e5e1b3fe2814ab797295aaead91b4b7c9f135e3d979054cfc3b8fe4d680f4c69903d01e35258548e71b62f29a4c6f947ad899eac22ee57810368a415b44d7d1c3ecf0619ee233dffef535e7818eb7", 0xc5}, {&(0x7f0000000a00)="c577daab42bf017d3a4eeaa6fb71043aed94701e81ad1b749ea14f0bcc8667ea5b145306b7c013f485854024807d545617c33ccdf70af1717669076570fcd818e3493d8a8c6f4af7b21903debbeb1f4ed285404d632048a0372e90609aedb564d69c914b8bcfbb513f0ead0243743b882b806ce421c4eca4ea0e63e17ccb8bd39813b3a04ed6218bf03a26ce788af5e26138b2c86268241db127383f8241506ac5d7b5ef3ada6e15b4a4c6a4ecadd4328ff815a4d871266fc2bb0a7a65b875", 0xbf}], 0x9, &(0x7f0000000d40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES64=r4, @ANYBLOB="000000002c00000000000000010000000100000003f59f879f57f075cf25d468bd53f04af44db653435c5ff02ca3e25342971ac1f4892f4e9160a4fbe5c959e1084330785c4e0c8573aa605db7d5dc13773acfeb1fdaff76ace1080025daafa2f2a51a952eae2f90e34c5a5dc22a72a8d5901c94528772a423b430c362012db94127573522b8f9c20b261989aec5ec22e15c624e5d", @ANYRES32=r4, @ANYRES32=r3, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r4, @ANYRES32, @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0xe8, 0x40084}}], 0x1, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020a0003070000000000000000de480005001a00ac1414bb000000000000000000009d3eff0100000000"], 0x38}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="c8000000", @ANYRES16=r1, @ANYBLOB="010030bd700000000000010000000c00068008000700", @ANYRES32=0x0, @ANYBLOB="1c0001800500020006000000080003000a010100050002000900000014000680060001000a000000060005004e21000030000680060001000a00000014000400fe8000000000000000000000000000bb08000300e0000002060001000a000000080004007e5500004000018014000400fe8000000000000000000000000000bb060005004e20000008000700", @ANYRES32=0x0, @ANYBLOB="0800060008000000060005004e21000008000000"], 0xc8}}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, 0x0, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x7, @none}, 0xe)
r8 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(0xffffffffffffffff, 0x118, 0x1, &(0x7f0000000b80)=0x695, 0x4)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r9, 0x4010ae68, &(0x7f0000000040)={0xeeee0000, 0x0, 0xeeee})
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4.3578944s ago: executing program 3 (id=942):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x82401, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mknodat$null(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1, 0x103)
ioctl$KVM_GET_PIT(r2, 0x4048aec9, &(0x7f0000000080))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8081}, 0x14)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
timer_create(0x8, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000180)=r6, 0x4)
sendmsg$inet(r8, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r9 = fcntl$dupfd(r4, 0x0, r0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_ctl$EPOLL_CTL_DEL(r9, 0x2, r0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x1, 0x0)

4.302935575s ago: executing program 4 (id=943):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x359b171663d45917}, 0x0)
ioctl$BLKRESETZONE(0xffffffffffffffff, 0x40101283, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000005c0)={0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000200)={0x0, 0x80000, <r6=>0xffffffffffffffff})
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r7 = socket(0x1d, 0x2, 0x6)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r7, 0x6a, 0x2, 0x20000000, 0x3)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r6})
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r9=>0x0})
socket(0x10, 0x2, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c0300001000130728bd700000000000ac1e0101000000000000000000000000ac1414bb0000000000000000000000004e230001000000020a00008084000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000000003200000020010000000000000000000000000001000000000000000000000000000000000800000000000000040000000100000006000000000000008001000000000000a1deff79000000000080000000000000000000000000000000000000000000000200000000000000ff0f0000000000000c00000000000000000000002dbd7000000000000a000400000000000000000068001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e000000080000000316f74eeac053deb73fc018493cc121927a9bca207141b9a451c00aae4000600fe80000000000000000000000000003dff0100000000000000000000000000014e21e7414e210005000040c004000000", @ANYRES32=r9, @ANYRES32, @ANYBLOB="fc00000000000000000000000000ff80000004d532000000e00000020000000000000000000000000800000000000000050000000000000088a10c2f000000005b27b753cfb40400000000000000f9ffffffffffffffff0000000000000000000000000000000000008000000000cb0b000000000000ca33000000000000850100000000000003000000000000004000000001000000000000002abd700007350000021d0006090000000000000028011a0000000000000000000000000000000000fc01000000000000000000000000000102000402b5000800b10008000109a90036b3623a7570812ce357859918afb9fb66b00a5bcc2f8867b1dc6f6a7a7362f1f13ac873ba9f6cab18f5dbde16283e78e7c3f84b94dad499bf12019d789ffa89e33ee96626d3ac8eb5ea1443ba5bcff7ab11a6330e596554ee0407828e62b02ee8bc91b654d2065369fbe54e3d2673290a37742707c074c9aff691027a4e16fdb7dd6dea3e7fdd41bf1f9f4b6d689f1e9eb681d6c6140d731534e9841bf29c05e8134ba96d2a"], 0x31c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

3.332118099s ago: executing program 2 (id=944):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
write$tcp_congestion(r1, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={0x2c, 0x1, 0x2, 0x3, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_EXPECT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @private=0xa010102}}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008001}, 0x20000004)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$DRM_IOCTL_AUTH_MAGIC(r3, 0x40046411, &(0x7f0000000000)=0x1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000500)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x2b, 0x4, 0x400, 0x9, 0x2, 0xfffffff9, 0x9, 0x0, 0x0, 0x1, 0xc}}, 0x50)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001000000000000000000ac1e0001000000000000000000000000ac1414bb0000000000000000000000004e200000000000000a0000f000"], 0xfc}}, 0x0)

3.315621188s ago: executing program 4 (id=945):
sched_setaffinity(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xac)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4040000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='\x00', 0x89901)
move_mount(r2, &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
fanotify_init(0x4c, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r3)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x4c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x24, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xee}]}, {0xc, 0x5, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}]}]}, 0x4c}}, 0x0)

3.020613615s ago: executing program 3 (id=946):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x802, 0x0)
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0cc5640, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x4002080)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001140))
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r4 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1a1})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0), 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fib_table_lookup\x00'}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev}, 0x4, {0x2, 0x0, @multicast1=0xe000cc02}})
r6 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0x57, {0x57, 0x7, "a7ea3163fd3bc518194b120c1e73d54cfc4ad2841ef4f6a3fd7c59ccb785025f2e7b3504ff87cbfd10f3c080b733000000000000000800000000000000ea7a288982d5337c364daf03bd400d66293b0a2b103dd93f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

3.019689507s ago: executing program 2 (id=947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket(0x10, 0x2, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$rxrpc(0x21, 0x2, 0x2)
socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000480)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0xffffffff, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x5ee, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.010363739s ago: executing program 5 (id=948):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
timerfd_create(0x0, 0x80800)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2b"], 0x0, 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(0xffffffffffffffff, 0x4161, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0xffe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0xd, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, "a730ba01"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000000)=0x1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000100), r4)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x14, r5, 0x3d810686a7d95765, 0x70bd2a, 0x25dfdbf9}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x24004052)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x1000000000000f, &(0x7f00000000c0)=0x7fffffff, 0x4)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r7, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f00000003c0)={<r8=>0x0})
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f0000000240)={r8, 0x0, r7})
unshare(0x4020400)

1.839759799s ago: executing program 4 (id=949):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x3000)
msgsnd(0x0, &(0x7f0000000300)={0x1}, 0x8, 0x800)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x21, &(0x7f0000000440), 0x1)

1.605287704s ago: executing program 5 (id=950):
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r2, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r6}, 0x10)
r7 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20008081)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a09040000351000000000000000040900010073797a30000000000900020073797a320000000028000480240001800b00010065787468647200001400028008000640000000010500020089000000140000001100010000000000000000000000000a4350bbf1dfe40754f3d8a2c42e8269ab6257a5f3d3c4fdeec170d7099b149ed2e1923e1d65b96c56881ddd6f6abc6f98358700bd45ca32c75c570f9fda606d4801598695d41ae2a17aabad43cc2791fe2490f5a07555893e496b"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x0)

1.117069609s ago: executing program 2 (id=951):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84) (async)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004"], 0x328}}, 0x84)
readv(r0, &(0x7f0000000740)=[{&(0x7f0000000180)=""/198, 0xc6}], 0x1) (async)
readv(r0, &(0x7f0000000740)=[{&(0x7f0000000180)=""/198, 0xc6}], 0x1)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000100)={@random="e10931d8640a", @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "014100", 0x10, 0x88, 0x0, @rand_addr=' \x01\x00', @local, {[], {0x0, 0x0, 0x8, 0x0, @gue={{0x2}}}}}}}}, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0) (async)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r4 = dup2(r3, r3)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = msgget$private(0x0, 0xcb)
msgrcv(r9, 0x0, 0x0, 0x2, 0x1800)
r10 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f00000000c0)={'xfrm0\x00', &(0x7f0000000080)=@ethtool_pauseparam={0x12, 0x7ff, 0x6, 0x1}}) (async)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f00000000c0)={'xfrm0\x00', &(0x7f0000000080)=@ethtool_pauseparam={0x12, 0x7ff, 0x6, 0x1}})
ioctl$BLKTRACESTART(r3, 0x1274, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10}) (async)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x4001, 0x3, 0x380, 0x1e8, 0xb, 0x148, 0x1e8, 0x148, 0x2e8, 0x240, 0x240, 0x2e8, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x180, 0x1e8, 0x0, {0xff0f000000000000}, [@common=@inet=@multiport={{0x50}, {0x2, 0xb, [0x4e20, 0x4e23, 0x4e22, 0x4e24, 0x4e24, 0x4e24, 0x4e22, 0x4e23, 0x4e21, 0x4e20, 0x3, 0x4e22, 0x4e23, 0xeac, 0x4e23], [0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1]}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "d40b98e613e5c0d53fa5668bfbd8659b9ba9affcbed065733d0012e401764f592fc2c2bfb0e657e39980dd3655cfdfebceab664ab18605949120401237b982613cbdde69fbfbd40e9505ea3909a03f93f0be8cd9870b50e1d8a655f0a2cc7dba129d9af19184e11feeab1ddd11aa07abfef2f0ace242261fac91893e25989bb2", 0x4, 0x8a119efdab096be9}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x3, 0x8, 0x1, '\x00', 'syz0\x00', {0x8}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e0)

1.116304007s ago: executing program 4 (id=952):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00'})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004042, 0x0)
socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000180000070200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

0s ago: executing program 0 (id=953):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="8500000008000000760000000000000027000000000000009500000000000000d9e029f8c1652bc575bc1dc3a9fa16094393337a693d6504978ceb558b41537525a394249a1506da9ac69561c187afa3ba7ebc3af563e1e94ceec996695d1d26bbfb2feebab62478775a18852a3359fb20d4d020daf585b85d18b24cf00e3ac10552a5c9acddcb10eae4445de245fe9c7bf90262293683e504b59ef6d4568f30efe6465b5e0aeb3c6f9f5c6ad0a0891670e48b75f80000000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000796412000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="0000f8ffffff00106608000000001000180000000000001000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000200085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

kernel console output (not intermixed with test programs):

5]  ___sys_sendmsg+0x134/0x1d0
[  195.106386][ T7385]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.106400][ T7385]  ? __lock_acquire+0x622/0x1c90
[  195.106437][ T7385]  __sys_sendmsg+0x16d/0x220
[  195.106454][ T7385]  ? __pfx___sys_sendmsg+0x10/0x10
[  195.106481][ T7385]  do_syscall_64+0xcd/0x4c0
[  195.106499][ T7385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.106511][ T7385] RIP: 0033:0x7ff18a58e929
[  195.106521][ T7385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.106531][ T7385] RSP: 002b:00007ff18b40a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.106542][ T7385] RAX: ffffffffffffffda RBX: 00007ff18a7b5fa0 RCX: 00007ff18a58e929
[  195.106550][ T7385] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  195.106556][ T7385] RBP: 00007ff18b40a090 R08: 0000000000000000 R09: 0000000000000000
[  195.106562][ T7385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.106568][ T7385] R13: 0000000000000000 R14: 00007ff18a7b5fa0 R15: 00007ffe82e4d7b8
[  195.106583][ T7385]  </TASK>
[  196.749353][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  196.755913][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[  196.878831][   T43] libceph: connect (1)[c::]:6789 error -101
[  196.885000][   T43] libceph: mon0 (1)[c::]:6789 connect error
[  196.897358][ T7404] ceph: No mds server is up or the cluster is laggy
[  197.028360][ T7396] netlink: 'syz.3.315': attribute type 5 has an invalid length.
[  197.033180][   T30] audit: type=1400 audit(1749462294.076:264): avc:  denied  { ioctl } for  pid=7410 comm="syz.1.320" path="socket:[14094]" dev="sockfs" ino=14094 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  197.071167][ T7411] netlink: 104 bytes leftover after parsing attributes in process `syz.1.320'.
[  198.122600][ T7423] netlink: 'syz.1.324': attribute type 39 has an invalid length.
[  199.594662][   T30] audit: type=1400 audit(1749462295.376:265): avc:  denied  { create } for  pid=7418 comm="syz.2.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  199.618642][ T7426] xt_l2tp: wrong L2TP version: 0
[  200.089656][   T30] audit: type=1400 audit(1749462297.136:266): avc:  denied  { read } for  pid=7429 comm="syz.4.326" name="system" dev="devtmpfs" ino=700 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  200.089710][   T30] audit: type=1400 audit(1749462297.136:267): avc:  denied  { open } for  pid=7429 comm="syz.4.326" path="/dev/dma_heap/system" dev="devtmpfs" ino=700 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  203.641867][ T7475] netlink: 12 bytes leftover after parsing attributes in process `syz.3.335'.
[  204.069305][ T7486] netlink: 12 bytes leftover after parsing attributes in process `syz.0.337'.
[  205.422577][ T7496] loop6: detected capacity change from 0 to 7
[  205.432138][ T7496] buffer_io_error: 14 callbacks suppressed
[  205.432179][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.446609][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.455420][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.464040][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.472665][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.481095][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.489645][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.497957][ T7496] ldm_validate_partition_table(): Disk read failed.
