last executing test programs:

14.260712849s ago: executing program 0 (id=690):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
socket(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x26)
syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r1, 0x29, 0x35, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000580)=""/102392, 0x18ff8)
sendmsg$inet(r0, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000240)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)

13.562757158s ago: executing program 0 (id=691):
sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, 0x0, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = userfaultfd(0x801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x5d032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xfdcf, 0x2, 0x2})
r3 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000080), 0x3, 0x800)
syz_usb_disconnect(r3)
close_range(r2, 0xffffffffffffffff, 0x0)

9.189327603s ago: executing program 0 (id=704):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711038000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r6)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
sendmsg$nl_xfrm(r1, 0x0, 0x0)

9.1423025s ago: executing program 4 (id=705):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x14, &(0x7f0000000300)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$EVIOCGSND(0xffffffffffffffff, 0x8040451a, &(0x7f0000000200)=""/88)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0xfa, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000100))
io_uring_enter(r2, 0x46f6, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="3800000018000100000000000000000002140000ff00fd08000a0000060015000200000014801680100008800c0002800800010010001000"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)

8.203656009s ago: executing program 0 (id=708):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711038000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r6)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
sendmsg$nl_xfrm(r1, 0x0, 0x0)

7.716400667s ago: executing program 0 (id=711):
socket$inet6(0xa, 0x3, 0x8000000003c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_procfs(0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0x2, &(0x7f0000000000)=0x2, 0x4)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00'})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000580), 0x407, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000000)={0x2, @pix={0x8, 0x6, 0x44495658, 0x9, 0x86, 0x4, 0x2, 0xdd4, 0x1, 0x3, 0x1, 0x2}})
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000006040), 0x803)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r5, 0xc0f85403, &(0x7f0000000540)={{0x3, 0x0, 0x1, 0x0, 0x11}, 0xffffffff, 0x29, 'id1\x00', 'timer1\x00', 0x0, 0xfff, 0x201, 0xf9f6, 0x4})
waitid(0x2, 0x0, 0xfffffffffffffffe, 0x8, 0x0)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}, @in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
prctl$PR_GET_NAME(0x59616d61, &(0x7f0000000940)=""/254)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x25, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x2}, 0x90)

5.834377272s ago: executing program 2 (id=721):
r0 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
readv(r0, &(0x7f0000000280), 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000080)={&(0x7f000099f000/0x3000)=nil, &(0x7f0000898000/0x2000)=nil, 0x3000, 0x1})

5.816295818s ago: executing program 1 (id=722):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x51, 0x4, 0xe, 0x0, 0x9, 0x0, 0xf, 0x4, 0x80, 0x64, 0x20, 0x2, 0x0, 0x12000000, 0xb, 0x6, 0x1, 0x5, 0x5, '\x00', 0x4, 0x9})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_io_uring_setup(0x139, 0x0, &(0x7f0000000240), 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x120)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x8003, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1})

5.791706451s ago: executing program 2 (id=723):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000000))
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x3, 0xa, 0x0)
syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r4 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x800a78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x84}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
preadv(r6, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0)

5.615726268s ago: executing program 4 (id=724):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711038000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r5)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x6fee13ad1b8fdd58, &(0x7f0000000040)=0x8044, 0x4)

5.156949392s ago: executing program 4 (id=725):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="50000000100001040000000000000000"], 0x50}}, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000280)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)

4.638567915s ago: executing program 4 (id=727):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0x4, 0x4, 0x8, 0x1, 0x28008, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @value=r1, @void, @void, @value}, 0x50) (async)
close(r0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0xe, 0xf, &(0x7f00000016c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r2, r5, 0x5, 0x0, 0x0, @void, @value}, 0x10) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r2}, &(0x7f0000000100), &(0x7f0000000140)=r0}, 0x20)
syz_open_dev$tty1(0xc, 0x4, 0x2) (async)
sendmsg(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x803e000000000000)

3.714335319s ago: executing program 1 (id=729):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0xfffffffb, @ipv4={'\x00', '\xff\xff', @empty}, 0x2}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) (fail_nth: 2)

3.699216782s ago: executing program 4 (id=730):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xd)
ioctl$int_in(r0, 0x5452, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "92c01f", 0x8, 0x2f, 0x0, @remote, @ipv4={'\x00', '\xff\xff', @private}, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21}, {}, {0x8, 0x88be, 0x4305000f}}}}}}}, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
setregid(0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000180)) (fail_nth: 2)
write$dsp(r3, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
sendmmsg$sock(r1, &(0x7f0000001a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

3.330248726s ago: executing program 1 (id=732):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
lstat(0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff000000001f040000000000003f000000000000005504020001ed0a0025000000170000000f030000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184a0b139d8d4209c8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c8216feb1a69005bbe781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d6800000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
gettid()
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'veth1_to_team\x00', <r4=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000006c0)={r4, 0x3, 0x6, @local}, 0x10) (fail_nth: 2)

2.692349493s ago: executing program 3 (id=733):
r0 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
readv(r0, &(0x7f0000000280)=[{0x0}], 0x1)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000080)={&(0x7f000099f000/0x3000)=nil, &(0x7f0000898000/0x2000)=nil, 0x3000, 0x1})

2.616867601s ago: executing program 3 (id=734):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/161, 0xa1}], 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000480)='\xf5\xfc\xd2\xec]\x95zx8*\xa2d\x11\xb5\xb1\x01\x00\x00\x00\xe49{\x8a{\x81s\xea$\xdfg\xb1\x03DY!\x97\xadM\xd7\xff\x8a\xcd[>\x12e\xc3]d8\xba\x8ec\x00\x00\x00\x00\x00\x00\x00\xa0\xe2\xd5y\xec\x90\x00\x98Y\x91\x19\x16\x89\xd0\x1a\xad\xcd\xd6\xd0\xc6\xb9\xeb\x95\xd3\x9cl\x9cu#\xb4\xee\xe5\x9d\t\fV\xd4\xda\xfc`2?\x15P\xba\x14b\x1c\xcc\xd5\xb9jA$s\xb9g3\x15M\xd9\xb9 \xca[\xc7\xec\xa9;\xee\x01\xc9\xc4\x1f\xc3\xe4\xfa\xd3fU\x0e\x86\xc8\xa7\xaf\xaf\x04p\xa3\x8bb\xbf\\\xdb\x83\x00\x96sy\x14\x1eo\xcc9&\x946\xf9\xf5v\xee\xb5m$;\x01\xb8\xeau\x00\xd1S=\x920H\xc2z\xb5\xbe\x95\xef\xeb\xd1\xc8\xa1\xba\xach\xbef\xa8\x86\xc2\x18\x9cC\x15\x9c^\xcf\xe9\xbcp\xb4Ff\x00\x9d>p\"\x19\xd8}|~\xae\xdb\a59f\xb8?\xba\xf2\x8e\xa5y\\\xf0\fkd??-\x983\xf3\x19\xc7\xc0/\xe9\x1a\x80=\xa72)\xd2\x00'/277, &(0x7f0000000340)='/\x00\x01\x00H\x98', 0x0)

2.553622868s ago: executing program 2 (id=735):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x4, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x2a, &(0x7f0000000240)=[{}], 0x8, 0x10, &(0x7f00000002c0), &(0x7f0000000380), 0x8, 0x49, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8286d7959b208032}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000580)={0x718, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0x3a8, 0x8, 0x0, 0x1, [{0x5c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0xc}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "0c81b80daa945d60667b35893902fe05bbaf23309f5114132ddcbb8e73b7cd8a"}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, 0x4}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x3, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffffc}}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x2fc, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x204, 0x9, 0x0, 0x1, [{0x10c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x3c}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x2}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x29}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "94662d893c9da36d7e2dd891c0a570d68433ffe718a8e37ae398976e6bf60f71"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "26755356210091259070eff01d08be0747d1672fa8afe9006f52bc88958b4f04"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "4a924167485486da113ba9132cfdef7a0f651cb1c5840ab1b6b2379791763694"}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}]}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x57fd1240}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r0}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_PEERS={0x33c, 0x8, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0xfffffff3, @private2, 0xf}}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xfffe}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_FLAGS={0x8, 0x3, 0x6}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @local}}]}, {0xc, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}]}, {0x180, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x150, 0x9, 0x0, 0x1, [{0x70, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x1b}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @loopback}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "4525eab1f4d96db90ca7c3dd696b1b7fb1df21c7c5dacc82378c81b6ef7b6ea9"}]}, {0x88, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @multicast2}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}]}, {0x40, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "a45a6c5f0fa3e7969c089a2832bae7cdd61d717d58ef20cc36c192692e80e779"}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "6fbbaa8bcf35acccd9ce8276aa14ecacdbf76ef86cf19db28825a4df5b7f1d94"}]}]}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}]}, 0x718}, 0x1, 0x0, 0x0, 0x60840}, 0x4040004)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10e, &(0x7f0000000300)={0x0, 0xfad6, 0x0, 0xfffffffd, 0xfffffffd}, &(0x7f00000003c0), &(0x7f0000000280))
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)

2.187911981s ago: executing program 2 (id=736):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2004, 0x800})
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)

2.023362977s ago: executing program 0 (id=737):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x3, 0x91, 0xea, 0x40, 0x547, 0x2720, 0xde7f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x5a, 0x0, 0x0, 0x28, 0xfc, 0x89}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
write$nci(0xffffffffffffffff, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
creat(0x0, 0x14)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x1, 0x8000020, r1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0xf9ba, 0x14b082)
write$binfmt_aout(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="080107a40d02"], 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)