[  205.504969][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.513509][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.522006][ T7496] Buffer I/O error on dev loop6, logical block 0, async page read
[  205.530735][ T7496] Dev loop6: unable to read RDB block 0
[  205.537804][ T7496]  loop6: unable to read partition table
[  205.544506][ T7496] loop6: partition table beyond EOD, truncated
[  205.550806][ T7496] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  205.550806][ T7496] 
) failed (rc=-5)
[  206.101928][ T7499] FAULT_INJECTION: forcing a failure.
[  206.101928][ T7499] name failslab, interval 1, probability 0, space 0, times 0
[  206.135760][ T7499] CPU: 0 UID: 0 PID: 7499 Comm: syz.4.341 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  206.135783][ T7499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  206.135790][ T7499] Call Trace:
[  206.135794][ T7499]  <TASK>
[  206.135800][ T7499]  dump_stack_lvl+0x16c/0x1f0
[  206.135822][ T7499]  should_fail_ex+0x512/0x640
[  206.135838][ T7499]  ? __kmalloc_noprof+0xbf/0x510
[  206.135854][ T7499]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  206.135870][ T7499]  should_failslab+0xc2/0x120
[  206.135886][ T7499]  __kmalloc_noprof+0xd2/0x510
[  206.135904][ T7499]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  206.135919][ T7499]  ? cred_has_capability.isra.0+0x193/0x2f0
[  206.135938][ T7499]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  206.135953][ T7499]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  206.135972][ T7499]  ? bpf_lsm_capable+0x9/0x10
[  206.135984][ T7499]  ? security_capable+0x7e/0x260
[  206.136001][ T7499]  genl_rcv_msg+0x55c/0x800
[  206.136019][ T7499]  ? __pfx_genl_rcv_msg+0x10/0x10
[  206.136033][ T7499]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[  206.136054][ T7499]  ? __lock_acquire+0x622/0x1c90
[  206.136080][ T7499]  netlink_rcv_skb+0x155/0x420
[  206.136092][ T7499]  ? __pfx_genl_rcv_msg+0x10/0x10
[  206.136106][ T7499]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  206.136125][ T7499]  ? netlink_deliver_tap+0x1ae/0xd30
[  206.136135][ T7499]  ? is_vmalloc_addr+0x86/0xa0
[  206.136152][ T7499]  genl_rcv+0x28/0x40
[  206.136163][ T7499]  netlink_unicast+0x53d/0x7f0
[  206.136177][ T7499]  ? __pfx_netlink_unicast+0x10/0x10
[  206.136194][ T7499]  netlink_sendmsg+0x8d1/0xdd0
[  206.136209][ T7499]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.136227][ T7499]  ____sys_sendmsg+0xa98/0xc70
[  206.136240][ T7499]  ? copy_msghdr_from_user+0x10a/0x160
[  206.136256][ T7499]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.136276][ T7499]  ___sys_sendmsg+0x134/0x1d0
[  206.136293][ T7499]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.136307][ T7499]  ? __lock_acquire+0x622/0x1c90
[  206.136346][ T7499]  __sys_sendmsg+0x16d/0x220
[  206.136363][ T7499]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.136389][ T7499]  do_syscall_64+0xcd/0x4c0
[  206.136408][ T7499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.136420][ T7499] RIP: 0033:0x7f962a38e929
[  206.136430][ T7499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.136440][ T7499] RSP: 002b:00007f962b245038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.136451][ T7499] RAX: ffffffffffffffda RBX: 00007f962a5b5fa0 RCX: 00007f962a38e929
[  206.136459][ T7499] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  206.136465][ T7499] RBP: 00007f962b245090 R08: 0000000000000000 R09: 0000000000000000
[  206.136471][ T7499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.136477][ T7499] R13: 0000000000000000 R14: 00007f962a5b5fa0 R15: 00007ffdadf2cd98
[  206.136492][ T7499]  </TASK>
[  207.854688][ T7511] netlink: 68 bytes leftover after parsing attributes in process `syz.0.347'.
[  208.042918][   T30] audit: type=1400 audit(1749462305.096:268): avc:  denied  { write } for  pid=7518 comm="syz.2.351" name="raw-gadget" dev="devtmpfs" ino=821 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  208.647738][   T30] audit: type=1400 audit(1749462305.096:269): avc:  denied  { ioctl } for  pid=7518 comm="syz.2.351" path="/dev/raw-gadget" dev="devtmpfs" ino=821 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  208.673914][   T30] audit: type=1400 audit(1749462305.676:270): avc:  denied  { create } for  pid=7523 comm="syz.3.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  208.694035][   T30] audit: type=1400 audit(1749462305.686:271): avc:  denied  { write } for  pid=7523 comm="syz.3.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  208.715479][   T30] audit: type=1400 audit(1749462305.696:272): avc:  denied  { ioctl } for  pid=7523 comm="syz.3.352" path="socket:[14321]" dev="sockfs" ino=14321 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  208.751225][ T5937] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  208.970979][ T5937] usb 3-1: Using ep0 maxpacket: 16
[  209.019031][ T5937] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 7.00
[  209.029854][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.041190][ T5937] usb 3-1: Product: syz
[  209.052153][ T5937] usb 3-1: Manufacturer: syz
[  209.056792][ T5937] usb 3-1: SerialNumber: syz
[  209.085969][ T5937] usb 3-1: config 0 descriptor??
[  209.128741][ T5937] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  209.146259][ T5937] usb 3-1: Detected FT2232H
[  209.229380][ T7534] netlink: 'syz.4.344': attribute type 5 has an invalid length.
[  209.336465][ T5937] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  209.371952][ T5937] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  209.526215][ T5937] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  209.586240][ T5937] usb 3-1: USB disconnect, device number 7
[  209.647498][ T5937] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  209.697240][ T5937] ftdi_sio 3-1:0.0: device disconnected
[  210.501292][   T30] audit: type=1400 audit(1749462307.556:273): avc:  denied  { read } for  pid=7548 comm="syz.2.358" path="socket:[14909]" dev="sockfs" ino=14909 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  210.565002][   T30] audit: type=1326 audit(1749462307.556:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7548 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffbb8e929 code=0x7ffc0000
[  210.625218][   T30] audit: type=1326 audit(1749462307.556:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7548 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7feffbb8e929 code=0x7ffc0000
[  210.679975][   T30] audit: type=1326 audit(1749462307.556:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7548 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffbb8e929 code=0x7ffc0000
[  210.756015][   T30] audit: type=1326 audit(1749462307.556:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7548 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffbb8e929 code=0x7ffc0000
[  210.849743][ T7559] [U] ��M٭��q&�� K�4
[  210.854506][ T7559] [U] [�)�U�}��ǔ��J�}N�sef*�	�����nZ��f[F_h��'��W"�x�~����;vA�)^�`�1C':z�������FOb�	*?۟c�z�s��<8zN񷐚���Ey�	T�T<$c�R�斻/Vg���{y�~Y5\�
;�z��Dx���y�A��"xI�f�{��`A$㭡55?�
��s�a�m��o������*K��
[  211.600849][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  211.607320][ T5836] Bluetooth: hci0: command 0x0406 tx timeout
[  211.634053][ T5840] Bluetooth: hci2: command 0x0405 tx timeout
[  215.076254][ T7613] netlink: 12 bytes leftover after parsing attributes in process `syz.1.371'.
[  215.461960][ T7618] netlink: 'syz.3.370': attribute type 5 has an invalid length.
[  216.567708][ T7624] FAULT_INJECTION: forcing a failure.
[  216.567708][ T7624] name failslab, interval 1, probability 0, space 0, times 0
[  216.702274][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  216.702291][   T30] audit: type=1400 audit(1749462313.756:305): avc:  denied  { create } for  pid=7627 comm="syz.0.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  217.696517][ T7624] CPU: 0 UID: 0 PID: 7624 Comm: syz.2.376 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  217.696550][ T7624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.696562][ T7624] Call Trace:
[  217.696568][ T7624]  <TASK>
[  217.696576][ T7624]  dump_stack_lvl+0x16c/0x1f0
[  217.696612][ T7624]  should_fail_ex+0x512/0x640
[  217.696638][ T7624]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  217.696667][ T7624]  should_failslab+0xc2/0x120
[  217.696695][ T7624]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  217.696720][ T7624]  ? __alloc_skb+0x2b2/0x380
[  217.696748][ T7624]  __alloc_skb+0x2b2/0x380
[  217.696771][ T7624]  ? __pfx___alloc_skb+0x10/0x10
[  217.696802][ T7624]  netlink_ack+0x15d/0xb80
[  217.696821][ T7624]  ? avc_has_perm_noaudit+0x149/0x3b0
[  217.696844][ T7624]  netlink_rcv_skb+0x332/0x420
[  217.696862][ T7624]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  217.696888][ T7624]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.696917][ T7624]  ? ns_capable+0xd7/0x110
[  217.696940][ T7624]  nfnetlink_rcv+0x1b3/0x430
[  217.696961][ T7624]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  217.696980][ T7624]  ? netlink_deliver_tap+0x1ae/0xd30
[  217.697001][ T7624]  netlink_unicast+0x53d/0x7f0
[  217.697023][ T7624]  ? __pfx_netlink_unicast+0x10/0x10
[  217.697048][ T7624]  netlink_sendmsg+0x8d1/0xdd0
[  217.697073][ T7624]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.697103][ T7624]  ____sys_sendmsg+0xa98/0xc70
[  217.697122][ T7624]  ? copy_msghdr_from_user+0x10a/0x160
[  217.697147][ T7624]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.697179][ T7624]  ___sys_sendmsg+0x134/0x1d0
[  217.697208][ T7624]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.697231][ T7624]  ? __lock_acquire+0x622/0x1c90
[  217.697287][ T7624]  __sys_sendmsg+0x16d/0x220
[  217.697312][   T30] audit: type=1400 audit(1749462313.756:306): avc:  denied  { write } for  pid=7627 comm="syz.0.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  217.697314][ T7624]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.697356][   T30] audit: type=1400 audit(1749462313.756:307): avc:  denied  { create } for  pid=7627 comm="syz.0.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  217.697360][ T7624]  do_syscall_64+0xcd/0x4c0
[  217.697391][ T7624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.697395][   T30] audit: type=1400 audit(1749462313.756:308): avc:  denied  { setopt } for  pid=7627 comm="syz.0.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  217.697412][ T7624] RIP: 0033:0x7feffbb8e929
[  217.697434][   T30] audit: type=1400 audit(1749462313.756:309): avc:  denied  { read } for  pid=7627 comm="syz.0.377" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  217.697437][ T7624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.697456][ T7624] RSP: 002b:00007feffc9c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.697475][ T7624] RAX: ffffffffffffffda RBX: 00007feffbdb5fa0 RCX: 00007feffbb8e929
[  217.697476][   T30] audit: type=1400 audit(1749462313.756:310): avc:  denied  { open } for  pid=7627 comm="syz.0.377" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  217.697488][ T7624] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  217.697500][ T7624] RBP: 00007feffc9c0090 R08: 0000000000000000 R09: 0000000000000000
[  217.697512][ T7624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  217.697518][   T30] audit: type=1400 audit(1749462313.756:311): avc:  denied  { ioctl } for  pid=7627 comm="syz.0.377" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  217.697523][ T7624] R13: 0000000000000000 R14: 00007feffbdb5fa0 R15: 00007ffcc81a8408
[  217.697551][ T7624]  </TASK>
[  220.143212][ T7633] netlink: 24 bytes leftover after parsing attributes in process `syz.0.377'.
[  221.132180][ T7651] netlink: 'syz.3.385': attribute type 5 has an invalid length.
[  221.843232][ T7657] netlink: 'syz.4.386': attribute type 5 has an invalid length.
[  223.007106][ T7677] netlink: 'syz.1.389': attribute type 5 has an invalid length.
[  223.763436][ T7683] sctp: [Deprecated]: syz.0.396 (pid 7683) Use of int in maxseg socket option.
[  223.763436][ T7683] Use struct sctp_assoc_value instead
[  223.871027][   T43] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  224.043028][   T30] audit: type=1400 audit(1749462321.086:312): avc:  denied  { getopt } for  pid=7687 comm="syz.1.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  224.162534][   T30] audit: type=1400 audit(1749462321.086:313): avc:  denied  { ioctl } for  pid=7687 comm="syz.1.398" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  224.188441][   T30] audit: type=1400 audit(1749462321.096:314): avc:  denied  { set_context_mgr } for  pid=7687 comm="syz.1.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  224.296117][   T43] usb 4-1: Using ep0 maxpacket: 32
[  224.318073][   T43] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[  224.327430][   T43] usb 4-1: config 0 has no interface number 0
[  224.334971][   T43] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  224.453233][   T43] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  224.468790][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.477078][   T43] usb 4-1: Product: syz
[  224.481667][   T43] usb 4-1: Manufacturer: syz
[  224.486331][   T43] usb 4-1: SerialNumber: syz
[  224.493821][   T43] usb 4-1: config 0 descriptor??
[  224.508390][   T43] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  224.534920][   T43] em28xx 4-1:0.132: Video interface 132 found:
[  224.804084][   T30] audit: type=1400 audit(1749462321.846:315): avc:  denied  { read } for  pid=7701 comm="syz.2.401" path="socket:[15732]" dev="sockfs" ino=15732 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  224.806452][ T7681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.905887][   T30] audit: type=1400 audit(1749462321.846:316): avc:  denied  { write } for  pid=7701 comm="syz.2.401" path="socket:[15733]" dev="sockfs" ino=15733 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  224.944280][ T7681] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.997761][   T30] audit: type=1400 audit(1749462321.846:317): avc:  denied  { accept } for  pid=7701 comm="syz.2.401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  225.394921][   T43] em28xx 4-1:0.132: unknown em28xx chip ID (0)
[  226.687225][ T7714] netlink: 68 bytes leftover after parsing attributes in process `syz.1.403'.
[  226.839801][   T30] audit: type=1400 audit(1749462322.536:318): avc:  denied  { append } for  pid=7680 comm="syz.3.395" name="v4l-subdev4" dev="devtmpfs" ino=947 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  227.817350][   T43] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  227.938671][   T43] em28xx 4-1:0.132: board has no eeprom
[  228.024752][ T7730] netlink: 68 bytes leftover after parsing attributes in process `syz.1.407'.
[  228.051724][   T43] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  228.059986][   T43] em28xx 4-1:0.132: analog set to bulk mode.
[  228.120291][ T5907] em28xx 4-1:0.132: Registering V4L2 extension
[  228.297732][ T7729] netlink: 96 bytes leftover after parsing attributes in process `syz.4.408'.
[  228.323283][   T43] usb 4-1: USB disconnect, device number 3
[  228.345520][   T43] em28xx 4-1:0.132: Disconnecting em28xx
[  228.424851][ T7736] FAULT_INJECTION: forcing a failure.