1.541717169s ago: executing program 3 (id=738):
r0 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffff, 0x106}, &(0x7f0000000500)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB=',group_id', @ANYRESDEC=0x0])
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000001000500000000000400040054ef0000100002000000000020"], 0x24, 0x2)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x18)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r7, 0x0, 0x10000, 0x20000)
fallocate(r7, 0x0, 0x0, 0x2000)
setfsgid(0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000000c0)={0xc})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32=r9, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000004300)="e05acff62a41134e0f28a6ba227995b05776c837ab3a066a329e33b775d4586b7a0c48f3471ede96c5e03e1f347acdb576b1b8c75ad4fe76f3ceb2331adb9676968ebcc8bc70b50acd984f9067e2499ec9e28061d978efb1ebbb90d82d973c7b4bdadf6dcf1cd1ba8a4b8882779ab3c5a956791fcf5097ee4b0da8d910938b1edf34fbb493d106ad0270110e14f0c94d02e722ba66bc7e3d90197f4fc676d18723513482dbaa39e68b3a4c0d23f9706f67f76202f16de2f3a40b48a2de184a15f89b2935a65017dbd8783a3d9153c275b72470d0fc15920a659c531d6ca85c36012deb6bf650f9d0a598707c1798a3636b7339a0a5b0a3a62073dbc94eaeecccc58722b8d76d0a447fe0ec7c122ee5d028f5dd17813e62da599f209c621c06c98e0440c008b8678dd65ec6ae2b0b659d6883ff1170ff904db86d0748e8dd1e870c6255ddfc90cbb5aba594c593f64f518d69ab7e02425299303d7d37d5ed28afde8fa2daa4627855dba7c4ab12209d5a836ea0c4592cba568dabd5453382eb5f7e6ce5bd0489b876d4d1dabe18f0440190f5898675bff139d7e8c953abb31383b932a67808cc2a2f67cb714b9a2c8e75f68c21fbe56ecb49f39136b7a0b7b6a53a93f33f9987fb7e7437a0852b9194cb75bb84f3b40f4617ae8ce9a8da6ca74d4e7c737bbc5126b0b8bd0c86f4fb861fea02fd7b8649fb1c0523b30f28a24bd7f58495f29cd2e092f5b6ff29f4de5ce56894fbd9fa78df0fb93efe2192e966e14bc9bd4671b0a2c6873d7750773a8aef7f1d35cad742e64664dcd277b2d604f564fdc519911c0749575c7136226cd68f2ec02a1563c727c1eac916cc426da130ac5c5fd6c0169161c2d7f79fb16b9d8025a6c74e14abccaaf30e5e39806a8b1866cc62e8e238c38036cbcb0abf003861103634409202ffac458605f599ae67db8f4cbd45f72ac9bfd126783135f552dd6639937ff0f77e15ebf8a49fe3d6a7da4fd6faf018b62956957c13ae52537c5ffbb4b2c28f3076468b1d11b018b6af74ff706f17c4babd4987bf9afe98a4b9aa357137d9383b8fb6ca370dd2fdc582aa701e85d926bf3087565231d6089911b2cf578786607ec5849d3d58dd423ff4558092c9a22a1153b787f37c9075555e1d06bc99b95b03bb0862da5be4f8d4718b1c6b892c1ad1138cded558e910553a70699e9d6ac935c227bd3326bfe40f389b16517801826d0ba7a1d74528fa273eca268a74e11423f0ea00e2745abbb7342c846566cf067b38a308babc8a45e607f39b66ddd2e772867cee3e14b3e7dd8844c3651330d15db8aa51d94c98ece900f4443bcbbf8849c3fafd4e5d4e1e5ea4306c081438e1694c59bdafa3b6bf80302b48f09a541dd30db6026ac247303db3facce171b64b48a74a1865db29a15db73f6989f7e5d6b6f39431511246b2ac2873dcdbea3fa5636af6813c83a7fe8b3b7936911a6a47f10823188d0ad18dbf3e4c45c296210e5bfc3abc3dc3836fd60a691005857db271290243709c57fc1ca3ad9a7938550b81b473c66e614fdf7ff35b8e19e60f7616ed19af91e4818c5b2c30f5ff903a3da9c7b7debc5d1b9e41f4a12f122a727a627cc5e6a0f8d81161088a93e4d0e592b7e977287833ec9446a6b44aba303e12ecc19c7fda316f6049db6bf1617f6fefeebcded95f75371fbd6db605ed7b77f8f91ea27468a68e068d1aad50a4118bd619aa85d1f5ee0eb9bbdfcad7335628e3ae1340681ce824204a9997f8aad87c8ce0534482cd748148689ec331002203b94af4ecd11d5b75d80838478c26cfee0fa076c5baaa82483b04898ead705bdb37247956ee25db667ea6668a4f3082332070489da02c3b5d25091e3a00f884265185a28757cdeedb3a1e4a0ada801d4a386fbab0c1de6f35fbb6c7d81fd15370909a387eabd3415f146129647a13f20ccfa69e436ce067ed1a9e0dfb877c85f0b8032e64f5379a9f5a92967533f9b45584ce1a04b962306d2d707e0e462d9d2ce94dbf4c52835c2bc005d1c21fd4e64b0f2578a072d8c442c49bb9450a8fcb49a4b2167912ff1f5946585983087deffee403a0c079ba90a0b644584137c58626afc604ab684650aac5ede8632f3e035da41c511bfb25a62d0a283e35fdd67dc0ef135d428297805b5fd0ad62294531f46171f546c61eb6475fd9fc7c8357e65737d39a741417f8a0a7e035f696c1a83d44837e360592db9ae7afd2ae7be9859f062d274b0862746c9ad804eb1c72aecf6ef9cfbbed33f68f38f25eb493d165f3012c04ec02d42421e2232aa4b30910f9d4fb91b9ba2e7b40ea4fdb60f6957e3afed8cab6d076b2f5ac59ea53bd1e9d944cb53deaa2b8ba097664fca77ab97666c6add05e7556b92d8ad11d19887e83a8ae9dc086bbb4d23cabb3615fdc05e35c61fc3e28315659509df1cbaf449ac909f36c69f5366f1bbe9b3bf9899533f06a6161c986607292a202bfcfeb2508aa18dd993d2d239b32e4f06ba1321d607c154965b9d1f52c940777e69430967d456cafabf236a2f8cea019cc87b350a5bc2aed7f1469ae6cadbcd579864d2194e3bc71e2596c690226b15c86aa0c2aede98cec57c4e752edb6fbe58046ca59546511805a71aa187ce4bcd5399c36eb3f76681a63e5a1d948a9cf98703aebda62c0759477f1be96841d60256bb2d7140fe4481d4d5180df9595fae750da2a9178c89fab47766ae30cd3d8ffcb94eb4b4245ef19ee3d95b89094f528c16ed7289703afd5805e923ce48bb5e451a93ceadbef1443e61b6b59fc13e79ed418dc73cf12b302ff40aa09994374eeabec532bc98b820c21d15f2cd10f755132b12c824a8875387c6682e991dfc01280ce1619c23593659de590b080c7f2eac12ec00704ab8b3bc2052ba9ba6f59a2312b9ebf62c6ea1ec5250435c25215f87350903140a4a12d8e3f8e233f0d63002dbbbd12a7ba9282768dc2b2b9aceb9e45e9da4a2d4a8da83e72bf0cf91bc12324b544a1d6145525dd9cf44199d7448d839bc67b1d33d7da10a9abc08f8f08a894edbd42c1baf8482feb06d68f25c4405a624998bd4c28cb9b845712ba307ca9b9ff56131617ceccd2927ecd57796eb103b6b15dfa12b3e8e9aa2ac8af20cde7877501a98d8b04dbd96d606661066dd80ef55d45fbd5c410d4a0d59ad53cfe3779350e71f109118bccb61121bb8eefced8feaa72c95ed737490c7318e7db86d94eda2ce5f9b04f2308dadbd8a2be6991309a56959c6be4312623a04483bd72a64c210bc6ea600d887aeb3781030a0c4a6ee06f38896bb95688ba5c735180ed50f1fce6c321aa0503f714a000b6e10f22d019e0c5bdbf982bc0a3b15ee59e9c573f77073ac64394f3610f68eca10092a7b7544bc1e643c30017133fec103af1111536ec6b37472157ef7a57186d4b64812ee20f51257d2cdaa19b5508fc40824aeb678c368149387f9083d645c9b616fdf08459aa792897293e7dabfab1144ea74d39a2f0d3632d16ce1b1973717eb83d217250646903207ccd9804e584c12bd98be5096c2a43f21161547f6b2fcf244f12a3c6863a90b45901379a1df5948dba63c34aedb7b877c675dec404acdc0348482502c3e9a886d0829a17c06457a2bb3b6c843285b1aecb4c917d9d586b5b47be2895dad99e620cc824f4d0c577f8b737c20c39c40b77db27e8e72d83c6d220011e7e304c97e281697afe31e077f490f0e632a3fb5125351051543125d7895e86007e0be5527f57f98db8235bfaa3c4d25514ae88d06289261b49013f25326461a5672c0fd975af977d9e9725d14c923decf5b60cb800a267644e0fb5e8dfc734c5b1ba810ff276f24f8fd0608bda3ab335252fbfce4e75c533bf44d2f6a2d14314b5bf24ab3d3dc0794a120379264d2bdfb4111e614b4f68d36f930b4802863bd47dc7b8520f8e95b9673a9bac79dd4e68b7dd9e095d87eb8004f19763459171142145ff6ba160709fa7732579c48bbd4ace904fed83603de20179c6d230b1b098b2800749c1836b222b52da56a2d47dcd9a87e4ea2a2fc3da46b05fb446d1b6e134d5979c43c1e79b00ce0909a020fa2e0377e19bbbeb5c4453a0f04a09242a477bcf0fdf824b58b196d7ee987ed68092c6696cf2dbf942310ed22d674512a4428e9e194127eb44828f9a812c762460486889d715dc6dc4377e557834f31cab1db1b276a5e3c14618c233ae523f1e3f3c0078fe150354855b3c31d0f333928efff70c7383cf65880420cf7ec307b708307fed0745032cb81891b85d67fb55303a30da8f4b3bedeabddc6bd38d92edeec80aff10f0d29f116cfe31f1b1a96962a713300635329c04977ab606e50b93cb1305f5a82c826febf41318f1ddb7e6fd0eaf37936f6950f841c8853bf1acbb96ba04dcc4fa5a23d8eb8e5b22fea5b5784453d51799442c665df83b45ed6fa99401ceec8e0f62b89fab9fadaa0d51e845fcf2ec20676b3d867304b7f893054490af7a0080bdaacfddd54fee4349e03dff156c9f08ceffa31e3701d333251f7cd4b07c52a9901d4fd32bb01261544c7842df78b420b99645e7c2695fcc6dc4e402ddc0ac039bdaf4129a4ae70b37b1c61ebd47e6cb7d6dfde13e7e972c74b706e8a3ad7fddd50cf581d2055ff5b127695d6f5c8fc67df49aaa56afb789a9fa384125f13d928feea35139cd9153b254c6b39f838c0f0367c5efa13c5fbdcbec5c9f88d7d2ff54aaf8d0c4db4cada8b74ea780d32aa0e66942e936061692182be3c5b21fcd99dfbfd22467d4d3ce3d78e88f1481bc2ed388f0dc3f262a079bdcf41d2f21f1de75202fac6b4f8f9f8a7ee0bdb646ce582f6fd358461fc4266f980f33138c41daa3c8a82088eccb8a2944b6dc432f8149414115f209282945e51e5d0a999d518a32fec37e64e8618879f7d65e088514efed5104ead3fab91c017447a645575a50dba5f28a3a6359a9d591ee2c7eadd08b86e733a6a8723880890d3158e527b4d9a676b02ef0faabff71865c487641c6c104c15178106d878c6cd588b2c6f834a4a2ebb9d129ab28eb7dc6a556f3d868e2765034bb146c7be493d19302b31881a11257ed202bd20d53f05d7b5c96954b55cfb933fcf0945a10b460bf7e276ddb6fa313225b7bee647e8e6d5c1ef68dae19d4cca98f00d3a860602b66b09a1392ad01739a5ddb7117dcb0053e9c31602727101225c627225674aa1e49f3c3abeffada9f5ac76b5f10a2de55951de24b1fb144f4c1eae80e27bc36e5da70e01ff37ca465190180644a27eb9a96a15d6fb4eace5e652176a02d4ef8228bd72df5142351a6f1b08981a5c66eeab943983277c1bb192b668ff25cecae19229da67e2d8e3655c409f597b68260c70c47c5843082d94a94e72fc42ed11eed5a0cc5c9eb57de53947d2823cedbd9e417682b7b19ed3be8d27b3a887795b062c88317a0dc04bd6a62cf05fb78b2955af0514a99e3fe0e0f382c9fc2ff820af6451e0915722162c53b060250890c381ebe2edbb63359643ebd780a32770e78c6af810f341f3e07781ee25c92275ab427de063326239514c6623c9a3a2ee2c80da4c77404607cd208e2e9a273cfff2cf9c6cac6ed4cd6641d8890ce82f229cec11b483db0e4fe70161829bebcdc65351e75eef29d4ec70495415927aa6be603dfb8c5c34f4d2a0afe0bd0700540b8ccd9e0421efb4d449225fe38cf4ea8145e7e1ecdcfda0c1b8a6439b3535a7c853065f665cd28c86fcf4b47ce321edc9ba1bed1a6e4160e62819cc8f9d0914ca7c8f54c6392d9b8d8a9e23e6877e240cf50208b5dc085cbf5932d730dde94314d269f8e4730e72c62ebf1100b423e7c02c0c7b3d579fe738a75bf3d29264bc27009673ebc5fd0d777e2b43d4b738addf5e1c1d084270f5ad6441d10e723331ef5d41d1da2597817968e3c33324fd876bb2c4829921fb5c835ed01e78d0fa88d1f4043693a5cbf592f350505d37efd84845feb77ed38a25df0e98678047f320080972ae011d5ecc9b9cb1aa519fc661c3c909ccf1002844a4f3a9ff21dcb3e861cec427cea26eb765e3d30c532f3c67aead616cca4ed0ef627e3edec6a98e0f0866af49b0019ef8c50104b4e21c17b17b36b0bd5d785c0a46dd5e84dc7327d46c73637602f159900ddc1e6bd3f9afddf45ca54cc7958a6fc0a7e9b93c7e91da8afba0a63238f3847860ebe9403ff3b80e067493d34c55e7562b8b0fb06a2f8c1ddc9cd0f785aa9814cd40aa66ded541de15e647303864b27b5cb7631666f4166b6daf929fbff41fd95bf16994a6f9bc8ce579da13442357cd500f10c392ec78b0c161c99742c03b4d745262d86500e2a981586627350cfe1bcf4710b0824070abca21e1a53a36bfbc12ea7fe8336f741784746abef46f52ad131eafd02ac24c1d1636fa30337251a5f169cdb8c57fa214f2a900af0ee866748661f1a67a6c2c6a6e49ce1939139e45a456c7dbbec8a09be48853cd9b1feeefc6729740dde9de04dd1e0f9c774d387a902174274729e6349a7effd237e63c40bdbccb72e44dab5ac1eab96eb75a6ea8f2f7dd362159131072dd8d733fe9c54d1ea4771e85e7cc0b0455dae0a5c8ece44aeff7e2d247e94639c9a74f48e690c02e89d0377fe3afce5d6abc706dd3e23d19809dfa948b010b6d66556ea81ca3690c3322478dfa1e9ef6de5e4d21b6e9867c611fc4e78abc94bd3c9f112739f8d2996834f54d1137f34ff5442c2432746c37031bc7e9201fdeb7d73a24163fe423fdf3e8e22b655ec159664e905675d8bb80d651d4dda22dfed198d02c2b8ff5b0760fd2aea35e519619393cb66b048b59d4e6cf398652a4726925c8a1936ee29cde1bd70fdeeec0aa1e9289711c57ab8ba170c427173fada71e9a1f0fc4cbe23c248f5340db3f9ba4f8c23da230ef4c1013ba0ffaaf5bfc58cc2eb5084f96bcdce7c1ce76c4206189bfbc9d8f1238aed641c39693363762f2cbb1b3433cb01fba42dfbc7b1aa6a46cb9bfcc98a8d8f46cde8a5dc9d74de7fc73aa22420acd949a26c2bd0c8c6f05fcac03a88e622c851454f583623b35f825038ab1aaa3091d05018c2179f473a889219e3414bbbf4eb62333df13ca9eef4dd987358c90d6bdc113aa2972cbff9b7d7e5a76fa182609401567889febe7f2443b338982c3be4328caa199f4b14652ff609b3012fc66cd7a02d8e837bf85f7d2ee7f5061b359104a90e5a74179f6fe7ea44acaf2e8531b05875e041a7f42f6551e89518dd06f04ceaa5140fee9535cc3de18ca42721661d395e23828b07d449e4e09614c8aa753d28215608a56dbb66a929a47fe1beddc6123afad8d4f64cc5602138a289ef1287548d914647d144c3010cb5e3a90753aafebb70703a4f0eb4edbb991f47ed529b219a9fd421782a8a9d73d18e9ac69768791f408ee65af8f78ca3986e878276993c8dc140949f7410c8aee7b57739ffd57e5096ef3c1edc9d242d8ed7d0b5c8f7d4ff37b4ef76a6d4ca8960793508313c751a194ce0dcd0b08e3c3b91f06cb9f158347af1689fa86e9229970ab49bd44bf99da76818f7deb102bffbc575cf53966e247ce3558f77937d822ab74a437c5575dbcbd907199d5b645ee6ee122dc77090960302f8fce044fcb5d19a803b92a95950c262ea117522e6cbe44f5c277d6d7e36890eb7702136dc78abfdc5105f138b9415ee6ed0b4e1f805b3bdb5d0e7aba7d0aaf7c6c100edae89b8496804a7cc9e61d002ba42abb6ada2fdb12f672a15f2f3ef7d23330a5d411195bd2e3caf54d7c29a4ac9e13db64d88c35587059465e59507acd1ed7393f3557b8991116fdbb675f7f4a30acfa0cce3e31b817834a3037a18479aa764a83820f7186460fb96e07adcd529cdf66d0f6dad80260f51d3a9a1ebe213d03b9b71c9c522b4b8bdfe40b06a9da4c722f9a73d43423b456b2464bbb546b0527f71cbe600478169bab6caab15b98d4383552cf0dbf3c4b5208d901873f79901d174410ccd887073c1c9c6091f01c1772123f8354efdd6646d1e5373ef0e7750406b2c9acc1315c9fe1e9b0dba050717ee4f1ed17fc73357150921e5092c8edeb79f25a5b5e142e6813f20871252ebf52752d643a2965058509271b370bf98ef0fe8983a4725d39685647416757b85f87cef3ed7265d67a479d7752dcb3fb78447e6dff107a51365cba79fdf6edba21db2d3b52bf70579a398c36847bb3ec5e8ced0ad82c68c22d422335f73ea5297a95c5263d2403e06b7fb1d30804efd4d535894e0e0fb4747bd77caf3e92fd23d0bc8c73e08374ca42b52fa8c02f1ff3d19d8eaa78ef2ba7b3b1bea75faabf2658cf0a49f59bdd1fc49618fb60260053033184ede8c6a10fbf5f295a8a96553d469b160b17d9dbef52a651afd41fa87a169e5b34c8f3f0299aab066bcfadb07055502432b285f42e369606c4217f10f947fab6bd24889ca0aafad8be5ecbf11462b3a1cfd0c93c80e0a5611d6248a0a4fcc3a2307a7de22d1e301aae233155bd10d11f6b37d89a34c5104049bfe242ceba72e5968ead5ec6ec6b7056c8a1c390f6c6640ec92afbd76fb1072784ad7349ca30b605d6e755f0a21703724394a7681709f7b73aa34f6f44dea15264ef10e86a1079d64f98f6f7bb50bd2e0caca18df8b09a51ca436834ddc235d60fa9500bfb09fbb1dba93c95e1406086f83f6950a0cb9a4cd8ba97333b0de1e658d42469ac93529c596712231f8e0410992d789d326a127bc8c0d901f4dc99b36948c782410052229769f5177b328a6ca68df9e4fc4638cf090d17a4704cf142271418c5a85c7cd292b6fe1ac9e1f2a1858d17e5318d4d75cad3c4e7f2b3d3da458e4581217a07b28ca94043cd0d31d1af5264b8170ef325855a5b5863f01541dd1428cac12793e9080919f6d4b6f9f1255032b44daf64d2ae7b1084384d0d9eb76b7aa18c70b8ce5a174f2a3f73b31f98a9dc329c3f5e1a4ff04c6b85ab3e2eb95f8e265915937b5bad0088c7ab15e2c9cc97707039045758b56f613f58d8100ab0a829c2672e99624494ae81983c23dced6381e718454e714c00d6df6d76f502bc2bc7dd8dd67279418cc4855e33d9250dfd9eff61c98fb06d578d92d1510c1589025dc2bba8208b8d4554d9718bc846666c984ecd7442c60c3437dc9adb4a8bb671cb828ae0a1be34a4db662ef440fce64a6194a296726e7fd6c2b0d2dd52c785d01b26c66b363c6be384471c0e5e60aacb8c1c47751f8c689892ea1ead15f157dc7b567243cc298583e5f37a6bd4ff9d947e2ae56a466f0c27408cdb8b2b7036598aaef45c995b4b1bcb7f110b5c5aa87fdd652e30998796982fcfa0911558395ec8f63e7fc898221d6a9b904951600f1caf077870db43f5e1c59907e4d5c50c9b51e365cf82f4a77c5bccbfaf90b1ce51aef03675e7c45e2bf46f98bfc0d140273dc2ad2e1c25c74ca2edd2efca89aa1432d1c5450125b8a0c19326b0a8c845e657bf69481918a75502de4fff5db8c706fb0e6d0d7263f3b213171f478b71a67257924a8f5ffbf29215783d21d379f50722972cd7c96c4577dfd958155d15214fe704e73effd98092f640b4e376804013028539422407156de850d0cf7797383d0c9c7e7a0c79718003d5748b5393eb3cd8c18f314cd94139f432f4bc82f908533cdaa7c80d0d6d26e1228f8d00a8882b9b07fc6a177d20231e7f42eb40eaa029a1576cd0cd32d7da652d01824077bcf175d7f9540522f38a815aa0e2267588d9ddc6ab5188e45decb68c93091a3607c0d8f158387e0e152bb4a8da4e66fc3c6fde1fb8f4d00f03885b7822a8587abd72c36d10c77e1c7222d24e2bf1992a17c07d586540a0ae2631687cb9197a655fb66690c3b0a0de8808945ba66ffa1e60e0d9623d067fc6f8a233ab53332478d538597fd798f0abfcc97182ff22249f95bce4a07d9f410ae919fd3e0d313a5b12c03f58de66ff5d211e25c791c108ff82ade5be2d59cdb15c6a4759dca915ddf3c07bda00b13018bdb95caea0bf170a15b6cf53a230ef717e1c90233735b9693379e7ef711a367ce42fd7c3ffe25496789342517332a68350a46a3a8da15bfbb63c45f8dc7c5d25db7ab473da177398443857e81bb58d9aa6d97e0bc685e1b40a0704c330e1c0850b9e799207be79508f927fcd5df193b929e0aad5a426990f7c19c50c50427c66a73347fc0937f091c98668f1ece95fa029dcce72977d51a836b6d7e5c93084968ffbca70619eee8700b1a9cc5056b5485ae3d5440b4711b8600fd10fd814cadde2ed11cc6b241464a002fb06ade3ceb7e89fb74462c9abdeb9e57eb4f9abbabd23fea5f970417a7fa8a0e78f96b233ec75c6ff89c0068dac52bbafbdc1636f8156a1681acc405b52c65960ad32bac32189c074390c11385dec2b6bad34e95de5e848845adab92a7edf2e60f3c70fda609cb76662a4b98b187b93a739bbe139054b09f5488428b2c8b462e8f5cea5df40290f2dab5ed51cf9e719688ecec4ab1c72b8497efa1746d1bc9b3dff2dabfcb1092f1856f17c2a9a7c37656eb3ec485ffdb0f51149391d6131dd1d8554310c60598e49afad834f5e5255f21c432abb377f54cdf2ea82148d73475214e28346785d797bc4e657d9a2f1f4ce54da741f8caf8262335e284e2f8a04a823de564e553474c39ec1e763700bce1bf030eacaedd345fbe3c3af2120f3fa962ceb2b1427663d791b5936a80b336941c6079f468f92d5c10deab0dfefe9593b76b673a71ad499c5d0fff4a9db2a5f5a0eca0c2c5620abf503deb905d8cb7b6c66865ee69bf31982ef6d9ae8834d361dce14d535a2025db065f5429f3945d5615886163892e1e41fd34c44949cd97592f1a378027de0e81637c11594609c1808da0cdb64de43a871b2b2640f2642d6c1aae34d83b0b0eb73aedf94ce7c1daeddf8cf684672edaf1ce0c7757f163dae3a4350cef5803a60f1e1f3d5eb277a17d38cc32ca8b6fdf536720ce186e7be6507d720810ce8801be2cc5488c7a6f0e398878ebb2ee530d62b61bf67fd4a7fdc811ecb119e4a6e7c6555685850656cf52dbc2a1da93d8550a7941a8a7716fa348f2cbcd6f58489051bf01c0ad0745b8a1e9a10fb748a9ae9f7897dfa81efc7fe240959a3857385f8be3a8102efb0791e1e01e539b370b8ea57d3b7b747bfce3a206612410c0a9aa9130320d80a912434c5a47048c1ab6901e7806c72fef1f4f59322bbf5a79f444a0eec2397a76ae63a22c5bc76a98c4e65212258f963709c07c54dc36ac15d16d7f34c6becd2de54a3ca98babdbe1068275e18585abd3a1fb4e889ea087d918ce2e791098a3e337926a408e9301f2e8f681c50b700cfc240d2a692516e491b7f4774309953b34372fc5425832d4206079872e4387f2343de66525c63c71b1c9625e7649adcc92f279d51d55fc771f7c8b81c02e8a7a6b2bb6f0170d6e5552882434382163f07ea5e4c5971bff35f530e04ca0247f5bdd27929eee90e2078141cfd2d45a1cc2a1bf47012025fa808b9e849978011e482fb7e851e5efcb02796b6a4ce2b72e8e83bba54670b912668723803b00", 0x2000, &(0x7f00000003c0)={&(0x7f00000002c0)={0x50, 0x0, 0xfffffffffffffffe, {0x7, 0x29, 0x25c17c22, 0x40000, 0x2, 0x3, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6838}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x4, 0x0, 0x1, 0x40})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_enter(r0, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