[  228.424851][ T7736] name failslab, interval 1, probability 0, space 0, times 0
[  228.454327][ T7736] CPU: 0 UID: 0 PID: 7736 Comm: syz.3.410 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  228.454359][ T7736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  228.454371][ T7736] Call Trace:
[  228.454378][ T7736]  <TASK>
[  228.454385][ T7736]  dump_stack_lvl+0x16c/0x1f0
[  228.454419][ T7736]  should_fail_ex+0x512/0x640
[  228.454444][ T7736]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  228.454473][ T7736]  should_failslab+0xc2/0x120
[  228.454499][ T7736]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  228.454522][ T7736]  ? lockdep_init_map_type+0x5c/0x280
[  228.454556][ T7736]  ? ceph_msg_new2+0x3e/0x4f0
[  228.454583][ T7736]  ceph_msg_new2+0x3e/0x4f0
[  228.454609][ T7736]  ceph_monc_init+0x588/0xc80
[  228.454649][ T7736]  ceph_create_client+0x25b/0x370
[  228.454672][ T7736]  ceph_get_tree+0x1ac/0x1ec0
[  228.454696][ T7736]  ? security_capable+0x7e/0x260
[  228.454720][ T7736]  vfs_get_tree+0x8b/0x340
[  228.454742][ T7736]  vfs_cmd_create+0xd7/0x2a0
[  228.454766][ T7736]  __do_sys_fsconfig+0x7b8/0xbe0
[  228.454789][ T7736]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  228.454806][ T7736]  ? fput+0x70/0xf0
[  228.454836][ T7736]  do_syscall_64+0xcd/0x4c0
[  228.454867][ T7736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.454887][ T7736] RIP: 0033:0x7ff18a58e929
[  228.454903][ T7736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.454923][ T7736] RSP: 002b:00007ff18b40a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  228.454942][ T7736] RAX: ffffffffffffffda RBX: 00007ff18a7b5fa0 RCX: 00007ff18a58e929
[  228.454955][ T7736] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[  228.454967][ T7736] RBP: 00007ff18b40a090 R08: 0000000000000000 R09: 0000000000000000
[  228.454979][ T7736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.454991][ T7736] R13: 0000000000000000 R14: 00007ff18a7b5fa0 R15: 00007ffe82e4d7b8
[  228.455019][ T7736]  </TASK>
[  228.704202][ T5907] em28xx 4-1:0.132: Config register raw data: 0xffffffed
[  228.728142][ T5907] em28xx 4-1:0.132: AC97 chip type couldn't be determined
[  228.741175][  T974] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  228.765748][ T7740] sctp: [Deprecated]: syz.1.411 (pid 7740) Use of int in maxseg socket option.
[  228.765748][ T7740] Use struct sctp_assoc_value instead
[  228.787339][ T5907] em28xx 4-1:0.132: No AC97 audio processor
[  228.946654][ T5907] usb 4-1: Decoder not found
[  228.952720][ T5907] em28xx 4-1:0.132: failed to create media graph
[  228.959295][ T5907] em28xx 4-1:0.132: V4L2 device video103 deregistered
[  229.010813][  T974] usb 5-1: Using ep0 maxpacket: 16
[  229.054354][  T974] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  229.723159][  T974] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  229.744606][ T5907] em28xx 4-1:0.132: Remote control support is not available for this card.
[  229.778901][  T974] usb 5-1: Product: syz
[  229.790408][   T43] em28xx 4-1:0.132: Closing input extension
[  229.829517][  T974] usb 5-1: Manufacturer: syz
[  229.863645][  T974] usb 5-1: SerialNumber: syz
[  229.972642][   T43] em28xx 4-1:0.132: Freeing device
[  229.989902][  T974] usb 5-1: config 0 descriptor??
[  231.049167][ T7757] netlink: 'syz.0.409': attribute type 5 has an invalid length.
[  231.478344][ T5930] usb 5-1: USB disconnect, device number 2
[  231.504635][   T30] audit: type=1400 audit(1749462328.536:319): avc:  denied  { create } for  pid=7759 comm="syz.1.415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  231.583346][   T30] audit: type=1400 audit(1749462328.576:320): avc:  denied  { setopt } for  pid=7752 comm="syz.3.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  231.605694][ T7763] netlink: 16 bytes leftover after parsing attributes in process `syz.4.416'.
[  231.653393][   T30] audit: type=1400 audit(1749462328.666:321): avc:  denied  { bind } for  pid=7759 comm="syz.1.415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  231.920449][ T7776] syz.0.419 uses obsolete (PF_INET,SOCK_PACKET)
[  231.923752][ T7774] netlink: 'syz.1.420': attribute type 19 has an invalid length.
[  231.945333][ T7779] netlink: 'syz.1.420': attribute type 19 has an invalid length.
[  232.102360][ T7769] netlink: 'syz.3.417': attribute type 5 has an invalid length.
[  232.180987][ T7783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'.
[  232.572515][ T7785] xt_connbytes: Forcing CT accounting to be enabled
[  232.579576][ T7785] set match dimension is over the limit!
[  234.388376][ T7808] netlink: 224 bytes leftover after parsing attributes in process `syz.3.429'.
[  234.899731][   T30] audit: type=1400 audit(1749462331.436:322): avc:  denied  { connect } for  pid=7803 comm="syz.1.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  234.931718][   T30] audit: type=1400 audit(1749462331.436:323): avc:  denied  { write } for  pid=7803 comm="syz.1.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  235.420883][ T7817] netlink: 'syz.0.430': attribute type 5 has an invalid length.
[  235.705479][   T30] audit: type=1400 audit(1749462331.486:324): avc:  denied  { read } for  pid=7803 comm="syz.1.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  235.836956][ T7820] sctp: [Deprecated]: syz.2.431 (pid 7820) Use of int in maxseg socket option.
[  235.836956][ T7820] Use struct sctp_assoc_value instead
[  237.012071][ T7835] netlink: 224 bytes leftover after parsing attributes in process `syz.1.435'.
[  239.368256][ T7861] xt_recent: hitcount (2147483647) is larger than allowed maximum (65535)
[  239.704569][ T5907] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  239.712317][   T43] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  239.894433][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  239.905632][   T43] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  239.917574][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  239.917710][ T5907] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  239.946313][   T43] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  239.955655][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.963953][ T5907] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  239.972928][   T43] usb 2-1: Product: syz
[  239.977094][   T43] usb 2-1: Manufacturer: syz
[  239.981909][   T43] usb 2-1: SerialNumber: syz
[  239.987416][ T5907] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  239.996697][ T5907] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  240.006628][ T5907] usb 5-1: SerialNumber: syz
[  240.012537][   T43] usb 2-1: config 0 descriptor??
[  240.041112][ T7854] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  240.057976][ T7854] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  240.072118][   T43] usb 2-1: ucan: probing device on interface #0
[  240.235901][ T7873] netlink: 'syz.0.445': attribute type 5 has an invalid length.
[  240.662211][ T5907] usb 5-1: 0:2 : does not exist
[  240.896233][   T43] usb 2-1: ucan: device reported invalid device info
[  240.897788][ T7874] serio: Serial port ptm0
[  240.944924][   T43] usb 2-1: ucan: probe failed; try to update the device firmware
[  241.046283][ T7879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.129751][ T5907] usb 5-1: USB disconnect, device number 3
[  241.159752][   T30] audit: type=1400 audit(1749462338.206:325): avc:  denied  { name_bind } for  pid=7877 comm="syz.0.448" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  241.317396][   T30] audit: type=1400 audit(1749462338.366:326): avc:  denied  { mount } for  pid=7886 comm="syz.4.450" name="/" dev="autofs" ino=16269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  241.349739][ T7887] atomic_op ffff88807719f198 conn xmit_atomic 0000000000000000
[  241.378245][   T30] audit: type=1400 audit(1749462338.426:327): avc:  denied  { unmount } for  pid=6025 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  241.520218][ T5900] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  241.586469][ T7890] netlink: 68 bytes leftover after parsing attributes in process `syz.4.451'.
[  241.650191][   T30] audit: type=1400 audit(1749462338.696:328): avc:  denied  { read write } for  pid=7891 comm="syz.3.452" name="uhid" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  241.718082][   T30] audit: type=1400 audit(1749462338.696:329): avc:  denied  { open } for  pid=7891 comm="syz.3.452" path="/dev/uhid" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  241.745482][ T5900] usb 3-1: Using ep0 maxpacket: 32
[  241.753901][ T5900] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  241.770921][ T5900] usb 3-1: config 0 has no interface number 0
[  241.777080][ T5900] usb 3-1: config 0 interface 184 has no altsetting 0
[  241.797668][ T5900] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  241.821011][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.829049][ T5900] usb 3-1: Product: syz
[  241.841254][ T5900] usb 3-1: Manufacturer: syz
[  241.850062][ T5900] usb 3-1: SerialNumber: syz
[  241.864651][ T5900] usb 3-1: config 0 descriptor??
[  241.884977][ T5900] smsc75xx v1.0.0
[  242.590535][ T5907] usb 2-1: USB disconnect, device number 3
[  243.174868][ T7910] netlink: 24 bytes leftover after parsing attributes in process `syz.4.458'.
[  243.220811][ T7910] netlink: 16 bytes leftover after parsing attributes in process `syz.4.458'.
[  243.365132][ T7885] netlink: 'syz.2.449': attribute type 10 has an invalid length.
[  243.506310][ T7885] veth0_macvtap: left promiscuous mode
[  243.586481][ T7885] batman_adv: batadv0: Adding interface: macvtap0
[  243.593288][ T7885] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.618696][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.666695][ T7885] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active
[  244.408866][ T5900] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  244.419865][ T5900] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  244.432381][ T5900] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  244.446619][ T7914] netlink: 68 bytes leftover after parsing attributes in process `syz.0.459'.
[  244.457765][ T5937] libceph: connect (1)[c::]:6789 error -101
[  244.464001][ T5937] libceph: mon0 (1)[c::]:6789 connect error
[  244.476597][ T5900] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  244.497844][ T5900] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  244.524174][ T5900] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  244.611706][ T5900] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  244.613793][ T7921] ceph: No mds server is up or the cluster is laggy
[  244.623815][ T5900] usb 3-1: USB disconnect, device number 8
[  244.697012][ T7930] netlink: 'syz.4.464': attribute type 39 has an invalid length.
[  245.909836][ T7942] netlink: 'syz.1.466': attribute type 5 has an invalid length.
[  245.970063][ T7945] loop6: detected capacity change from 0 to 7
[  245.978897][ T7945] buffer_io_error: 14 callbacks suppressed
[  245.978931][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  245.993584][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.002075][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.010662][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.019783][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.028432][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.037032][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.045396][ T7945] ldm_validate_partition_table(): Disk read failed.
[  246.052400][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.060978][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.069517][ T7945] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.078303][ T7945] Dev loop6: unable to read RDB block 0
[  246.085400][ T7945]  loop6: unable to read partition table
[  246.092141][ T7945] loop6: partition table beyond EOD, truncated
[  246.098384][ T7945] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  246.098384][ T7945] 
) failed (rc=-5)
[  246.490869][ T5835] Bluetooth: hci2: command 0x0405 tx timeout
[  247.211253][ T7959] netlink: 68 bytes leftover after parsing attributes in process `syz.0.472'.
[  247.343253][   T30] audit: type=1400 audit(1749462344.386:330): avc:  denied  { write } for  pid=7957 comm="syz.1.473" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  247.488017][ T7962] bond0: entered promiscuous mode
[  247.493287][ T7962] bond_slave_0: entered promiscuous mode
[  247.499912][ T7962] bond_slave_1: entered promiscuous mode
[  247.523929][ T7962] netlink: 5280 bytes leftover after parsing attributes in process `syz.1.473'.
[  248.056159][   T30] audit: type=1400 audit(1749462344.536:331): avc:  denied  { create } for  pid=7957 comm="syz.1.473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  248.086930][   T30] audit: type=1400 audit(1749462344.536:332): avc:  denied  { connect } for  pid=7957 comm="syz.1.473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  248.125869][ T7967] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=7967 comm=syz.2.476
[  248.175551][ T7968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=7968 comm=syz.2.476
[  248.177643][   T30] audit: type=1400 audit(1749462345.226:333): avc:  denied  { create } for  pid=7969 comm="syz.3.475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  248.236756][   T30] audit: type=1326 audit(1749462345.286:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.3.475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7ffc0000
[  248.260841][   T30] audit: type=1326 audit(1749462345.286:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.3.475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7ffc0000
[  248.694465][   T30] audit: type=1326 audit(1749462345.306:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.3.475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7ff18a58e929 code=0x7ffc0000
[  248.983794][   T30] audit: type=1326 audit(1749462345.316:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.3.475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7ffc0000
[  249.072867][   T30] audit: type=1326 audit(1749462345.316:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.3.475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7ffc0000
[  249.096686][   T30] audit: type=1326 audit(1749462345.346:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.3.475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff18a58e929 code=0x7ffc0000
[  250.078393][ T8000] xt_policy: neither incoming nor outgoing policy selected
[  250.106095][ T8000] netlink: 48 bytes leftover after parsing attributes in process `syz.0.483'.
[  251.879695][ T8005] sctp: [Deprecated]: syz.1.485 (pid 8005) Use of int in maxseg socket option.
[  251.879695][ T8005] Use struct sctp_assoc_value instead
[  254.098753][ T8035] netlink: 96 bytes leftover after parsing attributes in process `syz.1.490'.
[  255.420511][ T8043] input: syz0 as /devices/virtual/input/input6
[  255.430328][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  255.430346][   T30] audit: type=1400 audit(1749462352.466:351): avc:  denied  { read write } for  pid=8042 comm="syz.1.496" name="uinput" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  256.042843][   T30] audit: type=1400 audit(1749462352.466:352): avc:  denied  { open } for  pid=8042 comm="syz.1.496" path="/dev/uinput" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  256.066323][   T30] audit: type=1400 audit(1749462352.466:353): avc:  denied  { ioctl } for  pid=8042 comm="syz.1.496" path="/dev/uinput" dev="devtmpfs" ino=921 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  256.084155][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  256.092965][   T30] audit: type=1400 audit(1749462353.146:354): avc:  denied  { ioctl } for  pid=5176 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2877 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  256.162823][ T8053] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  256.262746][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  259.392356][ T8064] xt_policy: neither incoming nor outgoing policy selected
[  260.200766][   T30] audit: type=1326 audit(1749462357.246:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.272207][   T30] audit: type=1326 audit(1749462357.276:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.295649][   T30] audit: type=1326 audit(1749462357.286:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.319025][   T30] audit: type=1326 audit(1749462357.286:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.342526][   T30] audit: type=1326 audit(1749462357.286:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.383981][   T30] audit: type=1326 audit(1749462357.286:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.443260][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  260.443277][   T30] audit: type=1326 audit(1749462357.496:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.443409][   T30] audit: type=1400 audit(1749462357.496:395): avc:  denied  { setopt } for  pid=8067 comm="syz.1.501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  260.446145][   T30] audit: type=1326 audit(1749462357.496:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.446271][   T30] audit: type=1326 audit(1749462357.496:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.456596][   T30] audit: type=1326 audit(1749462357.506:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.458233][   T30] audit: type=1326 audit(1749462357.506:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.458675][   T30] audit: type=1326 audit(1749462357.506:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.458854][   T30] audit: type=1326 audit(1749462357.506:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.459021][   T30] audit: type=1326 audit(1749462357.506:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  260.459296][   T30] audit: type=1326 audit(1749462357.506:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8067 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfd1b8e929 code=0x7ffc0000
[  261.111534][ T8076] trusted_key: encrypted_key: insufficient parameters specified
[  262.793239][ T8102] sctp: [Deprecated]: syz.1.511 (pid 8102) Use of int in maxseg socket option.
[  262.793239][ T8102] Use struct sctp_assoc_value instead
[  262.980958][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  263.211476][   T24] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  263.274354][   T24] usb 4-1: config 0 has no interface number 0
[  263.280560][   T24] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.300887][   T24] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.333640][   T24] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  263.359021][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.400309][   T24] usb 4-1: config 0 descriptor??
[  263.542170][ T8112] netlink: 12 bytes leftover after parsing attributes in process `syz.0.513'.
[  263.844902][ T8114] netlink: 'syz.4.512': attribute type 5 has an invalid length.
[  263.868949][   T24] input: HID 04d9:a055 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:04D9:A055.0001/input/input7
[  264.331705][   T24] holtek_kbd 0003:04D9:A055.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.3-1/input1
[  264.373334][ T8116] serio: Serial port ptm0
[  264.806803][ T8127] trusted_key: encrypted_key: insufficient parameters specified
[  266.350767][ T5932] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  266.518938][ T5932] usb 3-1: Using ep0 maxpacket: 32
[  266.548062][ T5900] usb 4-1: USB disconnect, device number 4
[  266.554993][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  266.555009][   T30] audit: type=1400 audit(1749462363.606:424): avc:  denied  { read } for  pid=8140 comm="syz.3.522" name="usbmon0" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  266.615161][ T8141] usb usb8: usbfs: process 8141 (syz.3.522) did not claim interface 0 before use
[  266.616097][ T5932] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  266.815206][   T30] audit: type=1400 audit(1749462363.636:425): avc:  denied  { open } for  pid=8140 comm="syz.3.522" path="/dev/usbmon0" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  267.033552][ T5932] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  267.058875][ T5932] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  267.174568][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.186010][ T5932] usb 3-1: config 0 descriptor??
[  267.217566][   T30] audit: type=1400 audit(1749462363.666:426): avc:  denied  { write } for  pid=8140 comm="syz.3.522" name="001" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  267.775729][ T8152] xt_ecn: cannot match TCP bits for non-tcp packets
[  267.859993][ T8157] FAULT_INJECTION: forcing a failure.
[  267.859993][ T8157] name failslab, interval 1, probability 0, space 0, times 0
[  267.878837][ T8157] CPU: 0 UID: 0 PID: 8157 Comm: syz.4.526 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  267.878871][ T8157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.878883][ T8157] Call Trace:
[  267.878891][ T8157]  <TASK>
[  267.878903][ T8157]  dump_stack_lvl+0x16c/0x1f0
[  267.878937][ T8157]  should_fail_ex+0x512/0x640
[  267.878963][ T8157]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  267.878989][ T8157]  should_failslab+0xc2/0x120
[  267.879015][ T8157]  __kmalloc_cache_noprof+0x6a/0x3e0
[  267.879038][ T8157]  ? netlbl_cipsov4_add+0x3b8/0x2440
[  267.879067][ T8157]  ? kasan_save_track+0x14/0x30
[  267.879094][ T8157]  netlbl_cipsov4_add+0x3b8/0x2440
[  267.879124][ T8157]  ? __nla_parse+0x40/0x60
[  267.879143][ T8157]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[  267.879173][ T8157]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  267.879201][ T8157]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  267.879233][ T8157]  genl_family_rcv_msg_doit+0x206/0x2f0
[  267.879261][ T8157]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  267.879298][ T8157]  ? bpf_lsm_capable+0x9/0x10
[  267.879317][ T8157]  ? security_capable+0x7e/0x260
[  267.879347][ T8157]  genl_rcv_msg+0x55c/0x800
[  267.879374][ T8157]  ? __pfx_genl_rcv_msg+0x10/0x10
[  267.879398][ T8157]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[  267.879431][ T8157]  ? __lock_acquire+0x622/0x1c90
[  267.879465][ T8157]  netlink_rcv_skb+0x155/0x420
[  267.879486][ T8157]  ? __pfx_genl_rcv_msg+0x10/0x10
[  267.879511][ T8157]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  267.879546][ T8157]  ? netlink_deliver_tap+0x1ae/0xd30
[  267.879575][ T8157]  genl_rcv+0x28/0x40
[  267.879596][ T8157]  netlink_unicast+0x53d/0x7f0
[  267.879638][ T8157]  ? __pfx_netlink_unicast+0x10/0x10
[  267.879669][ T8157]  netlink_sendmsg+0x8d1/0xdd0
[  267.879695][ T8157]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.879729][ T8157]  ____sys_sendmsg+0xa98/0xc70
[  267.879753][ T8157]  ? copy_msghdr_from_user+0x10a/0x160
[  267.879779][ T8157]  ? __pfx_____sys_sendmsg+0x10/0x10
[  267.879817][ T8157]  ___sys_sendmsg+0x134/0x1d0
[  267.879846][ T8157]  ? __pfx____sys_sendmsg+0x10/0x10
[  267.879871][ T8157]  ? __lock_acquire+0x622/0x1c90
[  267.879938][ T8157]  __sys_sendmsg+0x16d/0x220
[  267.879966][ T8157]  ? __pfx___sys_sendmsg+0x10/0x10
[  267.880015][ T8157]  do_syscall_64+0xcd/0x4c0
[  267.880046][ T8157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.880066][ T8157] RIP: 0033:0x7f962a38e929
[  267.880084][ T8157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.880102][ T8157] RSP: 002b:00007f962b245038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  267.880121][ T8157] RAX: ffffffffffffffda RBX: 00007f962a5b5fa0 RCX: 00007f962a38e929
[  267.880135][ T8157] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  267.880147][ T8157] RBP: 00007f962b245090 R08: 0000000000000000 R09: 0000000000000000
[  267.880159][ T8157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.880171][ T8157] R13: 0000000000000000 R14: 00007f962a5b5fa0 R15: 00007ffdadf2cd98
[  267.880200][ T8157]  </TASK>
[  268.183424][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.293013][ T8162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.311197][ T8162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.339562][ T8164] sctp: [Deprecated]: syz.0.527 (pid 8164) Use of int in maxseg socket option.
[  268.339562][ T8164] Use struct sctp_assoc_value instead
[  269.471310][ T5907] usb 3-1: USB disconnect, device number 9
[  269.482796][ T8182] trusted_key: encrypted_key: insufficient parameters specified
[  269.521870][ T8184] netlink: 68 bytes leftover after parsing attributes in process `syz.2.533'.
[  269.961791][ T8178] netlink: 'syz.4.531': attribute type 5 has an invalid length.
[  270.109555][ T8189] xt_policy: neither incoming nor outgoing policy selected
[  271.866206][ T8210] serio: Serial port ptm0
[  272.008781][ T8217] ieee802154 phy0 wpan0: encryption failed: -22
[  272.017126][   T30] audit: type=1400 audit(1749462369.056:427): avc:  denied  { write } for  pid=8216 comm="syz.2.542" path="socket:[17999]" dev="sockfs" ino=17999 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  272.491085][ T8223] sctp: [Deprecated]: syz.2.543 (pid 8223) Use of int in maxseg socket option.
[  272.491085][ T8223] Use struct sctp_assoc_value instead
[  273.152394][ T8229] netlink: 'syz.4.546': attribute type 5 has an invalid length.
[  273.749099][   T30] audit: type=1400 audit(1749462370.786:428): avc:  denied  { getopt } for  pid=8238 comm="syz.2.548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  274.245536][   T30] audit: type=1400 audit(1749462370.996:429): avc:  denied  { create } for  pid=8238 comm="syz.2.548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  275.160884][ T5937] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  275.274824][ T8253] netlink: 'syz.3.549': attribute type 5 has an invalid length.
[  275.628587][ T5937] usb 3-1: Using ep0 maxpacket: 16
[  275.648080][ T5937] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  275.662248][ T5937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  275.684938][ T5937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  275.701952][ T5937] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  275.724116][ T5937] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  275.741914][ T5937] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  275.752139][ T5937] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  275.760176][ T5937] usb 3-1: Manufacturer: syz
[  275.885808][ T5937] usb 3-1: config 0 descriptor??
[  276.535387][   T30] audit: type=1400 audit(1749462373.586:430): avc:  denied  { write } for  pid=8249 comm="syz.2.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  276.771349][ T8267] sctp: [Deprecated]: syz.3.556 (pid 8267) Use of int in maxseg socket option.
[  276.771349][ T8267] Use struct sctp_assoc_value instead
[  277.430462][ T8251] nfs4: Unknown parameter '
PL'
[  277.489269][ T8275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.561120][ T8275] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.571573][ T5937] rc_core: IR keymap rc-hauppauge not found
[  277.577978][ T5937] Registered IR keymap rc-empty
[  277.763498][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  277.790835][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  277.832207][ T5937] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  277.862558][ T5937] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input10
[  277.882040][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  277.913562][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  277.940294][   T36] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  277.951194][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  277.970821][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.061331][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.193376][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.248548][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.341348][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.360888][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.390847][ T5937] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  278.412345][ T5937] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  278.420843][ T5937] mceusb 3-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  278.441149][ T5937] usb 3-1: USB disconnect, device number 10
[  278.520838][ T5907] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  278.678004][ T5907] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.680019][ T8291] FAULT_INJECTION: forcing a failure.
[  278.680019][ T8291] name failslab, interval 1, probability 0, space 0, times 0
[  278.690364][ T5907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  278.703534][ T8291] CPU: 0 UID: 0 PID: 8291 Comm: syz.4.564 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  278.703563][ T8291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  278.703575][ T8291] Call Trace:
[  278.703581][ T8291]  <TASK>
[  278.703589][ T8291]  dump_stack_lvl+0x16c/0x1f0
[  278.703619][ T8291]  should_fail_ex+0x512/0x640
[  278.703644][ T8291]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  278.703673][ T8291]  should_failslab+0xc2/0x120
[  278.703699][ T8291]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  278.703723][ T8291]  ? __alloc_skb+0x2b2/0x380
[  278.703761][ T8291]  __alloc_skb+0x2b2/0x380
[  278.703786][ T8291]  ? __pfx___alloc_skb+0x10/0x10
[  278.703812][ T8291]  ? genl_rcv_msg+0x4bb/0x800
[  278.703843][ T8291]  netlink_ack+0x15d/0xb80
[  278.703865][ T8291]  ? __lock_acquire+0x622/0x1c90
[  278.703897][ T8291]  netlink_rcv_skb+0x332/0x420
[  278.703917][ T8291]  ? __pfx_genl_rcv_msg+0x10/0x10
[  278.703941][ T8291]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  278.703974][ T8291]  ? netlink_deliver_tap+0x1ae/0xd30
[  278.703992][ T8291]  ? is_vmalloc_addr+0x86/0xa0
[  278.704018][ T8291]  genl_rcv+0x28/0x40
[  278.704037][ T8291]  netlink_unicast+0x53d/0x7f0
[  278.704061][ T8291]  ? __pfx_netlink_unicast+0x10/0x10
[  278.704090][ T8291]  netlink_sendmsg+0x8d1/0xdd0
[  278.704114][ T8291]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.704147][ T8291]  ____sys_sendmsg+0xa98/0xc70
[  278.704169][ T8291]  ? copy_msghdr_from_user+0x10a/0x160
[  278.704194][ T8291]  ? __pfx_____sys_sendmsg+0x10/0x10
[  278.704229][ T8291]  ___sys_sendmsg+0x134/0x1d0
[  278.704257][ T8291]  ? __pfx____sys_sendmsg+0x10/0x10
[  278.704280][ T8291]  ? __lock_acquire+0x622/0x1c90
[  278.704343][ T8291]  __sys_sendmsg+0x16d/0x220
[  278.704369][ T8291]  ? __pfx___sys_sendmsg+0x10/0x10
[  278.704416][ T8291]  do_syscall_64+0xcd/0x4c0
[  278.704444][ T8291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.704463][ T8291] RIP: 0033:0x7f962a38e929
[  278.704479][ T8291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.704497][ T8291] RSP: 002b:00007f962b245038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.704516][ T8291] RAX: ffffffffffffffda RBX: 00007f962a5b5fa0 RCX: 00007f962a38e929
[  278.704528][ T8291] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  278.704540][ T8291] RBP: 00007f962b245090 R08: 0000000000000000 R09: 0000000000000000
[  278.704551][ T8291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.704562][ T8291] R13: 0000000000000000 R14: 00007f962a5b5fa0 R15: 00007ffdadf2cd98
[  278.704589][ T8291]  </TASK>
[  278.758456][ T8293] netlink: 16 bytes leftover after parsing attributes in process `syz.4.565'.
[  278.762381][ T5907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  279.014093][ T5907] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  279.028231][ T5907] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  279.037598][ T5907] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  279.045683][ T5907] usb 4-1: Manufacturer: syz
[  279.052615][ T5907] usb 4-1: config 0 descriptor??
[  279.064737][ T8298] netlink: 'syz.4.566': attribute type 5 has an invalid length.
[  280.181128][   T30] audit: type=1400 audit(1749462377.146:431): avc:  denied  { append } for  pid=8283 comm="syz.3.561" name="sg0" dev="devtmpfs" ino=783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  280.339515][   T30] audit: type=1400 audit(1749462377.156:432): avc:  denied  { open } for  pid=8283 comm="syz.3.561" path="/dev/sg0" dev="devtmpfs" ino=783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  280.388995][   T30] audit: type=1400 audit(1749462377.206:433): avc:  denied  { ioctl } for  pid=8283 comm="syz.3.561" path="/dev/sg0" dev="devtmpfs" ino=783 ioctlcmd=0x227a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  280.535888][   T30] audit: type=1400 audit(1749462377.586:434): avc:  denied  { sqpoll } for  pid=8309 comm="syz.2.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  280.596917][ T8311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.570'.