1.514589394s ago: executing program 1 (id=739):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
userfaultfd(0x80001)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_IOAS_COPY(r2, 0x3b83, &(0x7f0000000140)={0x28, 0x2, r3, r3, 0xe9, 0x401, 0x9ed5})
ioctl$IOMMU_IOAS_COPY(r2, 0x3b83, &(0x7f0000000180)={0x28, 0x2, r3, r3, 0x100000000, 0x6, 0x7})
capset(0x0, &(0x7f0000000040))
r4 = syz_open_dev$sg(&(0x7f0000000000), 0xf9ba, 0x501)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="0600000001bf12cc4cd387099d90397404000003000000e0fd0000"])
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r5, &(0x7f0000000300)="c4", 0x1, 0x0, &(0x7f00000004c0)={0xa, 0x4e23, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}, 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}, 0x401}, 0x1c)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x44800)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x5)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

1.186811506s ago: executing program 2 (id=740):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, 0x0, 0x0)

1.047765821s ago: executing program 3 (id=741):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="280200001900010000000000fbdbdf251d0109005000108049002100c9a7befe6f6d645a1a11b81b2c4b10fb4f5fdaf9331c7510e19feecb90ee6bb49fdb1a75df432aa833928a0772ff8f5e9ed32d3b477d35b296674f1fe35663c0d236fde58b000000c4010680c097"], 0x228}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6d1cb49ada2c127b, 0x59032, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, 0x0, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x4716, 0x3)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x20, r4, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

1.037378363s ago: executing program 2 (id=742):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711038000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r5)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x6fee13ad1b8fdd58, &(0x7f0000000040)=0x8044, 0x4)

1.028733938s ago: executing program 1 (id=743):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x2a382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
socket$kcm(0x10, 0x2, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sched_setscheduler(r2, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000090900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a300000000028000480240001800b000100736f636b6574000014000280080002400000001608000140000000071400"], 0xc4}, 0x1, 0x0, 0x0, 0x14}, 0x4000040)
add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x6800)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0884113, &(0x7f0000000240)={0x1, 0x7fffffff, 0x0, 0x10001, 0x0, 0x0, 0x80, 0x9, 0xfffffffffffffffc, 0x0, 0x2, 0x1})
syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
pwritev(r1, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)

846.440216ms ago: executing program 3 (id=744):
r0 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
readv(r0, &(0x7f0000000280)=[{0x0}], 0x1)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000080)={&(0x7f000099f000/0x3000)=nil, &(0x7f0000898000/0x2000)=nil, 0x3000, 0x1})

154.875725ms ago: executing program 4 (id=745):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711038000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r5)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x6fee13ad1b8fdd58, &(0x7f0000000040)=0x8044, 0x4)

115.40581ms ago: executing program 1 (id=746):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000200))
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, &(0x7f0000000480)={0x0, 0x705, 0x2, 0x9, 0x1, [], [0x6, 0x2, 0x4, 0xffff7fff], [0xffffffe4, 0x45, 0x200, 0x4], [0x1, 0x7a46, 0x100000000, 0x3ff]})
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
ioctl$SG_SET_DEBUG(r3, 0x227e, &(0x7f0000000140))
write$P9_RVERSION(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@access_client}], [], 0x6b}})

0s ago: executing program 3 (id=747):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r4, 0x0, 0xf3a, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$FUSE(r3, &(0x7f00000081c0)={0x2020}, 0x2020)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x80, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000300)={0x0, 0x3}, 0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000000c0), 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r7, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x68, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
fsetxattr$security_selinux(r8, &(0x7f0000000240), &(0x7f00000002c0)='system_u:object_r:hald_acl_exec_t:s0\x00', 0x25, 0x2)
socket$inet(0x2, 0x80001, 0x84)
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

kernel console output (not intermixed with test programs):