[  280.631111][ T5907] rc_core: IR keymap rc-hauppauge not found
[  280.641281][ T5907] Registered IR keymap rc-empty
[  280.646285][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  280.675282][ T8311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.570'.
[  280.686824][ T8311] nfs: Unknown parameter '$'
[  280.689285][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  280.697204][ T8311] lo speed is unknown, defaulting to 1000
[  280.704701][ T8311] lo speed is unknown, defaulting to 1000
[  280.723930][ T8311] lo speed is unknown, defaulting to 1000
[  280.759673][ T5907] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  280.916866][ T8311] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  280.963059][ T5907] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input11
[  281.180632][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.198676][ T8311] infiniband s: RDMA CMA: cma_listen_on_dev, error -98
[  281.250874][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.282371][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.323550][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.413711][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.440847][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.476241][ T8311] lo speed is unknown, defaulting to 1000
[  281.482397][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.508288][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.514563][ T8311] lo speed is unknown, defaulting to 1000
[  281.555818][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.564909][ T8311] lo speed is unknown, defaulting to 1000
[  281.578680][ T8311] lo speed is unknown, defaulting to 1000
[  281.589965][ T8311] lo speed is unknown, defaulting to 1000
[  281.596071][ T5907] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  281.729072][ T5907] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  281.801594][ T5907] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  281.831176][ T5907] usb 4-1: USB disconnect, device number 5
[  282.151071][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  282.552676][ T8338] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=8338 comm=syz.0.579
[  282.570411][ T8338] netlink: 68 bytes leftover after parsing attributes in process `syz.0.579'.
[  282.744363][ T8351] loop6: detected capacity change from 0 to 7
[  282.753091][ T8351] buffer_io_error: 4 callbacks suppressed
[  282.753130][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.767502][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.776072][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.784577][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.793268][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.801863][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.810330][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.818593][ T8351] ldm_validate_partition_table(): Disk read failed.
[  282.825501][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.834011][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.842427][ T8351] Buffer I/O error on dev loop6, logical block 0, async page read
[  282.851081][ T8351] Dev loop6: unable to read RDB block 0
[  282.858226][ T8351]  loop6: unable to read partition table
[  282.864936][ T8351] loop6: partition table beyond EOD, truncated
[  282.871353][ T8351] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  282.871353][ T8351] 
) failed (rc=-5)
[  283.135994][ T8357] netlink: 68 bytes leftover after parsing attributes in process `syz.0.584'.
[  283.226223][   T30] audit: type=1400 audit(1749462380.266:435): avc:  denied  { execute } for  pid=8356 comm="syz.4.583" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  284.590956][   T24] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  284.593145][ T8378] serio: Serial port ptm0
[  284.900873][   T24] usb 5-1: Using ep0 maxpacket: 16
[  285.282640][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 196, changing to 11
[  285.317462][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  285.330747][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25670, setting to 1024
[  285.331539][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  285.378352][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  285.391126][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  285.408990][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  285.409027][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  285.495661][   T24] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  285.527425][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.553039][   T24] usb 5-1: config 0 descriptor??
[  285.555387][ T8383] lo speed is unknown, defaulting to 1000
[  285.558830][ T8370] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  285.577692][   T24] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input12
[  285.741049][ T5937] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  285.970881][ T5937] usb 4-1: Using ep0 maxpacket: 32
[  285.983479][ T8383] chnl_net:caif_netlink_parms(): no params data found
[  286.042584][ T5937] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88
[  286.086045][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  286.122873][ T8401] netlink: 12 bytes leftover after parsing attributes in process `syz.2.595'.
[  286.143079][ T5937] usb 4-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  286.160705][ T5937] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.183881][ T5937] usb 4-1: Product: syz
[  286.191845][ T5937] usb 4-1: Manufacturer: syz
[  286.201457][ T5937] usb 4-1: SerialNumber: syz
[  286.230452][ T5937] usb 4-1: config 0 descriptor??
[  286.246203][ T8358] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.255736][ T5937] usb 4-1: no audio or video endpoints found
[  286.322470][ T8358] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.388184][ T8383] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.399449][ T8383] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.406937][ T8383] bridge_slave_0: entered allmulticast mode
[  286.416132][ T8383] bridge_slave_0: entered promiscuous mode
[  286.428867][ T8383] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.429219][ T5907] usb 5-1: USB disconnect, device number 4
[  286.436540][ T8383] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.456779][ T8383] bridge_slave_1: entered allmulticast mode
[  286.457615][ T8388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.473558][ T8383] bridge_slave_1: entered promiscuous mode
[  286.478097][ T8388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.709248][ T8383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.759560][ T8383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.789450][ T8388] lo speed is unknown, defaulting to 1000
[  286.809944][ T8407] netlink: 12 bytes leftover after parsing attributes in process `syz.3.592'.
[  286.873273][ T8383] team0: Port device team_slave_0 added
[  286.891209][ T8383] team0: Port device team_slave_1 added
[  287.138055][ T8383] batman_adv: batadv0: Adding interface: batadv_slave_0
[  287.145384][ T8383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.177910][ T8383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  287.192537][ T5937] usb 4-1: USB disconnect, device number 6
[  287.205533][ T8383] batman_adv: batadv0: Adding interface: batadv_slave_1
[  287.212801][ T8383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.238734][    C0] vkms_vblank_simulate: vblank timer overrun
[  287.245861][ T8383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  287.311383][ T8414] netlink: 12 bytes leftover after parsing attributes in process `syz.0.596'.
[  287.510171][ T8383] hsr_slave_0: entered promiscuous mode
[  287.519257][ T8383] hsr_slave_1: entered promiscuous mode
[  287.526556][   T51] Bluetooth: hci5: command tx timeout
[  287.537111][ T8383] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  288.089213][ T8383] Cannot create hsr debugfs directory
[  289.201196][ T5937] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  289.350809][ T5937] usb 4-1: Using ep0 maxpacket: 32
[  289.446054][ T5937] usb 4-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6
[  289.468610][ T5937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.610966][   T51] Bluetooth: hci5: command tx timeout
[  289.666413][ T5937] usb 4-1: config 0 descriptor??
[  290.517595][ T8383] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  290.526978][ T5937] usb 4-1: dvb_usb_v2: found a 'Anysee' in warm state
[  290.537632][ T5937] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  290.548192][ T5937] dvb_usb_anysee 4-1:0.0: probe with driver dvb_usb_anysee failed with error -22
[  290.561146][ T8383] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  290.576159][ T8383] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  290.762924][ T8383] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  290.790846][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  291.535405][ T8383] 8021q: adding VLAN 0 to HW filter on device bond0
[  291.614258][ T8383] 8021q: adding VLAN 0 to HW filter on device team0
[  291.645214][ T3514] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.652505][ T3514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.690320][   T51] Bluetooth: hci5: command tx timeout
[  291.708423][ T3514] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.715659][ T3514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.759530][ T8383] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  291.832781][ T5930] usb 4-1: USB disconnect, device number 7
[  291.921421][ T8458] netlink: 'syz.4.605': attribute type 5 has an invalid length.
[  291.965423][   T30] audit: type=1400 audit(1749462389.016:436): avc:  denied  { write } for  pid=8464 comm="syz.3.608" name="ptp0" dev="devtmpfs" ino=1266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  293.055359][ T8383] 8021q: adding VLAN 0 to HW filter on device batadv0
[  293.238854][ T8477] netlink: 12 bytes leftover after parsing attributes in process `syz.0.609'.
[  293.751693][   T51] Bluetooth: hci5: command tx timeout
[  294.369730][ T8491] netlink: 88 bytes leftover after parsing attributes in process `syz.4.613'.
[  294.524447][ T8492] usb usb8: usbfs: process 8492 (syz.2.611) did not claim interface 0 before use
[  295.345865][ T8502] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  295.731851][   T30] audit: type=1326 audit(1749462392.726:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8497 comm="syz.3.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7fc00000
[  295.802998][ T8383] veth0_vlan: entered promiscuous mode
[  295.875807][ T8383] veth1_vlan: entered promiscuous mode
[  296.231605][ T8383] veth0_macvtap: entered promiscuous mode
[  296.539703][ T8383] veth1_macvtap: entered promiscuous mode
[  297.158840][ T8383] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.221185][ T8383] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.692295][ T8383] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.785688][ T8383] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.795973][ T8383] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.810839][ T8383] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.025411][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.037172][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.612351][ T3514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.625503][ T3514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.829834][ T8536] netlink: 88 bytes leftover after parsing attributes in process `syz.4.624'.
[  301.644245][   T30] audit: type=1400 audit(1749462398.696:438): avc:  denied  { override_creds } for  pid=8559 comm="syz.0.629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  301.787400][   T30] audit: type=1400 audit(1749462398.736:439): avc:  denied  { create } for  pid=8559 comm="syz.0.629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  301.821238][   T30] audit: type=1400 audit(1749462398.736:440): avc:  denied  { ioctl } for  pid=8559 comm="syz.0.629" path="socket:[19831]" dev="sockfs" ino=19831 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  302.620197][ T8587] serio: Serial port ptm0
[  302.693412][ T8584] netlink: 12 bytes leftover after parsing attributes in process `syz.5.630'.
[  304.897272][ T5900] libceph: connect (1)[c::]:6789 error -101
[  304.903541][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  304.939775][ T8600] ceph: No mds server is up or the cluster is laggy
[  305.241172][ T5900] libceph: connect (1)[c::]:6789 error -101
[  305.247316][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  306.479710][ T8616] netlink: 12 bytes leftover after parsing attributes in process `syz.5.641'.
[  306.825937][ T8622] xt_policy: neither incoming nor outgoing policy selected
[  307.431104][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  308.120107][   T30] audit: type=1400 audit(1749462405.166:441): avc:  denied  { connect } for  pid=8635 comm="syz.4.647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  309.090792][   T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  309.382129][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.467061][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  310.131370][   T24] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  310.141432][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.170844][ T8651] mkiss: ax0: crc mode is auto.
[  310.171523][   T24] usb 5-1: config 0 descriptor??
[  310.401030][ T8651] netlink: 'syz.0.650': attribute type 39 has an invalid length.
[  310.723055][   T24] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0
[  310.740867][   T24] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[  310.782958][ T8649] serio: Serial port ptm0
[  310.951519][   T24] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE
[  311.661594][ T8657] ALSA: mixer_oss: invalid OSS volume ''
[  311.667288][ T8657] ALSA: mixer_oss: invalid OSS volume '
�=x�F}��T���w�<�L3}�(
�>xiT'
[  311.675879][ T8657] ALSA: mixer_oss: invalid OSS volume '���-��l#Y|ح6�����U(<�QM�a�'
[  311.684339][ T8657] ALSA: mixer_oss: invalid OSS volume '͸�$��S�E���m'
[  311.691327][ T8657] ALSA: mixer_oss: invalid OSS volume '��"ݝѪ��<���=r<迱q?H�#��K'
[  311.699676][ T8657] ALSA: mixer_oss: invalid OSS volume 'R�'
[  311.705485][ T8657] ALSA: mixer_oss: invalid OSS volume '��#@O&�C�RK�g.m�K��KCH̛�5�'
[  311.713913][ T8657] ALSA: mixer_oss: invalid OSS volume 'ؖ��?�*��dL��azY��7��Kء�`��'
[  311.722380][ T8657] ALSA: mixer_oss: invalid OSS volume ')�m�<^�/{��hM�c�t�<!�ȼ豵'
[  311.730748][ T8657] ALSA: mixer_oss: invalid OSS volume '�D1{tn���O�t�
^�e��6��p�'
[  311.739078][ T8657] ALSA: mixer_oss: invalid OSS volume '������e��H��>q�e�?�oO���+P�g'
[  311.747914][ T8657] ALSA: mixer_oss: invalid OSS volume '��N�gU�Hٕ��`҉4�3c���s%'
[  311.756060][ T8657] ALSA: mixer_oss: invalid OSS volume '���@6����D�Y�u��e��r����a
'
[  311.764429][ T8657] ALSA: mixer_oss: invalid OSS volume 'uB�)ҔG:V�ܢ
\�'
[  311.771376][ T8657] ALSA: mixer_oss: invalid OSS volume '&�q��S4+UY=�v�B:1��M��>��A'
[  311.779702][ T8657] ALSA: mixer_oss: invalid OSS volume '��W)eY�
锽*�G{E����*F�9�:n߇�'
[  311.999855][   T30] audit: type=1400 audit(1749462409.046:442): avc:  denied  { read write } for  pid=8665 comm="syz.5.654" name="sg0" dev="devtmpfs" ino=783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  312.140899][ T5907] usb 5-1: reset high-speed USB device number 5 using dummy_hcd
[  312.507258][ T8668] sctp: [Deprecated]: syz.3.656 (pid 8668) Use of int in maxseg socket option.
[  312.507258][ T8668] Use struct sctp_assoc_value instead
[  312.820835][   T30] audit: type=1400 audit(1749462409.616:443): avc:  denied  { write } for  pid=8635 comm="syz.4.647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  313.400929][ T5900] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  313.568785][ T8685] netlink: 68 bytes leftover after parsing attributes in process `syz.0.660'.
[  313.694096][ T5900] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  313.709676][ T5900] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  314.298576][ T5900] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  314.314291][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  314.326737][ T5900] usb 4-1: SerialNumber: syz
[  314.502267][   T24] usb 5-1: USB disconnect, device number 5
[  314.958837][   T30] audit: type=1400 audit(1749462411.736:444): avc:  denied  { mount } for  pid=8693 comm="syz.2.663" name="/" dev="rpc_pipefs" ino=20661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  315.004912][ T8704] netlink: 88 bytes leftover after parsing attributes in process `syz.4.666'.
[  315.277667][   T30] audit: type=1400 audit(1749462412.326:445): avc:  denied  { map } for  pid=8678 comm="syz.3.659" path="/dev/udmabuf" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  315.372429][ T5900] usb 4-1: 0:2 : does not exist
[  315.822453][ T5900] usb 4-1: USB disconnect, device number 8
[  316.559251][   T30] audit: type=1400 audit(1749462413.606:446): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  316.890467][ T8719] xt_policy: neither incoming nor outgoing policy selected
[  317.556317][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.566244][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  317.619833][   T30] audit: type=1400 audit(1749462414.656:447): avc:  denied  { ioctl } for  pid=8720 comm="syz.4.670" path="socket:[20152]" dev="sockfs" ino=20152 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  317.835869][   T30] audit: type=1400 audit(1749462414.826:448): avc:  denied  { setopt } for  pid=8720 comm="syz.4.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  319.248693][   T30] audit: type=1400 audit(1749462416.296:449): avc:  denied  { ioctl } for  pid=8735 comm="syz.0.675" path="socket:[20175]" dev="sockfs" ino=20175 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  319.301402][ T8736] netlink: 8 bytes leftover after parsing attributes in process `syz.2.674'.
[  319.350386][   T30] audit: type=1400 audit(1749462416.326:450): avc:  denied  { read append } for  pid=8735 comm="syz.0.675" name="mice" dev="devtmpfs" ino=917 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  320.540958][   T30] audit: type=1400 audit(1749462416.326:451): avc:  denied  { open } for  pid=8735 comm="syz.0.675" path="/dev/input/mice" dev="devtmpfs" ino=917 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  320.832747][ T5932] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  320.840611][   T30] audit: type=1400 audit(1749462416.326:452): avc:  denied  { ioctl } for  pid=8735 comm="syz.0.675" path="/dev/input/mice" dev="devtmpfs" ino=917 ioctlcmd=0x8934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  321.051510][ T5932] usb 3-1: Using ep0 maxpacket: 8
[  321.223381][ T5932] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  321.287141][ T8750] xt_cluster: node mask cannot exceed total number of nodes
[  321.425783][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.528335][ T8762] xt_policy: neither incoming nor outgoing policy selected
[  321.539458][ T5932] usb 3-1: config 0 descriptor??
[  322.466258][ T5932] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  322.476493][ T5932] asix 3-1:0.0: probe with driver asix failed with error -71
[  322.490091][ T5932] usb 3-1: USB disconnect, device number 11
[  323.130794][ T8781] netlink: 12 bytes leftover after parsing attributes in process `syz.3.687'.
[  323.183848][ T8784] netlink: 320 bytes leftover after parsing attributes in process `syz.4.688'.
[  323.193153][ T8784] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  324.362437][ T5937] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  324.465978][ T8805] netlink: 68 bytes leftover after parsing attributes in process `syz.0.694'.
[  324.601404][ T5937] usb 5-1: device descriptor read/64, error -71
[  324.626021][ T8809] input: syz0 as /devices/virtual/input/input13
[  324.911475][ T5937] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  325.015752][   T30] audit: type=1400 audit(1749462422.066:453): avc:  denied  { create } for  pid=8822 comm="syz.0.701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  325.061224][ T5937] usb 5-1: device descriptor read/64, error -71
[  325.200945][ T5900] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  325.395604][ T5937] usb usb5-port1: attempt power cycle
[  325.674043][ T5900] usb 6-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=c7.7e
[  325.695744][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=6, SerialNumber=3
[  326.266484][ T5937] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  326.291221][ T5900] usb 6-1: Product: syz
[  326.295685][ T5900] usb 6-1: Manufacturer: syz
[  326.373508][ T5900] usb 6-1: SerialNumber: syz
[  326.382262][ T5900] usb 6-1: config 0 descriptor??
[  326.425488][ T5900] mvusb_mdio 6-1:0.0: probe with driver mvusb_mdio failed with error -5
[  327.282570][   T30] audit: type=1400 audit(1749462424.336:454): avc:  denied  { write } for  pid=8808 comm="syz.5.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  327.447731][ T5937] usb 5-1: device descriptor read/8, error -71
[  327.480978][  T974] usb 6-1: USB disconnect, device number 2
[  327.585549][   T30] audit: type=1400 audit(1749462424.626:455): avc:  denied  { setopt } for  pid=8837 comm="syz.2.705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  327.956278][   T30] audit: type=1400 audit(1749462425.006:456): avc:  denied  { ioctl } for  pid=8847 comm="syz.4.707" path="socket:[21118]" dev="sockfs" ino=21118 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  329.445965][ T8869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.713'.
[  329.467225][ T8869] netlink: 88 bytes leftover after parsing attributes in process `syz.2.713'.
[  330.363913][ T8877] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  332.725185][ T8896] bond0: entered promiscuous mode
[  332.730423][ T8896] bond_slave_0: entered promiscuous mode
[  332.736808][ T8896] bond_slave_1: entered promiscuous mode
[  332.761485][ T8895] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.718'.
[  333.912392][ T8905] loop6: detected capacity change from 0 to 7
[  333.921235][ T8905] buffer_io_error: 4 callbacks suppressed
[  333.921268][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.935745][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.944399][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.952978][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.961660][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.970494][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.979067][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.987394][ T8905] ldm_validate_partition_table(): Disk read failed.
[  333.994433][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  334.003083][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  334.011705][ T8905] Buffer I/O error on dev loop6, logical block 0, async page read
[  334.020533][ T8905] Dev loop6: unable to read RDB block 0
[  334.027667][ T8905]  loop6: unable to read partition table
[  334.034407][ T8905] loop6: partition table beyond EOD, truncated
[  334.040835][ T8905] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  334.040835][ T8905] 
) failed (rc=-5)
[  334.280716][ T5930] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  334.560800][ T5930] usb 3-1: Using ep0 maxpacket: 16
[  334.567696][ T5930] usb 3-1: config 16 has too many interfaces: 68, using maximum allowed: 32
[  334.579101][ T5930] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  334.594787][ T8911] sctp: [Deprecated]: syz.0.724 (pid 8911) Use of int in maxseg socket option.
[  334.594787][ T8911] Use struct sctp_assoc_value instead
[  334.609245][ T5930] usb 3-1: config 16 has 1 interface, different from the descriptor's value: 68
[  334.625960][ T5930] usb 3-1: New USB device found, idVendor=07c4, idProduct=a103, bcdDevice=94.38
[  334.651996][ T5930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.660133][ T5930] usb 3-1: Product: syz
[  334.666830][ T5930] usb 3-1: Manufacturer: syz
[  334.673955][ T5930] usb 3-1: SerialNumber: syz
[  335.356721][ T5930] ums-sddr55 3-1:16.0: USB Mass Storage device detected
[  335.473193][ T5930] ums-sddr55 3-1:16.0: Quirks match for vid 07c4 pid a103: 8
[  335.882946][ T8926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.726'.
[  335.907886][ T8926] netlink: 88 bytes leftover after parsing attributes in process `syz.2.726'.
[  336.135640][ T5930] usb 3-1: USB disconnect, device number 12
[  337.589970][ T8955] trusted_key: encrypted_key: key user:syz not found
[  338.722340][ T8967] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.735'.
[  340.071157][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  340.294223][ T8980] netlink: 8 bytes leftover after parsing attributes in process `syz.0.741'.
[  340.316773][ T8979] netlink: 88 bytes leftover after parsing attributes in process `syz.0.741'.
[  340.597024][ T8984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.739'.
[  340.601166][ T8983] sctp: [Deprecated]: syz.5.740 (pid 8983) Use of int in maxseg socket option.
[  340.601166][ T8983] Use struct sctp_assoc_value instead
[  340.789724][ T8984] netlink: 88 bytes leftover after parsing attributes in process `syz.2.739'.
[  342.578860][ T9004] syzkaller0: entered promiscuous mode
[  342.604636][ T9004] syzkaller0: entered allmulticast mode
[  343.413834][ T5937] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  343.725138][ T5937] usb 5-1: Using ep0 maxpacket: 8
[  343.749782][ T5937] usb 5-1: config 5 has an invalid interface number: 202 but max is 0
[  343.762975][ T5937] usb 5-1: config 5 has an invalid interface number: 48 but max is 0
[  343.785343][ T5937] usb 5-1: config 5 has an invalid interface number: 7 but max is 0
[  343.856633][ T5937] usb 5-1: config 5 has 3 interfaces, different from the descriptor's value: 1
[  343.873214][ T5937] usb 5-1: config 5 has no interface number 0
[  343.896577][ T5937] usb 5-1: config 5 has no interface number 1
[  343.909722][ T5937] usb 5-1: config 5 has no interface number 2
[  343.941769][ T5937] usb 5-1: config 5 interface 202 altsetting 9 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  344.010798][ T5937] usb 5-1: config 5 interface 202 altsetting 9 endpoint 0x3 has an invalid bInterval 129, changing to 7
[  344.033514][ T5937] usb 5-1: config 5 interface 202 altsetting 9 endpoint 0x5 has an invalid bInterval 255, changing to 11
[  344.054804][ T5937] usb 5-1: config 5 interface 202 altsetting 9 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  344.070522][ T5937] usb 5-1: config 5 interface 202 altsetting 9 has a duplicate endpoint with address 0x5, skipping
[  344.092138][ T5937] usb 5-1: config 5 interface 202 altsetting 9 has 6 endpoint descriptors, different from the interface descriptor's value: 8
[  344.282140][ T9037] netlink: 224 bytes leftover after parsing attributes in process `syz.5.753'.
[  344.710070][ T5937] usb 5-1: too many endpoints for config 5 interface 48 altsetting 60: 76, using maximum allowed: 30
[  344.723505][ T9035] netlink: 8 bytes leftover after parsing attributes in process `syz.2.754'.
[  344.750266][ T5937] usb 5-1: config 5 interface 48 altsetting 60 has a duplicate endpoint with address 0x2, skipping
[  344.901161][ T5937] usb 5-1: config 5 interface 48 altsetting 60 has 1 endpoint descriptor, different from the interface descriptor's value: 76
[  344.914308][ T5937] usb 5-1: too many endpoints for config 5 interface 7 altsetting 192: 138, using maximum allowed: 30
[  344.930734][ T5937] usb 5-1: config 5 interface 7 altsetting 192 has 1 endpoint descriptor, different from the interface descriptor's value: 138
[  345.470983][ T9035] netlink: 88 bytes leftover after parsing attributes in process `syz.2.754'.
[  345.500583][ T5937] usb 5-1: config 5 interface 202 has no altsetting 0
[  345.521379][ T5937] usb 5-1: config 5 interface 48 has no altsetting 0
[  345.537890][ T5937] usb 5-1: config 5 interface 7 has no altsetting 0
[  345.564473][ T5937] usb 5-1: New USB device found, idVendor=19d2, idProduct=000b, bcdDevice=ea.5d
[  345.573887][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.809893][ T5937] usb 5-1: Product: syz
[  345.829580][ T5937] usb 5-1: Manufacturer: syz
[  345.836175][ T5937] usb 5-1: SerialNumber: syz
[  346.122784][ T5937] option 5-1:5.202: GSM modem (1-port) converter detected
[  346.307364][ T5930] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  346.338845][ T5937] usb 5-1: USB disconnect, device number 10
[  346.367147][ T5937] option 5-1:5.202: device disconnected
[  346.561584][ T5930] usb 4-1: Using ep0 maxpacket: 32
[  347.015254][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  347.035964][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  347.046533][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  347.064121][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  347.078952][ T5930] usb 4-1: New USB device found, idVendor=17dd, idProduct=5500, bcdDevice=f3.5e
[  347.088784][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.097787][ T5930] usb 4-1: Product: syz
[  347.105247][ T5930] usb 4-1: Manufacturer: syz
[  347.110329][ T5930] usb 4-1: SerialNumber: syz
[  347.129937][ T5930] usb 4-1: config 0 descriptor??
[  347.321808][ T5930] cypress_m8 4-1:0.0: HID->COM RS232 Adapter converter detected
[  347.372693][ T5930] cyphidcom ttyUSB0: required endpoint is missing
[  348.166731][ T9062] serio: Serial port ptm0
[  348.246370][   T30] audit: type=1326 audit(1749462445.286:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.276084][ T9066] netlink: 28 bytes leftover after parsing attributes in process `syz.4.762'.
[  348.296996][ T5937] usb 4-1: USB disconnect, device number 9
[  348.304349][ T5937] cypress_m8 4-1:0.0: device disconnected
[  348.630941][   T30] audit: type=1326 audit(1749462445.286:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.717028][   T30] audit: type=1326 audit(1749462445.706:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.740808][   T30] audit: type=1326 audit(1749462445.706:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.764170][   T30] audit: type=1326 audit(1749462445.736:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.809825][   T30] audit: type=1326 audit(1749462445.736:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.839055][   T30] audit: type=1326 audit(1749462445.736:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.917686][   T30] audit: type=1326 audit(1749462445.736:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  348.946705][   T30] audit: type=1326 audit(1749462445.736:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  349.050913][   T30] audit: type=1326 audit(1749462445.736:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7ffc0000
[  350.160941][ T5930] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  350.328202][ T5930] usb 6-1: Using ep0 maxpacket: 32
[  350.339098][ T5930] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  350.350307][ T5930] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  350.360271][ T5930] usb 6-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[  350.369537][ T5930] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.381842][ T5930] usb 6-1: config 0 descriptor??
[  350.754771][ T9092] netlink: 80 bytes leftover after parsing attributes in process `syz.5.767'.
[  351.043730][ T5930] greenasia 0003:0E8F:0012.0003: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.5-1/input0
[  351.055634][ T5930] greenasia 0003:0E8F:0012.0003: no inputs found
[  351.346112][   T24] usb 6-1: USB disconnect, device number 3
[  351.411914][ T9100] netlink: 'syz.2.768': attribute type 1 has an invalid length.
[  351.781253][ T9100] netlink: 244 bytes leftover after parsing attributes in process `syz.2.768'.
[  353.730897][   T24] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  353.993060][   T24] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  354.000530][   T24] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  354.042100][   T24] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  354.408299][   T24] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  354.534307][ T9136] xt_policy: neither incoming nor outgoing policy selected
[  354.937637][   T24] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  355.728046][ T9147] netlink: 'syz.0.782': attribute type 3 has an invalid length.
[  355.735859][ T9147] netlink: 'syz.0.782': attribute type 1 has an invalid length.
[  355.743600][ T9147] netlink: 220 bytes leftover after parsing attributes in process `syz.0.782'.
[  356.099069][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  356.099089][   T30] audit: type=1400 audit(1749462452.756:483): avc:  denied  { ioctl } for  pid=9144 comm="syz.0.782" path="socket:[21974]" dev="sockfs" ino=21974 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  356.659667][ T9154] xt_policy: neither incoming nor outgoing policy selected
[  360.036978][   T24] usb 5-1: unable to read config index 1 descriptor/start: -110
[  360.045473][   T24] usb 5-1: can't read configurations, error -110
[  360.236925][ T9189] xt_policy: neither incoming nor outgoing policy selected
[  360.699001][   T24] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[  361.131215][ T9196] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  361.185414][   T24] usb 5-1: device descriptor read/64, error -32
[  361.488089][   T30] audit: type=1326 audit(1749462458.526:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  361.498712][   T24] usb usb5-port1: attempt power cycle
[  361.755514][   T30] audit: type=1326 audit(1749462458.526:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  361.903473][   T30] audit: type=1326 audit(1749462458.526:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  361.984309][   T30] audit: type=1326 audit(1749462458.526:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  362.383645][   T30] audit: type=1326 audit(1749462458.526:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  362.552851][   T30] audit: type=1326 audit(1749462458.526:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  362.583111][   T30] audit: type=1326 audit(1749462458.526:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  362.607482][   T30] audit: type=1326 audit(1749462458.526:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  362.631578][   T30] audit: type=1326 audit(1749462458.526:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  362.655537][   T30] audit: type=1326 audit(1749462458.526:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.5.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  363.543705][ T9225] netlink: 224 bytes leftover after parsing attributes in process `syz.2.802'.