_alarm } for  pid=6190 comm="syz.1.72" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   80.382195][   T30] audit: type=1400 audit(1743232936.926:246): avc:  denied  { create } for  pid=6205 comm="syz.2.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   80.957124][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.81'.
[   81.108160][ T6220] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.250648][ T6220] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.394471][ T6220] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.509783][ T6220] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.705283][ T6220] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.782389][ T6220] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.850736][ T6220] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.892310][ T6220] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.174231][ T6284] syz.3.89: attempt to access beyond end of device
[   82.174231][ T6284] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   83.331226][ T6295] syz.0.90: attempt to access beyond end of device
[   83.331226][ T6295] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   84.079992][ T6302] ceph: No mds server is up or the cluster is laggy
[   84.089239][   T47] libceph: connect (1)[c::]:6789 error -101
[   84.136159][   T47] libceph: mon0 (1)[c::]:6789 connect error
[   86.388917][ T5909] libceph: connect (1)[c::]:6789 error -101
[   86.405479][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[   86.929106][ T5909] libceph: connect (1)[c::]:6789 error -101
[   86.935126][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[   86.949008][ T6339] ceph: No mds server is up or the cluster is laggy
[   87.016314][   T30] kauditd_printk_skb: 36 callbacks suppressed
[   87.016330][   T30] audit: type=1400 audit(1743232943.556:283): avc:  denied  { read write } for  pid=6357 comm="syz.4.106" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   87.068428][ T6359] netlink: 8 bytes leftover after parsing attributes in process `syz.4.106'.
[   87.107247][ T6335] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   87.122086][   T30] audit: type=1400 audit(1743232943.556:284): avc:  denied  { open } for  pid=6357 comm="syz.4.106" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   88.031288][ T6366] loop7: detected capacity change from 0 to 7
[   88.079964][ T6371] wireguard0: entered promiscuous mode
[   88.107998][ T6366] Dev loop7: unable to read RDB block 7
[   88.113708][ T6366]  loop7: unable to read partition table
[   88.132666][ T6366] loop7: partition table beyond EOD, truncated
[   88.150376][ T6366] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[   88.368336][ T6380] netlink: 80 bytes leftover after parsing attributes in process `syz.4.112'.
[   88.411425][ T6380] netlink: 80 bytes leftover after parsing attributes in process `syz.4.112'.
[   88.520800][ T6384] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[   88.739668][   T30] audit: type=1400 audit(1743232945.076:285): avc:  denied  { read } for  pid=6376 comm="syz.3.111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   88.777044][   T30] audit: type=1400 audit(1743232945.316:287): avc:  denied  { unlink } for  pid=6379 comm="syz.4.112" name="#1" dev="tmpfs" ino=97 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   88.811850][   T30] audit: type=1400 audit(1743232945.316:288): avc:  denied  { mount } for  pid=6379 comm="syz.4.112" name="/" dev="overlay" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   88.841676][ T6380] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[   88.851476][   T30] audit: type=1400 audit(1743232945.306:286): avc:  denied  { getopt } for  pid=6383 comm="syz.0.113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   89.114476][   T30] audit: type=1400 audit(1743232945.396:289): avc:  denied  { accept } for  pid=6379 comm="syz.4.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   89.139510][   T30] audit: type=1400 audit(1743232945.466:290): avc:  denied  { mounton } for  pid=6383 comm="syz.0.113" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   89.368543][   T30] audit: type=1400 audit(1743232945.546:291): avc:  denied  { bind } for  pid=6383 comm="syz.0.113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   89.426385][   T30] audit: type=1400 audit(1743232945.546:292): avc:  denied  { name_bind } for  pid=6383 comm="syz.0.113" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   90.313554][ T6411] loop7: detected capacity change from 0 to 16384
[   91.260716][ T6433] delete_channel: no stack
[   91.921362][ T6429] delete_channel: no stack
[   92.056773][ T6444] FAULT_INJECTION: forcing a failure.
[   92.056773][ T6444] name failslab, interval 1, probability 0, space 0, times 1
[   92.070458][ T6444] CPU: 1 UID: 0 PID: 6444 Comm: syz.4.128 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[   92.070481][ T6444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   92.070491][ T6444] Call Trace:
[   92.070496][ T6444]  <TASK>
[   92.070502][ T6444]  dump_stack_lvl+0x16c/0x1f0
[   92.070535][ T6444]  should_fail_ex+0x512/0x640
[   92.070551][ T6444]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   92.070572][ T6444]  should_failslab+0xc2/0x120
[   92.070592][ T6444]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   92.070611][ T6444]  ? __alloc_skb+0x2b2/0x380
[   92.070631][ T6444]  __alloc_skb+0x2b2/0x380
[   92.070647][ T6444]  ? __pfx___alloc_skb+0x10/0x10
[   92.070666][ T6444]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   92.070690][ T6444]  netlink_alloc_large_skb+0x69/0x130
[   92.070711][ T6444]  netlink_sendmsg+0x694/0xd70
[   92.070734][ T6444]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.070761][ T6444]  ____sys_sendmsg+0xa8d/0xc60
[   92.070784][ T6444]  ? copy_msghdr_from_user+0x10a/0x160
[   92.070802][ T6444]  ? __pfx_____sys_sendmsg+0x10/0x10
[   92.070832][ T6444]  ___sys_sendmsg+0x134/0x1d0
[   92.070851][ T6444]  ? __pfx____sys_sendmsg+0x10/0x10
[   92.070888][ T6444]  __sys_sendmsg+0x16d/0x220
[   92.070906][ T6444]  ? __pfx___sys_sendmsg+0x10/0x10
[   92.070928][ T6444]  ? rcu_is_watching+0x12/0xc0
[   92.070952][ T6444]  do_syscall_64+0xcd/0x260
[   92.070976][ T6444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.070991][ T6444] RIP: 0033:0x7f2dc2d8d169
[   92.071003][ T6444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.071018][ T6444] RSP: 002b:00007f2dc3bf0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.071035][ T6444] RAX: ffffffffffffffda RBX: 00007f2dc2fa5fa0 RCX: 00007f2dc2d8d169
[   92.071045][ T6444] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   92.071055][ T6444] RBP: 00007f2dc3bf0090 R08: 0000000000000000 R09: 0000000000000000
[   92.071064][ T6444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.071073][ T6444] R13: 0000000000000000 R14: 00007f2dc2fa5fa0 R15: 00007fff030acee8
[   92.071092][ T6444]  </TASK>
[   92.292068][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.616298][ T6459] random: crng reseeded on system resumption
[   93.855685][   T30] kauditd_printk_skb: 11 callbacks suppressed
[   93.855695][   T30] audit: type=1400 audit(1743232950.396:304): avc:  denied  { write } for  pid=6467 comm="syz.3.134" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   93.884595][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.027823][   T30] audit: type=1400 audit(1743232950.556:305): avc:  denied  { bind } for  pid=6469 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   94.047033][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.193350][   T30] audit: type=1400 audit(1743232950.556:306): avc:  denied  { listen } for  pid=6469 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   94.275592][   T30] audit: type=1400 audit(1743232950.556:307): avc:  denied  { connect } for  pid=6469 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   94.278808][  T972] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   95.332490][ T5897] libceph: connect (1)[c::]:6789 error -101
[   95.446138][ T6483] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.463817][  T972] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   95.479682][ T6484] ceph: No mds server is up or the cluster is laggy
[   95.998284][  T972] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   96.011593][ T5897] libceph: mon0 (1)[c::]:6789 connect error
[   96.018101][  T972] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[   96.030462][  T972] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   96.042372][  T972] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   96.070668][  T972] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   96.080297][  T972] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   96.118799][  T972] usb 4-1: Product: syz
[   96.126905][  T972] usb 4-1: Manufacturer: syz
[   96.135906][ T6483] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.154630][  T972] cdc_wdm 4-1:1.0: skipping garbage
[   96.165106][  T972] cdc_wdm 4-1:1.0: skipping garbage
[   96.232375][  T972] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[   96.238299][  T972] cdc_wdm 4-1:1.0: Unknown control protocol
[   96.247639][ T6483] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.325355][ T6483] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.391497][ T6483] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.426415][ T6483] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.455657][ T6483] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.817863][ T6483] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.330366][   T30] audit: type=1400 audit(1743232953.866:308): avc:  denied  { create } for  pid=6507 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   97.376448][   T30] audit: type=1400 audit(1743232953.876:309): avc:  denied  { connect } for  pid=6507 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   97.379214][ T6511] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   97.400559][   T30] audit: type=1400 audit(1743232953.876:310): avc:  denied  { bind } for  pid=6507 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   97.509650][   T30] audit: type=1400 audit(1743232953.896:311): avc:  denied  { write } for  pid=6507 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   97.532656][   T30] audit: type=1400 audit(1743232953.916:312): avc:  denied  { write } for  pid=6507 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   97.586699][   T30] audit: type=1400 audit(1743232953.916:313): avc:  denied  { bind } for  pid=6507 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   98.668913][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[   98.671167][ T1202] usb 4-1: USB disconnect, device number 5
[   98.675703][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[   98.687440][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   98.698282][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.878860][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   98.898794][ T5897] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[   99.068253][    T9] usb 3-1: Using ep0 maxpacket: 8
[   99.079937][    T9] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[   99.081590][ T5897] usb 1-1: config 1 has an invalid interface number: 31 but max is 0
[   99.088172][    T9] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   99.118762][ T5897] usb 1-1: config 1 has no interface number 0
[   99.125316][    T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   99.136784][ T5897] usb 1-1: New USB device found, idVendor=0bda, idProduct=818c, bcdDevice=7e.60
[   99.145267][    T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   99.148763][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.168792][    T9] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   99.192110][ T5897] usb 1-1: Product: syz
[   99.199861][    T9] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   99.206473][ T5897] usb 1-1: Manufacturer: syz
[   99.213720][ T5897] usb 1-1: SerialNumber: syz
[   99.238991][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.240640][ T5897] usb-storage 1-1:1.31: USB Mass Storage device detected
[   99.398816][  T972] libceph: connect (1)[c::]:6789 error -101
[   99.405745][  T972] libceph: mon0 (1)[c::]:6789 connect error
[   99.468417][    T9] usb 3-1: usb_control_msg returned -32
[   99.479296][    T9] usbtmc 3-1:16.0: can't read capabilities
[   99.557616][ T6548] ceph: No mds server is up or the cluster is laggy
[   99.681968][   T47] libceph: connect (1)[c::]:6789 error -101
[   99.705620][   T47] libceph: mon0 (1)[c::]:6789 connect error
[  100.007842][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  100.007857][   T30] audit: type=1400 audit(1743232956.196:318): avc:  denied  { read write } for  pid=6531 comm="syz.0.148" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  100.048616][   T30] audit: type=1400 audit(1743232956.196:319): avc:  denied  { open } for  pid=6531 comm="syz.0.148" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  100.108725][   T30] audit: type=1400 audit(1743232956.206:320): avc:  denied  { ioctl } for  pid=6531 comm="syz.0.148" path="/dev/ptp0" dev="devtmpfs" ino=1265 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  100.243703][   T30] audit: type=1400 audit(1743232956.786:321): avc:  denied  { write } for  pid=6535 comm="syz.2.151" name="usbtmc0" dev="devtmpfs" ino=2773 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  100.286354][ T5865] usb 3-1: USB disconnect, device number 2
[  101.321728][   T30] audit: type=1400 audit(1743232957.856:322): avc:  denied  { write } for  pid=6576 comm="syz.1.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  101.522482][ T6583] ALSA: mixer_oss: invalid OSS volume ''
[  101.554547][   T47] usb 1-1: USB disconnect, device number 2
[  101.588823][   T30] audit: type=1400 audit(1743232958.106:323): avc:  denied  { name_bind } for  pid=6579 comm="syz.3.161" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  102.421103][   T30] audit: type=1400 audit(1743232958.836:324): avc:  denied  { read } for  pid=6579 comm="syz.3.161" name="btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  102.490489][ T6589] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3
[  102.619272][   T30] audit: type=1400 audit(1743232958.836:325): avc:  denied  { open } for  pid=6579 comm="syz.3.161" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  102.661439][   T30] audit: type=1400 audit(1743232958.856:326): avc:  denied  { ioctl } for  pid=6579 comm="syz.3.161" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 ioctlcmd=0x9427 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  102.686859][    C1] vkms_vblank_simulate: vblank timer overrun
[  102.788287][   T30] audit: type=1400 audit(1743232959.156:327): avc:  denied  { connect } for  pid=6595 comm="syz.4.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  104.377101][ T6615] netlink: 'syz.1.171': attribute type 1 has an invalid length.
[  104.503144][ T6615] bond1: entered promiscuous mode
[  104.508520][ T6615] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.533714][ T6620] bond1: (slave bridge1): making interface the new active one
[  104.539657][ T6622] FAULT_INJECTION: forcing a failure.
[  104.539657][ T6622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.058853][ T6622] CPU: 1 UID: 0 PID: 6622 Comm: syz.0.173 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  105.058880][ T6622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  105.058889][ T6622] Call Trace:
[  105.058893][ T6622]  <TASK>
[  105.058899][ T6622]  dump_stack_lvl+0x16c/0x1f0
[  105.058926][ T6622]  should_fail_ex+0x512/0x640
[  105.058945][ T6622]  strncpy_from_user+0x3b/0x2d0
[  105.058971][ T6622]  getname_flags.part.0+0x8b/0x540
[  105.058996][ T6622]  getname_flags+0x93/0xf0
[  105.059012][ T6622]  __do_sys_move_mount+0x3cc/0x7c0
[  105.059033][ T6622]  ? __pfx___do_sys_move_mount+0x10/0x10
[  105.059052][ T6622]  ? ksys_write+0x1b9/0x240
[  105.059068][ T6622]  ? __pfx_ksys_write+0x10/0x10
[  105.059082][ T6622]  ? rcu_is_watching+0x12/0xc0
[  105.059105][ T6622]  do_syscall_64+0xcd/0x260
[  105.059129][ T6622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.059144][ T6622] RIP: 0033:0x7fae05d8d169
[  105.059156][ T6622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.059177][ T6622] RSP: 002b:00007fae06b0c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  105.059192][ T6622] RAX: ffffffffffffffda RBX: 00007fae05fa5fa0 RCX: 00007fae05d8d169
[  105.059202][ T6622] RDX: ffffffffffffff9c RSI: 0000200000000040 RDI: 0000000000000005
[  105.059211][ T6622] RBP: 00007fae06b0c090 R08: 0000000000000000 R09: 0000000000000000
[  105.059220][ T6622] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  105.059229][ T6622] R13: 0000000000000000 R14: 00007fae05fa5fa0 R15: 00007ffef135a048
[  105.059247][ T6622]  </TASK>
[  105.070657][ T6620] bridge1: entered promiscuous mode
[  105.268772][   T30] audit: type=1400 audit(1743232961.786:328): avc:  denied  { write } for  pid=5175 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  105.299640][ T6620] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  105.319831][   T30] audit: type=1400 audit(1743232961.786:329): avc:  denied  { remove_name } for  pid=5175 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  105.345873][   T30] audit: type=1400 audit(1743232961.786:330): avc:  denied  { rename } for  pid=5175 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  105.374626][   T30] audit: type=1400 audit(1743232961.786:331): avc:  denied  { add_name } for  pid=5175 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  105.397096][    C1] vkms_vblank_simulate: vblank timer overrun
[  105.460257][   T30] audit: type=1400 audit(1743232961.786:332): avc:  denied  { unlink } for  pid=5175 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  105.482575][    C1] vkms_vblank_simulate: vblank timer overrun
[  105.498821][   T30] audit: type=1400 audit(1743232961.786:333): avc:  denied  { create } for  pid=5175 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  105.538873][   T30] audit: type=1400 audit(1743232961.876:334): avc:  denied  { map } for  pid=6625 comm="syz.0.174" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  105.562569][    C1] vkms_vblank_simulate: vblank timer overrun