[  363.843480][ T9224] 9pnet_fd: Insufficient options for proto=fd
[  366.792965][ T9260] netlink: 68 bytes leftover after parsing attributes in process `syz.2.811'.
[  367.291575][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  367.305452][ T9270] netlink: 12 bytes leftover after parsing attributes in process `syz.5.813'.
[  367.314555][ T9270] bridge_slave_1: left allmulticast mode
[  367.320259][ T9270] bridge_slave_1: left promiscuous mode
[  367.326149][ T9270] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.393062][ T9270] bridge_slave_0: left allmulticast mode
[  367.399845][ T9270] bridge_slave_0: left promiscuous mode
[  367.407028][ T9270] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.642964][   T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  367.678993][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.714858][   T24] usb 5-1: Product: syz
[  367.850411][   T24] usb 5-1: Manufacturer: syz
[  367.871388][   T24] usb 5-1: SerialNumber: syz
[  367.883714][   T24] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  367.923007][ T5907] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  367.950611][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  367.950630][   T30] audit: type=1400 audit(1749462464.966:552): avc:  denied  { firmware_load } for  pid=5907 comm="kworker/1:6" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  367.982758][    C1] vkms_vblank_simulate: vblank timer overrun
[  368.638532][   T10] usb 5-1: USB disconnect, device number 14
[  369.812537][ T5907] usb 5-1: Service connection timeout for: 256
[  369.818759][ T5907] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services
[  369.858398][ T5907] ath9k_htc: Failed to initialize the device
[  369.910759][ T9284] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  369.995120][   T10] usb 5-1: ath9k_htc: USB layer deinitialized
[  371.000165][   T30] audit: type=1326 audit(1749462467.236:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9279 comm="syz.3.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7fc00000
[  371.236331][   T30] audit: type=1400 audit(1749462468.236:554): avc:  denied  { read } for  pid=9282 comm="syz.2.818" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  371.399090][ T9296] loop6: detected capacity change from 0 to 7
[  371.407715][ T9296] buffer_io_error: 4 callbacks suppressed
[  371.407747][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.422233][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.430958][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.439391][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.448379][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.457046][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.465619][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.473872][ T9296] ldm_validate_partition_table(): Disk read failed.
[  371.480827][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.489244][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.497817][ T9296] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.506664][ T9296] Dev loop6: unable to read RDB block 0
[  371.514077][ T9296]  loop6: unable to read partition table
[  371.520860][ T9296] loop6: partition table beyond EOD, truncated
[  371.527161][ T9296] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  371.527161][ T9296] 
) failed (rc=-5)
[  371.641419][   T30] audit: type=1400 audit(1749462468.236:555): avc:  denied  { open } for  pid=9282 comm="syz.2.818" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  371.834341][ T9299] FAULT_INJECTION: forcing a failure.
[  371.834341][ T9299] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.847595][ T9299] CPU: 1 UID: 0 PID: 9299 Comm: syz.3.821 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  371.847624][ T9299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  371.847640][ T9299] Call Trace:
[  371.847647][ T9299]  <TASK>
[  371.847655][ T9299]  dump_stack_lvl+0x16c/0x1f0
[  371.847689][ T9299]  should_fail_ex+0x512/0x640
[  371.847718][ T9299]  _copy_from_user+0x2e/0xd0
[  371.847746][ T9299]  copy_msghdr_from_user+0x98/0x160
[  371.847775][ T9299]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  371.847817][ T9299]  ___sys_sendmsg+0xfe/0x1d0
[  371.847846][ T9299]  ? __pfx____sys_sendmsg+0x10/0x10
[  371.847871][ T9299]  ? __lock_acquire+0x622/0x1c90
[  371.847936][ T9299]  __sys_sendmsg+0x16d/0x220
[  371.847964][ T9299]  ? __pfx___sys_sendmsg+0x10/0x10
[  371.848010][ T9299]  do_syscall_64+0xcd/0x4c0
[  371.848040][ T9299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.848060][ T9299] RIP: 0033:0x7ff18a58e929
[  371.848076][ T9299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.848096][ T9299] RSP: 002b:00007ff18b3c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.848115][ T9299] RAX: ffffffffffffffda RBX: 00007ff18a7b6160 RCX: 00007ff18a58e929
[  371.848128][ T9299] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000007
[  371.848141][ T9299] RBP: 00007ff18b3c8090 R08: 0000000000000000 R09: 0000000000000000
[  371.848153][ T9299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.848165][ T9299] R13: 0000000000000000 R14: 00007ff18a7b6160 R15: 00007ffe82e4d7b8
[  371.848193][ T9299]  </TASK>
[  372.266944][ T9303] netlink: 'syz.2.822': attribute type 5 has an invalid length.
[  372.291907][ T9304] bond0: entered promiscuous mode
[  372.297076][ T9304] bond_slave_0: entered promiscuous mode
[  372.303459][ T9304] bond_slave_1: entered promiscuous mode
[  372.325344][ T9304] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.823'.
[  373.357568][   T30] audit: type=1400 audit(1749462470.366:556): avc:  denied  { shutdown } for  pid=9312 comm="syz.3.825" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  373.410963][ T5907] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  374.035574][ T5907] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  374.070495][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.088767][ T5907] usb 3-1: Product: syz
[  374.093484][ T5907] usb 3-1: Manufacturer: syz
[  374.098510][ T5907] usb 3-1: SerialNumber: syz
[  374.128884][ T5907] usb 3-1: config 0 descriptor??
[  374.146595][ T5907] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 013
[  374.771532][ T9331] netlink: 28 bytes leftover after parsing attributes in process `syz.0.831'.
[  375.075621][ T5907]  (null): failure reading functionality
[  375.603051][ T5907] i2c i2c-1: failure reading functionality
[  375.678540][ T9334] raw_sendmsg: syz.0.831 forgot to set AF_INET. Fix it!
[  375.826321][ T5907] i2c i2c-1: connected i2c-tiny-usb device
[  376.150584][   T10] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  376.210279][ T5907] usb 3-1: USB disconnect, device number 13
[  376.254471][ T9342] FAULT_INJECTION: forcing a failure.
[  376.254471][ T9342] name failslab, interval 1, probability 0, space 0, times 0
[  376.268686][ T9342] CPU: 0 UID: 0 PID: 9342 Comm: syz.3.834 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  376.268716][ T9342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  376.268728][ T9342] Call Trace:
[  376.268734][ T9342]  <TASK>
[  376.268741][ T9342]  dump_stack_lvl+0x16c/0x1f0
[  376.268774][ T9342]  should_fail_ex+0x512/0x640
[  376.268799][ T9342]  ? __kmalloc_noprof+0xbf/0x510
[  376.268825][ T9342]  ? bpf_test_init.isra.0+0x9e/0x140
[  376.268850][ T9342]  should_failslab+0xc2/0x120
[  376.268877][ T9342]  __kmalloc_noprof+0xd2/0x510
[  376.268900][ T9342]  ? __lock_acquire+0x622/0x1c90
[  376.268932][ T9342]  bpf_test_init.isra.0+0x9e/0x140
[  376.268963][ T9342]  bpf_prog_test_run_xdp+0x4f0/0x1590
[  376.268995][ T9342]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  376.269017][ T9342]  ? __might_fault+0x70/0x190
[  376.269044][ T9342]  ? fput+0x70/0xf0
[  376.269061][ T9342]  ? __bpf_prog_get+0x97/0x2a0
[  376.269082][ T9342]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  376.269102][ T9342]  __sys_bpf+0x1485/0x4d80
[  376.269131][ T9342]  ? __pfx___sys_bpf+0x10/0x10
[  376.269156][ T9342]  ? ksys_write+0x190/0x250
[  376.269185][ T9342]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  376.269230][ T9342]  ? fput+0x70/0xf0
[  376.269246][ T9342]  ? ksys_write+0x1ac/0x250
[  376.269268][ T9342]  ? __pfx_ksys_write+0x10/0x10
[  376.269302][ T9342]  __x64_sys_bpf+0x78/0xc0
[  376.269327][ T9342]  ? lockdep_hardirqs_on+0x7c/0x110
[  376.269353][ T9342]  do_syscall_64+0xcd/0x4c0
[  376.269383][ T9342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.269403][ T9342] RIP: 0033:0x7ff18a58e929
[  376.269420][ T9342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.269438][ T9342] RSP: 002b:00007ff18b40a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  376.269458][ T9342] RAX: ffffffffffffffda RBX: 00007ff18a7b5fa0 RCX: 00007ff18a58e929
[  376.269472][ T9342] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  376.269485][ T9342] RBP: 00007ff18b40a090 R08: 0000000000000000 R09: 0000000000000000
[  376.269497][ T9342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.269509][ T9342] R13: 0000000000000000 R14: 00007ff18a7b5fa0 R15: 00007ffe82e4d7b8
[  376.269537][ T9342]  </TASK>
[  376.623725][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  376.634923][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  376.646655][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  376.689923][   T10] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  376.699084][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.707276][   T10] usb 5-1: Product: syz
[  376.711504][   T10] usb 5-1: Manufacturer: syz
[  376.716074][   T10] usb 5-1: SerialNumber: syz
[  376.757040][   T10] usb 5-1: config 0 descriptor??
[  376.772991][ T9335] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  377.292541][ T9353] netlink: 224 bytes leftover after parsing attributes in process `syz.3.836'.
[  378.751283][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.757629][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  378.907592][   T10] usb 5-1: can't set config #0, error -71
[  379.023021][ T9364] bond0: entered promiscuous mode
[  379.028108][ T9364] bond_slave_0: entered promiscuous mode
[  379.034881][ T9364] bond_slave_1: entered promiscuous mode
[  379.064224][ T9364] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.838'.
[  379.230716][ T5932] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  379.651644][   T10] usb 5-1: USB disconnect, device number 15
[  379.737657][   T30] audit: type=1400 audit(1749462476.786:557): avc:  denied  { name_bind } for  pid=9369 comm="syz.4.841" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  379.762343][ T9375] netlink: 12 bytes leftover after parsing attributes in process `syz.3.839'.
[  379.862329][ T5932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.875449][ T5932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.885841][ T5932] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  379.905924][ T5932] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.918509][ T5932] usb 6-1: config 0 descriptor??
[  380.308968][   T51] Bluetooth: hci4: connection err: -111
[  380.339968][ T5932] pyra 0003:1E7D:2CF6.0004: unexpected long global item
[  380.382895][ T5932] pyra 0003:1E7D:2CF6.0004: parse failed
[  380.389738][ T5932] pyra 0003:1E7D:2CF6.0004: probe with driver pyra failed with error -22
[  380.670151][ T5932] usb 6-1: USB disconnect, device number 4
[  380.790829][ T5900] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  380.959947][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  381.055457][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  381.173782][ T5900] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  381.252187][ T5900] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  381.385263][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.824765][ T5900] usb 3-1: config 0 descriptor??
[  381.864580][ T5900] hub 3-1:0.0: USB hub found
[  382.062543][ T5900] hub 3-1:0.0: 9 ports detected
[  382.069943][ T5900] hub 3-1:0.0: insufficient power available to use all downstream ports
[  382.312704][ T5932] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  382.327026][ T9386] syz.2.844: attempt to access beyond end of device
[  382.327026][ T9386] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  382.339937][ T9386] hpfs: hpfs_map_sector(): read error
[  382.380872][ T9406] o2cb: This node has not been configured.
[  382.386810][ T9406] o2cb: Cluster check failed. Fix errors before retrying.
[  382.394004][ T9406] (syz.2.844,9406,1):user_dlm_register:674 ERROR: status = -22
[  382.401711][ T9406] (syz.2.844,9406,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  382.450007][   T30] audit: type=1400 audit(1749462479.426:558): avc:  denied  { add_name } for  pid=9382 comm="syz.2.844" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  382.500828][   T30] audit: type=1400 audit(1749462479.426:559): avc:  denied  { create } for  pid=9382 comm="syz.2.844" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  382.654278][   T30] audit: type=1400 audit(1749462479.426:560): avc:  denied  { associate } for  pid=9382 comm="syz.2.844" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  383.343781][ T5900] hub 3-1:0.0: hub_hub_status failed (err = -32)
[  383.354013][ T9411] netlink: 8 bytes leftover after parsing attributes in process `syz.3.852'.
[  383.371375][ T5900] hub 3-1:0.0: config failed, can't get hub status (err -32)
[  383.385669][ T9411] netlink: 88 bytes leftover after parsing attributes in process `syz.3.852'.
[  383.567351][   T30] audit: type=1400 audit(1749462480.606:561): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  383.607638][ T9420] netlink: 8 bytes leftover after parsing attributes in process `syz.0.853'.
[  383.746408][ T5900] usb 3-1: USB disconnect, device number 14
[  383.960704][ T5932] usb 5-1: new low-speed USB device number 17 using dummy_hcd
[  384.154121][ T5932] usb 5-1: device descriptor read/64, error -71
[  384.163952][ T9427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.853'.
[  384.291032][ T5932] usb usb5-port1: attempt power cycle
[  384.760765][ T5932] usb 5-1: new low-speed USB device number 18 using dummy_hcd
[  384.903274][ T5932] usb 5-1: device descriptor read/8, error -71
[  385.340962][ T5932] usb 5-1: new low-speed USB device number 19 using dummy_hcd
[  385.373737][ T9448] xt_policy: neither incoming nor outgoing policy selected
[  385.384231][ T5932] usb 5-1: device descriptor read/8, error -71
[  385.501860][ T5932] usb usb5-port1: unable to enumerate USB device
[  386.430139][ T9462] sctp: [Deprecated]: syz.2.867 (pid 9462) Use of int in maxseg socket option.
[  386.430139][ T9462] Use struct sctp_assoc_value instead
[  386.958389][ T9464] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  387.337384][   T30] audit: type=1326 audit(1749462484.336:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9459 comm="syz.4.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962a38e929 code=0x7fc00000
[  387.844526][ T9478] netlink: 224 bytes leftover after parsing attributes in process `syz.5.866'.