[  105.573062][   T30] audit: type=1400 audit(1743232961.876:335): avc:  denied  { execute } for  pid=6625 comm="syz.0.174" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  105.596709][    C1] vkms_vblank_simulate: vblank timer overrun
[  105.617502][ T6636] Zero length message leads to an empty skb
[  105.644231][ T6635] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.761513][ T6639] syz.4.179: attempt to access beyond end of device
[  105.761513][ T6639] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  106.008234][ T6635] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.172590][ T6635] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.791812][ T6635] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.904587][ T6635] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.997752][ T6635] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.012213][ T6635] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.035074][ T6635] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.168884][ T6656] syzkaller1: entered promiscuous mode
[  107.174379][ T6656] syzkaller1: entered allmulticast mode
[  107.261706][ T6659] netlink: 24 bytes leftover after parsing attributes in process `syz.1.186'.
[  107.315742][   T30] audit: type=1400 audit(1743232963.856:336): avc:  denied  { ioctl } for  pid=6658 comm="syz.1.186" path="socket:[10907]" dev="sockfs" ino=10907 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  107.485842][   T30] audit: type=1400 audit(1743232964.026:337): avc:  denied  { getopt } for  pid=6667 comm="syz.2.188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  109.603211][ T6695] syz.3.193: attempt to access beyond end of device
[  109.603211][ T6695] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  110.639815][ T6705] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.519729][ T6705] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.615226][ T6705] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.796790][ T6705] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.273544][ T6732] syz.3.207: attempt to access beyond end of device
[  112.273544][ T6732] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  112.325558][ T5897] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  112.680249][ T5897] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  112.714138][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.733362][ T5897] usb 5-1: config 0 descriptor??
[  112.741052][ T5897] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  112.760592][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  112.760625][   T30] audit: type=1400 audit(1743232969.306:345): avc:  denied  { block_suspend } for  pid=6737 comm="syz.3.210" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  112.958065][ T6725] netlink: 156 bytes leftover after parsing attributes in process `syz.4.205'.
[  113.049234][   T30] audit: type=1400 audit(1743232969.586:346): avc:  denied  { ioctl } for  pid=6723 comm="syz.4.205" path="socket:[11009]" dev="sockfs" ino=11009 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  113.074459][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.082496][ T6744] random: crng reseeded on system resumption
[  113.088051][   T30] audit: type=1400 audit(1743232969.626:347): avc:  denied  { setopt } for  pid=6723 comm="syz.4.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  113.107640][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.238059][ T6750] syzkaller1: entered promiscuous mode
[  113.243610][ T6750] syzkaller1: entered allmulticast mode
[  113.251349][ T6750] FAULT_INJECTION: forcing a failure.
[  113.251349][ T6750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.267186][ T6750] CPU: 0 UID: 0 PID: 6750 Comm: syz.3.213 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  113.267207][ T6750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  113.267216][ T6750] Call Trace:
[  113.267221][ T6750]  <TASK>
[  113.267227][ T6750]  dump_stack_lvl+0x16c/0x1f0
[  113.267254][ T6750]  should_fail_ex+0x512/0x640
[  113.267275][ T6750]  _copy_from_iter+0x2a4/0x15b0
[  113.267296][ T6750]  ? __lock_acquire+0xaa4/0x1ba0
[  113.267320][ T6750]  ? __pfx__copy_from_iter+0x10/0x10
[  113.267339][ T6750]  ? _kstrtoull+0x145/0x200
[  113.267360][ T6750]  ? __pfx__kstrtoull+0x10/0x10
[  113.267385][ T6750]  tun_get_user+0x13da/0x3b10
[  113.267411][ T6750]  ? __lock_acquire+0x5ca/0x1ba0
[  113.267435][ T6750]  ? __pfx_tun_get_user+0x10/0x10
[  113.267455][ T6750]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  113.267478][ T6750]  ? find_held_lock+0x2b/0x80
[  113.267497][ T6750]  ? tun_get+0x191/0x370
[  113.267519][ T6750]  tun_chr_write_iter+0xdc/0x210
[  113.267542][ T6750]  vfs_write+0x5ba/0x1180
[  113.267559][ T6750]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  113.267582][ T6750]  ? __pfx_vfs_write+0x10/0x10
[  113.267597][ T6750]  ? find_held_lock+0x2b/0x80
[  113.267624][ T6750]  ksys_write+0x12a/0x240
[  113.267640][ T6750]  ? __pfx_ksys_write+0x10/0x10
[  113.267656][ T6750]  ? rcu_is_watching+0x12/0xc0
[  113.267680][ T6750]  do_syscall_64+0xcd/0x260
[  113.267704][ T6750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.267720][ T6750] RIP: 0033:0x7f603678d169
[  113.267733][ T6750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.267748][ T6750] RSP: 002b:00007f6037590038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.267763][ T6750] RAX: ffffffffffffffda RBX: 00007f60369a5fa0 RCX: 00007f603678d169
[  113.267773][ T6750] RDX: 0000000000000036 RSI: 00002000000000c0 RDI: 0000000000000003
[  113.267783][ T6750] RBP: 00007f6037590090 R08: 0000000000000000 R09: 0000000000000000
[  113.267792][ T6750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.267802][ T6750] R13: 0000000000000000 R14: 00007f60369a5fa0 R15: 00007ffcb628b548
[  113.267820][ T6750]  </TASK>
[  113.492947][ T5897] gp8psk: usb in 128 operation failed.
[  113.499294][ T5897] gp8psk: usb in 137 operation failed.
[  113.504810][ T5897] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  113.516047][ T5897] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  113.529030][ T5897] usb 5-1: media controller created
[  113.539782][ T6705] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.543837][ T5897] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  113.572210][ T6705] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.574088][ T5897] gp8psk_fe: Frontend attached
[  113.591564][ T5897] usb 5-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  113.610573][ T5897] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  113.629805][ T6705] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.672200][ T6705] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.674720][ T5897] gp8psk: usb in 138 operation failed.
[  113.703750][ T5897] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  113.717661][ T5897] gp8psk: found Genpix USB device pID = 203 (hex)
[  113.768312][ T5897] usb 5-1: USB disconnect, device number 7
[  114.058787][   T47] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  114.221769][ T5897] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  114.610141][   T47] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  114.620887][   T47] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  114.634904][   T47] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  114.644316][   T47] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  114.655746][   T47] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  114.670056][   T47] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  114.679470][   T47] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  114.687548][   T47] usb 4-1: Product: syz
[  114.691996][   T47] usb 4-1: Manufacturer: syz
[  114.705230][   T47] cdc_wdm 4-1:1.0: skipping garbage
[  114.711146][   T47] cdc_wdm 4-1:1.0: skipping garbage
[  114.717761][   T47] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  114.729084][   T47] cdc_wdm 4-1:1.0: Unknown control protocol
[  114.789787][ T6765] ALSA: mixer_oss: invalid OSS volume ''
[  115.483967][ T6771] ALSA: mixer_oss: invalid OSS volume ''
[  118.128873][ T1202] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  118.598882][ T1202] usb 5-1: device descriptor read/64, error -71
[  118.905233][ T1202] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  119.364598][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  119.371224][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  119.377917][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  119.384513][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  119.390589][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  119.400394][   T47] usb 4-1: USB disconnect, device number 6
[  119.448182][ T1202] usb 5-1: device descriptor read/64, error -71
[  119.589976][ T1202] usb usb5-port1: attempt power cycle
[  119.958878][ T1202] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  119.989405][ T1202] usb 5-1: device descriptor read/8, error -71
[  120.244692][ T1202] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  120.779282][ T1202] usb 5-1: device descriptor read/8, error -71
[  120.889581][ T1202] usb usb5-port1: unable to enumerate USB device
[  122.617858][   T30] audit: type=1400 audit(1743232979.046:348): avc:  denied  { create } for  pid=6860 comm="syz.0.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  123.365993][  T972] libceph: connect (1)[c::]:6789 error -101
[  123.388346][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  123.410663][   T30] audit: type=1400 audit(1743232979.886:349): avc:  denied  { unmount } for  pid=5820 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  123.446482][ T6871] ceph: No mds server is up or the cluster is laggy
[  124.243041][ T6891] syz.4.252: attempt to access beyond end of device
[  124.243041][ T6891] loop9: rw=0, sector=0, nr_sectors = 1 limit=0
[  124.256176][ T6891] FAT-fs (loop9): unable to read boot sector
[  124.339686][   T30] audit: type=1400 audit(1743232980.776:350): avc:  denied  { mounton } for  pid=6880 comm="syz.4.252" path="/39/file0" dev="tmpfs" ino=229 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  124.362347][    C0] vkms_vblank_simulate: vblank timer overrun
[  124.767718][ T6883] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  124.827626][ T6883] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  124.845225][ T6883] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  124.863495][ T6883] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  124.877864][ T6883] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  124.888259][ T6883] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  124.898885][ T6883] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  124.914603][ T6883] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  124.923235][ T6883] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  124.941138][ T6883] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  124.947103][ T6883] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  125.006892][  T972] libceph: connect (1)[c::]:6789 error -101
[  125.013057][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  125.114338][ T6901] ceph: No mds server is up or the cluster is laggy
[  125.134870][ T6883] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  125.142480][ T6883] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  125.148566][ T6883] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  125.156215][ T6883] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  125.188112][ T6895] syz.3.253: attempt to access beyond end of device
[  125.188112][ T6895] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.019448][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  126.263927][ T6932] random: crng reseeded on system resumption
[  126.465822][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  127.259558][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  127.265741][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  127.271063][ T5817] Bluetooth: hci3: command 0x0c1a tx timeout
[  127.272833][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  127.415359][ T6944] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  127.430514][   T24] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30
[  127.447081][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  127.485911][ T6945] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.499960][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33
[  127.513456][   T24] usb 5-1: New USB device found, idVendor=09da, idProduct=001a, bcdDevice= 0.00
[  127.593954][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.643806][   T24] usb 5-1: config 0 descriptor??
[  127.879395][ T6945] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.071710][ T6957] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.082302][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  128.101608][ T6945] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.147226][ T6957] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.187230][ T6945] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.206599][   T24] a4tech 0003:09DA:001A.0001: item fetching failed at offset 6/7
[  128.241114][ T6957] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.313933][   T24] a4tech 0003:09DA:001A.0001: parse failed
[  128.374998][ T6923] xt_hashlimit: max too large, truncated to 1048576
[  128.387755][ T6945] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.464281][   T24] a4tech 0003:09DA:001A.0001: probe with driver a4tech failed with error -22
[  128.553479][ T6957] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.757770][ T6945] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.911304][ T6945] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.941057][ T6945] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.997403][ T6957] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.030471][ T6957] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.047539][ T6957] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.067145][ T6957] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.291373][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  129.297540][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  129.303628][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  129.359064][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  130.440519][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  130.448020][   T30] audit: type=1400 audit(1743232986.246:351): avc:  denied  { node_bind } for  pid=6986 comm="syz.1.274" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  131.088018][ T6996] random: crng reseeded on system resumption
[  131.107167][   T30] audit: type=1400 audit(1743232987.646:352): avc:  denied  { shutdown } for  pid=7000 comm="syz.0.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  131.368886][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  131.374984][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  131.381214][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  131.438833][ T5817] Bluetooth: hci2: command 0x0c1a tx timeout
[  131.779755][   T30] audit: type=1400 audit(1743232987.646:353): avc:  denied  { read } for  pid=7000 comm="syz.0.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  131.800364][   T47] usb 5-1: USB disconnect, device number 12
[  131.800619][ T7003] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  131.850566][   T30] audit: type=1400 audit(1743232988.356:354): avc:  denied  { listen } for  pid=7000 comm="syz.0.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  131.872525][   T30] audit: type=1400 audit(1743232988.376:355): avc:  denied  { mount } for  pid=7007 comm="syz.1.278" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  131.894223][    C0] vkms_vblank_simulate: vblank timer overrun
[  131.910622][   T30] audit: type=1400 audit(1743232988.456:356): avc:  denied  { listen } for  pid=7014 comm="syz.1.281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  131.972019][   T30] audit: type=1400 audit(1743232988.456:357): avc:  denied  { accept } for  pid=7014 comm="syz.1.281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  131.993803][   T30] audit: type=1326 audit(1743232988.536:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7016 comm="syz.4.282" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2dc2d8d169 code=0x0
[  132.098872][ T5865] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  132.260660][ T5865] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  132.271132][ T5865] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  132.280185][ T5865] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  132.289539][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.304034][ T5865] usb 3-1: config 0 descriptor??
[  132.311117][ T5865] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  132.317795][ T5865] dvb-usb: bulk message failed: -22 (3/0)
[  132.325319][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  132.332262][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  132.351621][ T5865] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  132.369349][ T5865] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  132.376391][ T5865] usb 3-1: media controller created
[  132.399553][ T5865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  132.420866][ T5865] dvb-usb: bulk message failed: -22 (6/0)
[  132.426800][ T5865] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  132.449992][ T5865] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input8
[  132.473940][ T5865] dvb-usb: schedule remote query interval to 150 msecs.
[  132.481298][   T30] audit: type=1400 audit(1743232989.016:359): avc:  denied  { read } for  pid=5178 comm="acpid" name="event4" dev="devtmpfs" ino=2815 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  132.508761][ T5865] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  132.534213][ T7004] dvb-usb: bulk message failed: -22 (2/0)