[  388.618478][   T30] audit: type=1400 audit(1749462485.666:563): avc:  denied  { ioctl } for  pid=9486 comm="syz.2.873" path="socket:[23803]" dev="sockfs" ino=23803 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  389.425485][   T30] audit: type=1400 audit(1749462485.986:564): avc:  denied  { mount } for  pid=9486 comm="syz.2.873" name="/" dev="ramfs" ino=23816 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  391.950107][   T30] audit: type=1400 audit(1749462488.996:565): avc:  denied  { ioctl } for  pid=9518 comm="syz.0.880" path="socket:[24805]" dev="sockfs" ino=24805 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  391.974671][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.033481][ T9523] sctp: [Deprecated]: syz.4.881 (pid 9523) Use of int in maxseg socket option.
[  392.033481][ T9523] Use struct sctp_assoc_value instead
[  392.471833][   T30] audit: type=1400 audit(1749462489.056:566): avc:  denied  { mount } for  pid=9518 comm="syz.0.880" name="/" dev="configfs" ino=1217 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  392.790203][   T30] audit: type=1400 audit(1749462489.066:567): avc:  denied  { search } for  pid=9518 comm="syz.0.880" name="/" dev="configfs" ino=1217 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  393.359591][   T30] audit: type=1400 audit(1749462489.066:568): avc:  denied  { search } for  pid=9518 comm="syz.0.880" name="/" dev="configfs" ino=1217 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  393.417194][   T30] audit: type=1400 audit(1749462490.466:569): avc:  denied  { connect } for  pid=9538 comm="syz.5.886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  393.542279][   T30] audit: type=1400 audit(1749462490.506:570): avc:  denied  { write } for  pid=9538 comm="syz.5.886" path="socket:[23863]" dev="sockfs" ino=23863 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  394.555191][ T9556] netlink: 16 bytes leftover after parsing attributes in process `syz.0.892'.
[  395.673405][ T9569] lo speed is unknown, defaulting to 1000
[  396.101655][ T9582] sctp: [Deprecated]: syz.0.900 (pid 9582) Use of int in maxseg socket option.
[  396.101655][ T9582] Use struct sctp_assoc_value instead
[  396.858563][   T30] audit: type=1400 audit(1749462493.906:571): avc:  denied  { getopt } for  pid=9591 comm="syz.5.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  400.781957][ T9627] sctp: [Deprecated]: syz.5.912 (pid 9627) Use of int in maxseg socket option.
[  400.781957][ T9627] Use struct sctp_assoc_value instead
[  400.883331][   T30] audit: type=1400 audit(1749462497.936:572): avc:  denied  { bind } for  pid=9628 comm="syz.4.913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  400.909619][   T30] audit: type=1400 audit(1749462497.936:573): avc:  denied  { getopt } for  pid=9628 comm="syz.4.913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  401.090072][ T9632] netlink: 'syz.2.914': attribute type 5 has an invalid length.
[  402.116372][ T9640] bond0: entered promiscuous mode
[  402.121538][ T9640] bond_slave_0: entered promiscuous mode
[  402.128014][ T9640] bond_slave_1: entered promiscuous mode
[  402.207759][ T9640] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.915'.
[  402.962002][ T9651] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  403.345844][   T30] audit: type=1400 audit(1749462500.006:574): avc:  denied  { unlink } for  pid=9643 comm="syz.3.918" name="#1" dev="tmpfs" ino=897 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  403.465591][   T30] audit: type=1400 audit(1749462500.046:575): avc:  denied  { mount } for  pid=9643 comm="syz.3.918" name="/" dev="overlay" ino=892 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  404.230070][   T30] audit: type=1400 audit(1749462501.276:576): avc:  denied  { read } for  pid=9657 comm="syz.3.921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  404.274548][   T30] audit: type=1400 audit(1749462501.276:577): avc:  denied  { accept } for  pid=9657 comm="syz.3.921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  404.343771][ T9658] lo speed is unknown, defaulting to 1000
[  404.488184][ T9671] xt_policy: neither incoming nor outgoing policy selected
[  404.653433][ T9672] Bluetooth: MGMT ver 1.23
[  405.559990][   T30] audit: type=1400 audit(1749462502.606:578): avc:  denied  { map } for  pid=9679 comm="syz.0.927" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  406.208406][ T9695] trusted_key: encrypted_key: key user:syz not found
[  406.837454][   T51] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  406.837477][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[  406.973635][ T9706] netlink: 68 bytes leftover after parsing attributes in process `syz.2.936'.
[  407.945277][ T9710] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  408.279413][   T30] audit: type=1326 audit(1749462505.246:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9701 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff18a58e929 code=0x7fc00000
[  409.191849][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  409.421235][ T9739] netlink: 224 bytes leftover after parsing attributes in process `syz.4.943'.
[  410.289991][ T9746] netlink: 'syz.4.945': attribute type 5 has an invalid length.
[  410.306775][ T9747] netlink: 68 bytes leftover after parsing attributes in process `syz.2.944'.
[  411.276997][ T9756] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  411.470678][ T5835] Bluetooth: hci5: command 0x0406 tx timeout
[  411.634945][   T30] audit: type=1326 audit(1749462508.636:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9751 comm="syz.5.948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe77418e929 code=0x7fc00000
[  411.658184][    C1] vkms_vblank_simulate: vblank timer overrun
[  412.063319][ T5932] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  412.374403][ T5932] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  412.502304][ T5932] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  412.672123][ T5932] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  412.818416][ T5932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.163600][ T5932] usb 4-1: config 0 descriptor??
[  413.332001][ T9769] netlink: 788 bytes leftover after parsing attributes in process `syz.2.951'.
[  413.934388][   T31] INFO: task syz.1.525:8151 blocked for more than 143 seconds.
[  413.960073][   T31]       Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0
[  413.983266][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  414.116734][   T31] task:syz.1.525       state:D stack:25512 pid:8151  tgid:8151  ppid:6034   task_flags:0x400040 flags:0x00004004
[  414.129039][   T31] Call Trace:
[  414.135071][   T31]  <TASK>
[  414.138122][   T31]  __schedule+0x116a/0x5de0
[  414.142771][   T31]  ? __lock_acquire+0x622/0x1c90
[  414.149008][   T31]  ? __pfx___schedule+0x10/0x10
[  414.157876][   T31]  ? find_held_lock+0x2b/0x80
[  414.164414][   T31]  ? schedule+0x2d7/0x3a0
[  414.180087][   T31]  schedule+0xe7/0x3a0
[  414.191482][   T31]  schedule_timeout+0x257/0x290
[  414.196574][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  414.208046][   T31]  ? rcu_is_watching+0x12/0xc0
[  414.212993][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  414.218335][   T31]  __wait_for_common+0x2fc/0x4e0
[  414.223462][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  414.228979][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  414.234612][   T31]  ? lockdep_init_map_type+0x5c/0x280
[  414.240140][   T31]  ? __pfx_vhost_net_release+0x10/0x10
[  414.245889][   T31]  __vhost_worker_flush+0x1cd/0x210
[  414.251489][   T31]  ? __pfx___vhost_worker_flush+0x10/0x10
[  414.257371][   T31]  ? __pfx_vhost_flush_work+0x10/0x10
[  414.284728][ T5932] usbhid 4-1:0.0: can't add hid device: -71
[  414.293173][   T31]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  414.300136][ T5932] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  414.308074][   T31]  vhost_dev_flush+0xac/0x110
[  414.317800][   T31]  ? __pfx_vhost_dev_flush+0x10/0x10
[  414.325377][ T5932] usb 4-1: USB disconnect, device number 10
[  414.332598][   T31]  vhost_net_flush+0x1d/0x1b0
[  414.339976][   T31]  vhost_net_release+0xa2/0x260
[  414.345011][   T31]  ? __pfx_vhost_net_release+0x10/0x10
[  414.350887][   T31]  ? __pfx_locks_remove_file+0x10/0x10
[  414.356496][   T31]  ? __pfx___might_resched+0x10/0x10
[  414.362105][   T31]  ? evm_file_release+0xd0/0x200
[  414.367184][   T31]  __fput+0x3ff/0xb70
[  414.371639][   T31]  task_work_run+0x14d/0x240
[  414.376585][   T31]  ? __pfx_task_work_run+0x10/0x10
[  414.381839][   T31]  ? __pfx___do_sys_close_range+0x10/0x10
[  414.388276][   T31]  exit_to_user_mode_loop+0xeb/0x110
[  414.396670][   T31]  do_syscall_64+0x3f6/0x4c0
[  414.401909][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.407962][   T31] RIP: 0033:0x7fdfd1b8e929
[  414.413188][   T31] RSP: 002b:00007ffce753a508 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  414.421734][   T31] RAX: 0000000000000000 RBX: 00007fdfd1db7ba0 RCX: 00007fdfd1b8e929
[  414.430060][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  414.438275][   T31] RBP: 00007fdfd1db7ba0 R08: 0000000000014c58 R09: 0000000de753a7ff
[  414.446526][   T31] R10: 00007fdfd1db7ac0 R11: 0000000000000246 R12: 0000000000041925
[  414.455311][   T31] R13: 00007ffce753a600 R14: ffffffffffffffff R15: 00007ffce753a620
[  414.463653][   T31]  </TASK>
[  414.466910][   T31] 
[  414.466910][   T31] Showing all locks held in the system:
[  414.555347][   T31] 3 locks held by kworker/u8:1/13:
[  414.563422][   T31]  #0: ffff8880b843bc98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  414.573688][   T31]  #1: ffff8880b8524088 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0
[  414.587663][   T31]  #2: ffff8880b8525b18 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x127/0x1d0
[  414.597396][   T31] 1 lock held by khungtaskd/31:
[  414.604817][   T31]  #0: ffffffff8e5c4840 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  414.615150][   T31] 2 locks held by getty/5583:
[  414.619892][   T31]  #0: ffff88803738a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  414.630728][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  414.643442][   T31] 
[  414.645900][   T31] =============================================
[  414.645900][   T31] 
[  414.654982][   T31] NMI backtrace for cpu 0
[  414.654995][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  414.655009][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  414.655016][   T31] Call Trace:
[  414.655020][   T31]  <TASK>
[  414.655026][   T31]  dump_stack_lvl+0x116/0x1f0
[  414.655048][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  414.655062][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  414.655079][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  414.655094][   T31]  watchdog+0xf70/0x12c0
[  414.655109][   T31]  ? __pfx_watchdog+0x10/0x10
[  414.655120][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  414.655139][   T31]  ? __kthread_parkme+0x19e/0x250
[  414.655156][   T31]  ? __pfx_watchdog+0x10/0x10
[  414.655167][   T31]  kthread+0x3c5/0x780
[  414.655177][   T31]  ? __pfx_kthread+0x10/0x10
[  414.655188][   T31]  ? rcu_is_watching+0x12/0xc0
[  414.655201][   T31]  ? __pfx_kthread+0x10/0x10
[  414.655211][   T31]  ret_from_fork+0x5d4/0x6f0
[  414.655227][   T31]  ? __pfx_kthread+0x10/0x10
[  414.655236][   T31]  ret_from_fork_asm+0x1a/0x30
[  414.655255][   T31]  </TASK>
[  414.655259][   T31] Sending NMI from CPU 0 to CPUs 1:
[  414.773286][    C1] NMI backtrace for cpu 1
[  414.773301][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  414.773323][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  414.773333][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  414.773366][    C1] Code: bb 72 02 e9 03 fb 02 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 23 50 2a 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  414.773383][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6
[  414.773397][    C1] RAX: 0000000001fa406b RBX: 0000000000000001 RCX: ffffffff8b7fbc99
[  414.773408][    C1] RDX: 0000000000000000 RSI: ffffffff8de18f75 RDI: ffffffff8c157060
[  414.773420][    C1] RBP: ffffed1003c5c488 R08: 0000000000000001 R09: ffffed10170a6645
[  414.773431][    C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001
[  414.773442][    C1] R13: ffff88801e2e2440 R14: ffffffff90a80c50 R15: 0000000000000000
[  414.773453][    C1] FS:  0000000000000000(0000) GS:ffff888124854000(0000) knlGS:0000000000000000
[  414.773469][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  414.773480][    C1] CR2: 0000200000006000 CR3: 000000000e382000 CR4: 00000000003526f0
[  414.773492][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  414.773502][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  414.773512][    C1] Call Trace:
[  414.773519][    C1]  <TASK>
[  414.773525][    C1]  default_idle+0x13/0x20
[  414.773541][    C1]  default_idle_call+0x6d/0xb0
[  414.773557][    C1]  do_idle+0x391/0x510
[  414.773580][    C1]  ? __pfx_do_idle+0x10/0x10
[  414.773598][    C1]  ? trace_sched_exit_tp+0x31/0x130
[  414.773623][    C1]  cpu_startup_entry+0x4f/0x60
[  414.773642][    C1]  start_secondary+0x21d/0x2b0
[  414.773663][    C1]  ? __pfx_start_secondary+0x10/0x10
[  414.773686][    C1]  common_startup_64+0x13e/0x148
[  414.773709][    C1]  </TASK>
[  414.784186][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  414.784206][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  414.784232][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  414.784244][   T31] Call Trace:
[  414.784252][   T31]  <TASK>
[  414.784261][   T31]  dump_stack_lvl+0x3d/0x1f0
[  414.784294][   T31]  panic+0x71c/0x800
[  414.784320][   T31]  ? __pfx___irq_work_queue_local+0x10/0x10
[  414.784343][   T31]  ? __pfx_panic+0x10/0x10
[  414.784368][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  414.784396][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  414.784421][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  414.784445][   T31]  ? watchdog+0xdda/0x12c0
[  414.784465][   T31]  ? watchdog+0xdcd/0x12c0
[  414.784489][   T31]  watchdog+0xdeb/0x12c0
[  414.784514][   T31]  ? __pfx_watchdog+0x10/0x10
[  414.784533][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  414.784562][   T31]  ? __kthread_parkme+0x19e/0x250
[  414.784587][   T31]  ? __pfx_watchdog+0x10/0x10
[  414.784607][   T31]  kthread+0x3c5/0x780
[  414.784626][   T31]  ? __pfx_kthread+0x10/0x10
[  414.784645][   T31]  ? rcu_is_watching+0x12/0xc0
[  414.784667][   T31]  ? __pfx_kthread+0x10/0x10
[  414.784685][   T31]  ret_from_fork+0x5d4/0x6f0
[  414.784710][   T31]  ? __pfx_kthread+0x10/0x10
[  414.784728][   T31]  ret_from_fork_asm+0x1a/0x30
[  414.784760][   T31]  </TASK>
[  415.098401][   T31] Kernel Offset: disabled
[  415.102705][   T31] Rebooting in 86400 seconds..