[  132.549844][   T30] audit: type=1400 audit(1743232989.016:360): avc:  denied  { open } for  pid=5178 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2815 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  132.574544][ T5895] usb 3-1: USB disconnect, device number 3
[  132.607164][ T5895] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  132.839123][   T47] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  133.675275][   T47] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  133.919650][   T47] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  133.964211][   T47] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  133.974811][   T47] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  134.057716][   T47] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  134.073137][   T47] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  134.091288][   T47] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  134.091311][   T47] usb 4-1: Product: syz
[  134.091324][   T47] usb 4-1: Manufacturer: syz
[  134.096219][   T47] cdc_wdm 4-1:1.0: skipping garbage
[  134.096230][   T47] cdc_wdm 4-1:1.0: skipping garbage
[  134.096752][   T47] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  134.096763][   T47] cdc_wdm 4-1:1.0: Unknown control protocol
[  134.189451][ T5865] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  134.305631][ T7049] ALSA: mixer_oss: invalid OSS volume ''
[  134.328994][ T5865] usb 5-1: device descriptor read/64, error -71
[  135.078864][ T5865] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  135.238901][ T5865] usb 5-1: device descriptor read/64, error -71
[  135.349021][ T5865] usb usb5-port1: attempt power cycle
[  135.588878][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  135.728935][ T5865] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  135.742645][    T9] usb 1-1: New USB device found, idVendor=a168, idProduct=0618, bcdDevice=e3.a4
[  135.752147][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.761030][ T5865] usb 5-1: device descriptor read/8, error -71
[  135.771863][    T9] usb 1-1: Product: syz
[  135.789168][    T9] usb 1-1: Manufacturer: syz
[  135.807655][    T9] usb 1-1: SerialNumber: syz
[  135.837497][    T9] usb 1-1: config 0 descriptor??
[  135.854527][    T9] gspca_main: gspca_sn9c20x-2.14.0 probing a168:0618
[  136.008908][ T5865] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  136.039464][ T5865] usb 5-1: device descriptor read/8, error -71
[  136.115080][    T9] gspca_sn9c20x: Write register 1000 failed -71
[  136.122934][    T9] gspca_sn9c20x: Device initialization failed
[  136.129611][    T9] gspca_sn9c20x 1-1:0.0: probe with driver gspca_sn9c20x failed with error -71
[  136.140566][    T9] usb 1-1: USB disconnect, device number 3
[  136.149011][ T5865] usb usb5-port1: unable to enumerate USB device
[  136.384724][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  136.384739][   T30] audit: type=1400 audit(1743232992.926:362): avc:  denied  { read } for  pid=7078 comm="syz.2.299" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  136.413130][    C0] vkms_vblank_simulate: vblank timer overrun
[  136.426959][   T30] audit: type=1400 audit(1743232992.926:363): avc:  denied  { open } for  pid=7078 comm="syz.2.299" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  136.452352][   T30] audit: type=1400 audit(1743232992.966:364): avc:  denied  { map } for  pid=7078 comm="syz.2.299" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  136.475272][    C0] vkms_vblank_simulate: vblank timer overrun
[  136.555105][   T30] audit: type=1400 audit(1743232993.096:365): avc:  denied  { view } for  pid=7082 comm="syz.2.300" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  136.833246][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  137.052283][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.058883][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.065136][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.071739][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.078037][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.084642][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.090886][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.097464][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.103672][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.110251][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.116466][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.123037][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.128769][    T9] usb 3-1: Using ep0 maxpacket: 32
[  137.129443][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.140767][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.147463][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.154034][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.160820][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.167385][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.173640][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  137.180223][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  137.199925][ T5909] usb 4-1: USB disconnect, device number 7
[  137.205757][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  137.305615][    T9] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  137.323708][ T7095] ALSA: mixer_oss: invalid OSS volume ''
[  137.428109][    T9] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  137.437491][    T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  137.455525][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 2763, setting to 1024
[  137.963638][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  137.975007][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  137.985907][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  137.997843][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  138.013166][    T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  138.025111][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.039328][    T9] usb 3-1: config 0 descriptor??
[  138.044711][ T7084] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  138.073441][    T9] usblp0: Disabling reads from problematic bidirectional printer
[  138.411032][ T7112] syz.0.307: attempt to access beyond end of device
[  138.411032][ T7112] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  138.497873][    T9] usblp 3-1:0.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x0004
[  138.656878][    T9] usb 3-1: USB disconnect, device number 4
[  138.685523][    T9] usblp0: removed
[  138.810877][ T7121] syz.4.308: attempt to access beyond end of device
[  138.810877][ T7121] loop9: rw=0, sector=0, nr_sectors = 1 limit=0
[  138.823925][ T7121] FAT-fs (loop9): unable to read boot sector
[  139.205168][ T5832] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  139.315289][ T7116] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  139.368588][ T7116] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  139.375803][ T7116] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  139.382281][ T7116] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  139.388484][ T7116] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  139.639331][ T5909] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  139.757185][ T7137] random: crng reseeded on system resumption
[  140.655470][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  141.438812][ T5817] Bluetooth: hci4: command 0x0c1a tx timeout
[  141.438890][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  141.457026][ T5817] Bluetooth: hci1: command 0x0c1a tx timeout
[  141.466559][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  141.892846][ T7157] ALSA: mixer_oss: invalid OSS volume ''
[  141.984045][ T7148] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.994490][ T5909] usb 3-1: unable to read config index 0 descriptor/start: -71
[  142.003728][ T5909] usb 3-1: can't read configurations, error -71
[  142.482311][ T7148] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.609443][ T7170] syz.2.319: attempt to access beyond end of device
[  142.609443][ T7170] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  142.831611][ T7148] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.033856][ T7148] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.172371][ T7180] syz.4.322: attempt to access beyond end of device
[  143.172371][ T7180] loop9: rw=0, sector=0, nr_sectors = 1 limit=0
[  143.185889][ T7180] FAT-fs (loop9): unable to read boot sector
[  143.754918][   T30] audit: type=1400 audit(1743233000.066:366): avc:  denied  { listen } for  pid=7175 comm="syz.3.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  144.300572][ T7174] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  144.328825][ T7174] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  144.345973][ T7174] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  144.417867][ T7174] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  144.424006][ T7174] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  144.457673][ T7148] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.484159][ T7148] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.041819][ T7148] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.139676][ T7148] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.220620][ T7210] Bluetooth: MGMT ver 1.23
[  146.226027][   T30] audit: type=1400 audit(1743233002.766:367): avc:  denied  { bind } for  pid=7208 comm="syz.0.333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  146.239658][ T7210] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes
[  146.248111][   T30] audit: type=1400 audit(1743233002.766:368): avc:  denied  { write } for  pid=7208 comm="syz.0.333" path="socket:[13133]" dev="sockfs" ino=13133 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  146.277464][    C0] vkms_vblank_simulate: vblank timer overrun
[  146.307206][ T5895] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  146.318908][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  146.321201][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  146.413266][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  146.478924][ T5895] usb 3-1: Using ep0 maxpacket: 8
[  146.484217][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  146.491358][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  146.504382][ T5895] usb 3-1: config 0 has an invalid interface number: 186 but max is 0
[  146.513871][ T5895] usb 3-1: config 0 has no interface number 0
[  147.096764][ T5895] usb 3-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  147.269820][ T5895] usb 3-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  147.297083][ T5895] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  147.932817][ T7224] netlink: 'syz.1.336': attribute type 10 has an invalid length.
[  147.945619][ T7224] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.955099][ T7224] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  148.569076][ T7227] syz.0.335: attempt to access beyond end of device
[  148.569076][ T7227] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  148.754450][ T7229] capability: warning: `syz.3.338' uses deprecated v2 capabilities in a way that may be insecure
[  148.808522][ T5895] usb 3-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  148.948380][ T5895] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  148.957932][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.968005][ T7232] syzkaller0: entered promiscuous mode
[  148.974185][   T30] audit: type=1400 audit(1743233005.516:369): avc:  denied  { mounton } for  pid=7233 comm="syz.4.339" path="/54/file0" dev="tmpfs" ino=308 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  149.005000][ T7232] syzkaller0: entered allmulticast mode
[  149.007367][ T5895] usb 3-1: Product: syz
[  149.022512][ T5895] usb 3-1: Manufacturer: syz
[  149.027139][ T5895] usb 3-1: SerialNumber: syz
[  149.039524][ T5895] usb 3-1: config 0 descriptor??
[  149.082169][ T5895] iowarrior 3-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  149.126391][ T5895] usb 3-1: USB disconnect, device number 7
[  149.404891][ T7247] xt_hashlimit: max too large, truncated to 1048576
[  149.551208][ T7249] netlink: 'syz.4.340': attribute type 10 has an invalid length.
[  149.827742][   T24] libceph: connect (1)[c::]:6789 error -101
[  149.999037][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  150.008830][ T7231] ceph: No mds server is up or the cluster is laggy
[  150.016451][  T972] libceph: connect (1)[c::]:6789 error -101
[  150.023156][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  150.160733][ T7258] netlink: 20 bytes leftover after parsing attributes in process `syz.0.343'.
[  150.569446][ T7265] ceph: No mds server is up or the cluster is laggy
[  150.592113][  T972] libceph: connect (1)[c::]:6789 error -101
[  150.722834][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  150.863569][ T7271] netlink: 'syz.2.344': attribute type 10 has an invalid length.
[  151.498943][ T7249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.506287][ T7249] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  151.663616][   T30] audit: type=1400 audit(1743233008.206:370): avc:  denied  { ioctl } for  pid=7279 comm="syz.0.348" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  153.252405][ T7312] random: crng reseeded on system resumption
[  153.826540][ T5865] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  154.324555][ T7320] netlink: 20 bytes leftover after parsing attributes in process `syz.2.358'.
[  154.504274][ T5865] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  154.514890][ T5865] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  154.526725][ T5865] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  154.537308][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.555318][ T5865] usb 5-1: config 0 descriptor??
[  154.822751][ T7333] netlink: 'syz.2.360': attribute type 10 has an invalid length.
[  154.849822][   T30] audit: type=1400 audit(1743233011.376:371): avc:  denied  { accept } for  pid=7299 comm="syz.4.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  154.944361][ T5865] ath6kl: Failed to submit usb control message: -71
[  154.979078][ T5865] ath6kl: unable to send the bmi data to the device: -71
[  155.266324][ T5865] ath6kl: Unable to send get target info: -71
[  155.279618][ T5865] ath6kl: Failed to init ath6kl core: -71
[  155.295965][ T5865] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  155.323822][ T5865] usb 5-1: USB disconnect, device number 17
[  156.986281][ T7368] syz.0.370: attempt to access beyond end of device
[  156.986281][ T7368] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[  156.999360][ T7368] FAT-fs (loop1): unable to read boot sector
[  157.424219][ T7365] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  157.430535][ T7365] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  157.439577][ T7373] netlink: 20 bytes leftover after parsing attributes in process `syz.2.371'.
[  157.448567][ T7365] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  157.465006][ T7365] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  157.471676][ T7365] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  158.561787][ T5144] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  158.718807][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  158.819017][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  159.408376][   T30] audit: type=1400 audit(1743233015.946:372): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  159.438788][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout
[  159.439448][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  159.495370][    T9] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  159.505483][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.515793][    T9] usb 1-1: Product: syz
[  159.520534][    T9] usb 1-1: Manufacturer: syz
[  159.525124][    T9] usb 1-1: SerialNumber: syz
[  159.531666][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  159.537669][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  159.548029][    T9] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  159.578790][ T5865] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  159.785882][ T7399] netlink: 'syz.3.379': attribute type 10 has an invalid length.
[  159.815438][ T7399] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.861909][ T7399] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  160.685727][ T5865] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  160.700664][ T5865] ath9k_htc: Failed to initialize the device
[  160.737761][ T5865] usb 1-1: ath9k_htc: USB layer deinitialized
[  162.125248][ T5865] usb 1-1: USB disconnect, device number 4
[  163.851513][ T7460] netlink: 20 bytes leftover after parsing attributes in process `syz.3.393'.
[  163.977462][ T5865] libceph: connect (1)[c::]:6789 error -101
[  163.983534][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  164.147096][ T7446] ceph: No mds server is up or the cluster is laggy
[  164.651558][ T5865] libceph: connect (1)[c::]:6789 error -101
[  164.657661][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  164.735589][ T7475] random: crng reseeded on system resumption
[  165.924835][   T30] audit: type=1400 audit(1743233022.466:373): avc:  denied  { ioctl } for  pid=7483 comm="syz.1.400" path="socket:[15547]" dev="sockfs" ino=15547 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  166.869495][   T30] audit: type=1400 audit(1743233022.506:374): avc:  denied  { bind } for  pid=7483 comm="syz.1.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  166.888871][ T5144] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  166.896639][   T30] audit: type=1400 audit(1743233022.556:375): avc:  denied  { setopt } for  pid=7483 comm="syz.1.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  166.919184][   T30] audit: type=1400 audit(1743233022.556:376): avc:  denied  { write } for  pid=7483 comm="syz.1.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  166.938746][   T30] audit: type=1400 audit(1743233022.556:377): avc:  denied  { read } for  pid=7483 comm="syz.1.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  167.228774][ T5909] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  167.407702][ T5909] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  167.705924][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.714077][ T5909] usb 1-1: Product: syz
[  167.728763][ T5909] usb 1-1: Manufacturer: syz
[  167.746865][ T5909] usb 1-1: SerialNumber: syz
[  167.776339][ T5909] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  167.793375][   T24] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  169.297303][   T24] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  169.306693][   T24] ath9k_htc: Failed to initialize the device
[  169.360938][   T24] usb 1-1: ath9k_htc: USB layer deinitialized
[  169.625104][   T30] audit: type=1400 audit(1743233026.166:378): avc:  denied  { load_policy } for  pid=7520 comm="syz.4.410" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  169.645792][ T7521] SELinux: failed to load policy
[  170.874044][ T7545] syz.4.411: attempt to access beyond end of device
[  170.874044][ T7545] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  171.059165][    T9] usb 1-1: USB disconnect, device number 5
[  175.049445][ T7570] random: crng reseeded on system resumption
[  177.278464][   T30] audit: type=1400 audit(1743233033.796:379): avc:  denied  { name_bind } for  pid=7579 comm="syz.0.423" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  177.547349][ T7595] netlink: 20 bytes leftover after parsing attributes in process `syz.4.422'.
[  178.093805][ T5144] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  178.348921][ T5865] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  178.539603][ T7626] netlink: 'syz.4.430': attribute type 10 has an invalid length.
[  179.199210][ T5865] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  179.264619][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.294031][ T5865] usb 4-1: Product: syz
[  179.298211][ T5865] usb 4-1: Manufacturer: syz
[  179.322457][ T5865] usb 4-1: SerialNumber: syz
[  179.333497][ T5865] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  179.360265][    T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  179.475734][ T7636] ALSA: mixer_oss: invalid OSS volume ''
[  180.398959][    T9] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  180.405983][    T9] ath9k_htc: Failed to initialize the device
[  180.530747][    T9] usb 4-1: ath9k_htc: USB layer deinitialized
[  181.223333][   T30] audit: type=1400 audit(1743233037.406:380): avc:  denied  { create } for  pid=7649 comm="syz.4.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  181.251849][   T30] audit: type=1400 audit(1743233037.406:381): avc:  denied  { bind } for  pid=7649 comm="syz.4.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  181.278818][ T5895] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  181.285777][   T30] audit: type=1400 audit(1743233037.406:382): avc:  denied  { write } for  pid=7649 comm="syz.4.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  181.689130][ T5895] usb 1-1: Using ep0 maxpacket: 8
[  181.720784][ T5895] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  181.740784][ T5895] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  181.755858][ T5895] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  181.765921][ T5895] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  181.779000][ T5895] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  181.788513][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.998833][  T972] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  182.013360][ T5895] usb 1-1: usb_control_msg returned -71
[  182.021134][ T5895] usbtmc 1-1:16.0: can't read capabilities
[  182.179725][  T972] usb 5-1: Using ep0 maxpacket: 8
[  182.210155][  T972] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  182.235675][  T972] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  182.268438][  T972] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  182.287635][  T972] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  182.319829][  T972] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  182.340806][  T972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.401913][ T5895] usb 1-1: USB disconnect, device number 6
[  182.475365][ T7677] ALSA: mixer_oss: invalid OSS volume ''
[  182.631814][  T972] usb 5-1: GET_CAPABILITIES returned 0
[  182.637310][  T972] usbtmc 5-1:16.0: can't read capabilities
[  183.171026][ T7660] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  183.239533][ T5896] usb 4-1: USB disconnect, device number 8
[  183.362193][  T972] usb 5-1: USB disconnect, device number 18
[  183.510170][ T7692] syz.3.447: attempt to access beyond end of device
[  183.510170][ T7692] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  183.557897][ T7694] netlink: 'syz.0.445': attribute type 10 has an invalid length.
[  184.380781][   T30] audit: type=1400 audit(1743233040.926:383): avc:  denied  { map } for  pid=7691 comm="syz.2.448" path="socket:[14857]" dev="sockfs" ino=14857 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  184.511737][   T30] audit: type=1326 audit(1743233041.056:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7705 comm="syz.3.451" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f603678d169 code=0x0
[  185.501891][   T30] audit: type=1400 audit(1743233042.036:385): avc:  denied  { connect } for  pid=7720 comm="syz.3.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  185.654031][   T30] audit: type=1400 audit(1743233042.196:386): avc:  denied  { shutdown } for  pid=7720 comm="syz.3.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  185.842003][   T30] audit: type=1400 audit(1743233042.296:387): avc:  denied  { setopt } for  pid=7724 comm="syz.0.457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  186.796425][ T7737] ALSA: mixer_oss: invalid OSS volume ''
[  187.328155][   T30] audit: type=1400 audit(1743233043.866:388): avc:  denied  { ioctl } for  pid=7741 comm="syz.3.460" path="socket:[16028]" dev="sockfs" ino=16028 ioctlcmd=0x745a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  187.357087][   T30] audit: type=1400 audit(1743233043.896:389): avc:  denied  { read } for  pid=7741 comm="syz.3.460" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  187.519384][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  187.738874][   T47] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  188.149670][   T47] usb 3-1: config 0 has no interfaces?
[  188.155192][   T47] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  188.167532][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.184513][   T47] usb 3-1: config 0 descriptor??
[  189.605825][ T7749] FAULT_INJECTION: forcing a failure.
[  189.605825][ T7749] name failslab, interval 1, probability 0, space 0, times 0
[  189.621565][ T7771] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.632966][ T7749] CPU: 1 UID: 0 PID: 7749 Comm: syz.2.461 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  189.632989][ T7749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  189.632999][ T7749] Call Trace:
[  189.633004][ T7749]  <TASK>
[  189.633011][ T7749]  dump_stack_lvl+0x16c/0x1f0
[  189.633039][ T7749]  should_fail_ex+0x512/0x640
[  189.633057][ T7749]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  189.633079][ T7749]  should_failslab+0xc2/0x120
[  189.633100][ T7749]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  189.633118][ T7749]  ? vm_area_dup+0x21/0x2f0
[  189.633137][ T7749]  vm_area_dup+0x21/0x2f0
[  189.633161][ T7749]  __split_vma+0x17f/0x11a0
[  189.633177][ T7749]  ? vma_merge_existing_range+0xaf7/0x2070
[  189.633197][ T7749]  ? __pfx___split_vma+0x10/0x10
[  189.633221][ T7749]  vma_modify.constprop.0+0x348/0x410
[  189.633240][ T7749]  vma_modify_policy+0x232/0x2d0
[  189.633258][ T7749]  ? __pfx_vma_modify_policy+0x10/0x10
[  189.633285][ T7749]  mbind_range+0x17b/0x590
[  189.633309][ T7749]  do_mbind+0x848/0xf30
[  189.633333][ T7749]  ? __pfx_do_mbind+0x10/0x10
[  189.633352][ T7749]  ? find_held_lock+0x2b/0x80
[  189.633383][ T7749]  ? ksys_write+0x190/0x240
[  189.633406][ T7749]  ? __pfx_get_nodes+0x10/0x10
[  189.633422][ T7749]  ? __fget_files+0x20e/0x3c0
[  189.633443][ T7749]  kernel_mbind+0x1e3/0x1f0
[  189.633466][ T7749]  ? __pfx_kernel_mbind+0x10/0x10
[  189.633488][ T7749]  ? rcu_is_watching+0x12/0xc0
[  189.633511][ T7749]  do_syscall_64+0xcd/0x260
[  189.633536][ T7749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.633551][ T7749] RIP: 0033:0x7f6b5298d169
[  189.633564][ T7749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.633580][ T7749] RSP: 002b:00007f6b5379c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  189.633596][ T7749] RAX: ffffffffffffffda RBX: 00007f6b52ba6160 RCX: 00007f6b5298d169
[  189.633613][ T7749] RDX: 0000000000000001 RSI: 0000000000600000 RDI: 0000200000000000
[  189.633623][ T7749] RBP: 00007f6b5379c090 R08: 0000000000000000 R09: 0000000000000002
[  189.633633][ T7749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.633644][ T7749] R13: 0000000000000000 R14: 00007f6b52ba6160 R15: 00007ffce4c8e588
[  189.633662][ T7749]  </TASK>
[  190.097166][ T7778] netlink: 'syz.0.467': attribute type 10 has an invalid length.
[  190.158262][ T7771] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.401733][ T7771] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.485736][ T7771] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.611922][ T7771] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.641089][ T7771] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.203117][ T7771] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.244370][    T9] usb 3-1: USB disconnect, device number 8
[  191.262284][ T7771] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.005722][ T7793] FAULT_INJECTION: forcing a failure.
[  192.005722][ T7793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.039907][ T7793] CPU: 1 UID: 0 PID: 7793 Comm: syz.3.474 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  192.039931][ T7793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  192.039941][ T7793] Call Trace:
[  192.039946][ T7793]  <TASK>
[  192.039953][ T7793]  dump_stack_lvl+0x16c/0x1f0
[  192.039981][ T7793]  should_fail_ex+0x512/0x640
[  192.040001][ T7793]  _copy_from_user+0x2e/0xd0
[  192.040019][ T7793]  memdup_user+0x7d/0xe0
[  192.040034][ T7793]  strndup_user+0x78/0xe0
[  192.040050][ T7793]  __x64_sys_mount+0x137/0x310
[  192.040071][ T7793]  ? __pfx___x64_sys_mount+0x10/0x10
[  192.040091][ T7793]  ? rcu_is_watching+0x12/0xc0
[  192.040115][ T7793]  do_syscall_64+0xcd/0x260
[  192.040139][ T7793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.040156][ T7793] RIP: 0033:0x7f603678d169
[  192.040168][ T7793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.040183][ T7793] RSP: 002b:00007f6037590038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  192.040199][ T7793] RAX: ffffffffffffffda RBX: 00007f60369a5fa0 RCX: 00007f603678d169
[  192.040210][ T7793] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 0000200000000000
[  192.040220][ T7793] RBP: 00007f6037590090 R08: 0000200000000240 R09: 0000000000000000
[  192.040230][ T7793] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  192.040240][ T7793] R13: 0000000000000000 R14: 00007f60369a5fa0 R15: 00007ffcb628b548
[  192.040262][ T7793]  </TASK>
[  193.008584][    T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  193.029055][ T7806] ceph: No mds server is up or the cluster is laggy
[  193.036876][  T972] libceph: connect (1)[c::]:6789 error -101
[  193.044703][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  193.114585][ T7812] netlink: 20 bytes leftover after parsing attributes in process `syz.1.480'.
[  193.162783][    T9] usb 5-1: New USB device found, idVendor=a168, idProduct=0618, bcdDevice=e3.a4
[  193.172130][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.197164][    T9] usb 5-1: Product: syz
[  193.204111][    T9] usb 5-1: Manufacturer: syz
[  193.209555][    T9] usb 5-1: SerialNumber: syz
[  193.336129][    T9] usb 5-1: config 0 descriptor??
[  193.349830][    T9] gspca_main: gspca_sn9c20x-2.14.0 probing a168:0618
[  193.448071][ T5144] Bluetooth: hci4: unexpected event for opcode 0x1003
[  193.481835][   T30] audit: type=1400 audit(1743233050.026:390): avc:  denied  { connect } for  pid=7829 comm="syz.3.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  193.502211][   T30] audit: type=1400 audit(1743233050.026:391): avc:  denied  { name_connect } for  pid=7829 comm="syz.3.488" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  193.524295][ T7830] netlink: 256 bytes leftover after parsing attributes in process `syz.3.488'.
[  193.548541][   T30] audit: type=1400 audit(1743233050.086:392): avc:  denied  { accept } for  pid=7829 comm="syz.3.488" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  193.573752][   T30] audit: type=1400 audit(1743233050.116:393): avc:  denied  { write } for  pid=7829 comm="syz.3.488" laddr=::ffff:127.0.0.1 lport=20003 faddr=::ffff:127.0.0.1 fport=42288 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  193.631938][    T9] gspca_sn9c20x: Write register 1000 failed -71
[  193.644782][    T9] gspca_sn9c20x: Device initialization failed
[  193.651810][    T9] gspca_sn9c20x 5-1:0.0: probe with driver gspca_sn9c20x failed with error -71
[  193.661098][ T7830] dccp_close: ABORT with 36 bytes unread
[  193.662452][    T9] usb 5-1: USB disconnect, device number 19
[  193.698873][  T972] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  193.789055][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  193.796689][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  193.938868][  T972] usb 1-1: Using ep0 maxpacket: 8
[  193.948884][  T972] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  194.060676][  T972] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  194.098509][  T972] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  194.131188][  T972] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  194.157052][  T972] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  194.273635][  T972] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.554179][  T972] usb 1-1: GET_CAPABILITIES returned 0
[  194.567782][  T972] usbtmc 1-1:16.0: can't read capabilities
[  195.347172][ T7862] netlink: 'syz.1.497': attribute type 2 has an invalid length.
[  195.404615][ T7865] netlink: 8 bytes leftover after parsing attributes in process `syz.3.498'.
[  195.651407][ T7871] ceph: No mds server is up or the cluster is laggy
[  195.730948][ T5909] libceph: connect (1)[c::]:6789 error -101
[  195.818968][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[  196.942731][ T5865] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  196.955972][ T5909] usb 1-1: USB disconnect, device number 7
[  196.981915][ T7896] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.520602][ T5144] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  197.529268][ T5144] Bluetooth: hci4: Injecting HCI hardware error event
[  197.537651][ T5832] Bluetooth: hci4: hardware error 0x00
[  197.583847][ T5865] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  197.617140][ T7896] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.631243][ T5865] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  197.642268][ T5865] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  197.652489][ T5865] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  197.669198][ T5865] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  197.683796][ T5865] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  197.696424][ T5865] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  197.706247][ T5865] usb 5-1: Product: syz
[  197.710550][ T5865] usb 5-1: Manufacturer: syz
[  197.726007][ T5865] cdc_wdm 5-1:1.0: skipping garbage
[  197.731578][ T5865] cdc_wdm 5-1:1.0: skipping garbage
[  197.741542][ T5865] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  197.747624][ T5865] cdc_wdm 5-1:1.0: Unknown control protocol
[  197.763256][ T7896] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.769967][ T7896] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.836404][  T972] libceph: connect (1)[c::]:6789 error -101
[  198.842472][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  198.926418][ T7917] FAULT_INJECTION: forcing a failure.
[  198.926418][ T7917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.942883][ T7914] ceph: No mds server is up or the cluster is laggy
[  199.010726][ T7917] CPU: 0 UID: 0 PID: 7917 Comm: syz.3.512 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  199.010754][ T7917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  199.010764][ T7917] Call Trace:
[  199.010769][ T7917]  <TASK>
[  199.010776][ T7917]  dump_stack_lvl+0x16c/0x1f0
[  199.010804][ T7917]  should_fail_ex+0x512/0x640
[  199.010824][ T7917]  copy_fpstate_to_sigframe+0x878/0xb10
[  199.010843][ T7917]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  199.010859][ T7917]  ? posixtimer_deliver_signal+0xed/0x6a0
[  199.010887][ T7917]  ? posixtimer_deliver_signal+0x1af/0x6a0
[  199.010914][ T7917]  get_sigframe+0x4a8/0x9c0
[  199.010939][ T7917]  ? __pfx_get_sigframe+0x10/0x10
[  199.010963][ T7917]  ? _raw_spin_unlock_irq+0x23/0x50
[  199.010982][ T7917]  ? siginfo_layout+0x177/0x290
[  199.011003][ T7917]  x64_setup_rt_frame+0x12e/0xcf0
[  199.011030][ T7917]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  199.011053][ T7917]  ? __pfx___do_sys_flock+0x10/0x10
[  199.011072][ T7917]  arch_do_signal_or_restart+0x5e6/0x7d0
[  199.011095][ T7917]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  199.011120][ T7917]  ? ksys_write+0x1b9/0x240
[  199.011135][ T7917]  ? __pfx_ksys_write+0x10/0x10
[  199.011149][ T7917]  ? rcu_is_watching+0x12/0xc0
[  199.011169][ T7917]  syscall_exit_to_user_mode+0x150/0x2a0
[  199.011192][ T7917]  do_syscall_64+0xda/0x260
[  199.011216][ T7917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.011233][ T7917] RIP: 0033:0x7f603678d167
[  199.011246][ T7917] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  199.011266][ T7917] RSP: 002b:00007f6037590038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  199.011283][ T7917] RAX: 0000000000000049 RBX: 00007f60369a5fa0 RCX: 00007f603678d169
[  199.011294][ T7917] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[  199.011304][ T7917] RBP: 00007f6037590090 R08: 0000000000000000 R09: 0000000000000000
[  199.011314][ T7917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.011324][ T7917] R13: 0000000000000000 R14: 00007f60369a5fa0 R15: 00007ffcb628b548
[  199.011340][ T7917]  </TASK>
[  199.230580][    C0] vkms_vblank_simulate: vblank timer overrun
[  199.240996][  T972] libceph: connect (1)[c::]:6789 error -101
[  199.253523][  T972] libceph: mon0 (1)[c::]:6789 connect error
[  199.313233][   T30] audit: type=1400 audit(1743233055.826:394): avc:  denied  { bind } for  pid=7926 comm="syz.3.515" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  199.394687][   T30] audit: type=1400 audit(1743233055.896:395): avc:  denied  { watch watch_reads } for  pid=7926 comm="syz.3.515" path="/96/control" dev="tmpfs" ino=516 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  199.419492][ T7896] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.563780][ T7896] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.303398][ T7938] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  200.359002][ T5832] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  200.374421][ T7896] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.436493][ T7896] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.556127][ T7932] syz.0.514: attempt to access beyond end of device
[  200.556127][ T7932] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  200.614967][   T30] audit: type=1400 audit(1743233057.156:396): avc:  denied  { getopt } for  pid=7935 comm="syz.2.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  200.729040][   T30] audit: type=1400 audit(1743233057.156:397): avc:  denied  { name_bind } for  pid=7946 comm="syz.3.519" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  202.193213][    C0] wdm_int_callback: 89 callbacks suppressed
[  202.193228][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  202.205697][    C0] wdm_int_callback: 89 callbacks suppressed
[  202.205713][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  202.218894][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  202.225511][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  202.232021][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  202.238621][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  202.245175][ T5865] usb 5-1: USB disconnect, device number 20
[  203.680531][ T7983] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  204.710106][ T7992] loop4: detected capacity change from 0 to 7
[  204.726170][   T30] audit: type=1400 audit(1743233061.256:398): avc:  denied  { write } for  pid=7991 comm="syz.4.529" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  204.754565][ T8000] 9pnet_fd: Insufficient options for proto=fd
[  204.790943][ T7992] Dev loop4: unable to read RDB block 7
[  204.797765][ T7992]  loop4: unable to read partition table
[  204.807536][ T7992] loop4: partition table beyond EOD, truncated
[  204.818328][ T7992] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[  204.918184][ T7990] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  204.924662][ T7990] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  204.933151][ T7990] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  204.945480][ T7990] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  205.387613][ T5897] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  205.565269][ T5897] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  205.597623][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  205.691661][ T5897] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  205.738771][ T5897] usb 1-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00
[  205.758180][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.771544][ T5897] usb 1-1: config 0 descriptor??
[  205.777414][ T8015] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  206.252094][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  206.372414][ T8037] ceph: No mds server is up or the cluster is laggy
[  206.381614][ T5909] libceph: connect (1)[c::]:6789 error -101
[  206.395693][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[  206.416454][ T8015] veth1_to_batadv: entered promiscuous mode
[  206.438776][ T8015] macsec1: entered promiscuous mode
[  206.442091][ T5897] asus 0003:0B05:1ABE.0002: hidraw0: USB HID vf.ff Device [HID 0b05:1abe] on usb-dummy_hcd.0-1/input0
[  206.474726][ T5897] asus 0003:0B05:1ABE.0002: Asus input not registered
[  206.489242][ T5897] asus 0003:0B05:1ABE.0002: probe with driver asus failed with error -12
[  206.677791][ T5865] usb 1-1: USB disconnect, device number 8
[  206.998911][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout
[  207.005120][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  207.011683][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  207.148322][ T8053] netlink: 'syz.3.541': attribute type 10 has an invalid length.
[  207.176975][   T30] audit: type=1400 audit(1743233063.716:399): avc:  denied  { create } for  pid=8055 comm="syz.4.544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  207.437716][   T30] audit: type=1400 audit(1743233063.716:400): avc:  denied  { write } for  pid=8055 comm="syz.4.544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  209.139770][ T8083] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.218656][ T8083] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.307047][ T8083] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.441022][ T8083] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.663615][ T8098] warning: `syz.4.556' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  209.711804][ T8083] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.825693][ T8083] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.921343][ T8083] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.955483][ T8083] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.846205][   T30] audit: type=1400 audit(1743233067.386:401): avc:  denied  { mount } for  pid=8115 comm="syz.1.561" name="/" dev="configfs" ino=1182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  210.870034][ T8107] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  210.881166][   T30] audit: type=1400 audit(1743233067.416:402): avc:  denied  { search } for  pid=8115 comm="syz.1.561" name="/" dev="configfs" ino=1182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  210.909078][ T8107] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  210.915062][ T8107] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  210.937710][ T8107] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  211.752968][    T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  211.757379][ T5897] libceph: connect (1)[c::]:6789 error -101
[  211.803921][ T8136] ceph: No mds server is up or the cluster is laggy
[  212.046863][ T5897] libceph: mon0 (1)[c::]:6789 connect error
[  212.121708][    T9] usb 3-1: New USB device found, idVendor=a168, idProduct=0618, bcdDevice=e3.a4
[  212.133971][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.147410][    T9] usb 3-1: Product: syz
[  212.155222][    T9] usb 3-1: Manufacturer: syz
[  212.160071][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  212.168810][    T9] usb 3-1: SerialNumber: syz
[  212.175162][ T8147] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.179163][    T9] usb 3-1: config 0 descriptor??
[  212.199717][    T9] gspca_main: gspca_sn9c20x-2.14.0 probing a168:0618
[  212.316942][ T8147] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.506010][ T8154] random: crng reseeded on system resumption
[  213.781262][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  213.787334][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  213.795046][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  213.819046][    T9] gspca_sn9c20x: Write register 1000 failed -110
[  213.833457][    T9] gspca_sn9c20x: Device initialization failed
[  213.848789][    T9] gspca_sn9c20x 3-1:0.0: probe with driver gspca_sn9c20x failed with error -110
[  213.921587][ T8163] netlink: 20 bytes leftover after parsing attributes in process `syz.4.572'.
[  213.948074][ T8147] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.989859][ T5897] usb 3-1: USB disconnect, device number 9
[  214.183494][   T30] audit: type=1400 audit(1743233070.726:403): avc:  denied  { connect } for  pid=8168 comm="syz.0.575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  214.404816][ T8147] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.501255][ T8147] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.521798][ T8147] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.542808][ T8147] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.587862][ T8147] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.988849][ T8184] random: crng reseeded on system resumption
[  216.078966][ T8192] netlink: 'syz.2.580': attribute type 4 has an invalid length.
[  216.189491][ T8192] netlink: 'syz.2.580': attribute type 4 has an invalid length.
[  216.418263][ T5897] kernel read not supported for file /video37 (pid: 5897 comm: kworker/1:4)
[  216.480434][   T30] audit: type=1400 audit(1743233072.966:404): avc:  denied  { setopt } for  pid=8189 comm="syz.2.580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  216.605353][ T8199] program syz.3.581 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.834081][ T8192] syz.2.580 (8192) used greatest stack depth: 20656 bytes left
[  216.925705][   T30] audit: type=1400 audit(1743233073.146:405): avc:  denied  { append } for  pid=8195 comm="syz.3.581" name="sg0" dev="devtmpfs" ino=755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  217.036285][   T30] audit: type=1400 audit(1743233073.436:406): avc:  denied  { kexec_image_load } for  pid=8202 comm="syz.2.583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  218.233298][   T24] libceph: connect (1)[c::]:6789 error -101
[  218.239640][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  218.410684][ T8219] ceph: No mds server is up or the cluster is laggy
[  218.548154][ T8228] 9pnet_fd: Insufficient options for proto=fd
[  219.114243][   T30] audit: type=1400 audit(1743233075.656:407): avc:  denied  { create } for  pid=8229 comm="syz.4.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  219.193106][   T30] audit: type=1400 audit(1743233075.676:408): avc:  denied  { setopt } for  pid=8229 comm="syz.4.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  219.653919][ T8242] syz.2.590: attempt to access beyond end of device
[  219.653919][ T8242] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  220.629310][   T30] audit: type=1400 audit(1743233077.166:409): avc:  denied  { bind } for  pid=8229 comm="syz.4.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  220.657624][ T8253] FAULT_INJECTION: forcing a failure.
[  220.657624][ T8253] name failslab, interval 1, probability 0, space 0, times 0
[  220.673006][ T8253] CPU: 0 UID: 0 PID: 8253 Comm: syz.0.595 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  220.673037][ T8253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  220.673048][ T8253] Call Trace:
[  220.673052][ T8253]  <TASK>
[  220.673059][ T8253]  dump_stack_lvl+0x16c/0x1f0
[  220.673088][ T8253]  should_fail_ex+0x512/0x640
[  220.673115][ T8253]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  220.673137][ T8253]  should_failslab+0xc2/0x120
[  220.673158][ T8253]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  220.673177][ T8253]  ? __alloc_skb+0x2b2/0x380
[  220.673197][ T8253]  __alloc_skb+0x2b2/0x380
[  220.673221][ T8253]  ? __pfx___alloc_skb+0x10/0x10
[  220.673241][ T8253]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  220.673266][ T8253]  netlink_alloc_large_skb+0x69/0x130
[  220.673287][ T8253]  netlink_sendmsg+0x694/0xd70
[  220.673309][ T8253]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.673336][ T8253]  ____sys_sendmsg+0xa8d/0xc60
[  220.673360][ T8253]  ? copy_msghdr_from_user+0x10a/0x160
[  220.673379][ T8253]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.673409][ T8253]  ___sys_sendmsg+0x134/0x1d0
[  220.673428][ T8253]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.673465][ T8253]  __sys_sendmsg+0x16d/0x220
[  220.673483][ T8253]  ? __pfx___sys_sendmsg+0x10/0x10
[  220.673512][ T8253]  ? rcu_is_watching+0x12/0xc0
[  220.673536][ T8253]  do_syscall_64+0xcd/0x260
[  220.673562][ T8253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.673579][ T8253] RIP: 0033:0x7fae05d8d169
[  220.673592][ T8253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.673608][ T8253] RSP: 002b:00007fae06b0c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.673625][ T8253] RAX: ffffffffffffffda RBX: 00007fae05fa5fa0 RCX: 00007fae05d8d169
[  220.673637][ T8253] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  220.673647][ T8253] RBP: 00007fae06b0c090 R08: 0000000000000000 R09: 0000000000000000
[  220.673657][ T8253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.673666][ T8253] R13: 0000000000000000 R14: 00007fae05fa5fa0 R15: 00007ffef135a048
[  220.673684][ T8253]  </TASK>
[  221.678361][   T30] audit: type=1400 audit(1743233078.216:410): avc:  denied  { connect } for  pid=8229 comm="syz.4.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  221.706324][ T8266] netlink: 20 bytes leftover after parsing attributes in process `syz.0.596'.
[  222.242465][ T5864] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  222.398913][ T5864] usb 4-1: Using ep0 maxpacket: 16
[  222.407588][ T5864] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.422544][ T5864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  222.433797][ T5864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  222.444846][ T5864] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  222.455024][ T5864] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  222.469456][ T5864] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  222.478852][ T5864] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  222.487553][ T5864] usb 4-1: Manufacturer: syz
[  222.494325][ T5864] usb 4-1: config 0 descriptor??
[  223.382544][ T8288] random: crng reseeded on system resumption
[  225.009112][ T5864] rc_core: IR keymap rc-hauppauge not found
[  225.016149][ T5864] Registered IR keymap rc-empty
[  225.023003][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.540787][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.561622][ T5864] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  225.574754][ T5864] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input14
[  225.591528][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.601336][    C0] mceusb 4-1:0.0: long-range (0xf1) receiver active
[  225.619009][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.633211][ T8302] fuse: Unknown parameter '0x0000000000000009'
[  225.640713][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.642860][ T8302] 9p: Unknown Cache mode or invalid value fs[ache
[  225.660008][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.671392][ T5896] libceph: connect (1)[c::]:6789 error -101
[  225.678276][ T5896] libceph: mon0 (1)[c::]:6789 connect error
[  225.679009][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.710960][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.740633][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  225.801026][ T8304] ceph: No mds server is up or the cluster is laggy
[  225.836381][ T8313] syz.0.608: attempt to access beyond end of device
[  225.836381][ T8313] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  225.948745][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  226.100921][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  226.118799][ T5864] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  226.126896][ T8315] netlink: 'syz.1.609': attribute type 4 has an invalid length.
[  226.147232][ T5864] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  226.158621][ T5864] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0xf1 active)
[  226.300672][ T8322] FAULT_INJECTION: forcing a failure.
[  226.300672][ T8322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.473828][ T8322] CPU: 1 UID: 0 PID: 8322 Comm: syz.2.612 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  226.473853][ T8322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.473861][ T8322] Call Trace:
[  226.473865][ T8322]  <TASK>
[  226.473871][ T8322]  dump_stack_lvl+0x16c/0x1f0
[  226.473897][ T8322]  should_fail_ex+0x512/0x640
[  226.473917][ T8322]  _copy_from_user+0x2e/0xd0
[  226.473936][ T8322]  move_addr_to_kernel+0x74/0x160
[  226.473973][ T8322]  __copy_msghdr+0x386/0x470
[  226.473997][ T8322]  copy_msghdr_from_user+0xc1/0x160
[  226.474015][ T8322]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  226.474039][ T8322]  ___sys_sendmsg+0xfe/0x1d0
[  226.474056][ T8322]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.474091][ T8322]  __sys_sendmsg+0x16d/0x220
[  226.474110][ T8322]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.474131][ T8322]  ? rcu_is_watching+0x12/0xc0
[  226.474153][ T8322]  do_syscall_64+0xcd/0x260
[  226.474177][ T8322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.474194][ T8322] RIP: 0033:0x7f6b5298d169
[  226.474207][ T8322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.474223][ T8322] RSP: 002b:00007f6b537de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.474238][ T8322] RAX: ffffffffffffffda RBX: 00007f6b52ba5fa0 RCX: 00007f6b5298d169
[  226.474248][ T8322] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  226.474258][ T8322] RBP: 00007f6b537de090 R08: 0000000000000000 R09: 0000000000000000
[  226.474267][ T8322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.474277][ T8322] R13: 0000000000000000 R14: 00007f6b52ba5fa0 R15: 00007ffce4c8e588
[  226.474294][ T8322]  </TASK>
[  226.650384][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.697222][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.611'.
[  226.711661][ T8327] netlink: 20 bytes leftover after parsing attributes in process `syz.1.611'.
[  227.060063][ T5864] usb 4-1: USB disconnect, device number 9
[  227.125453][   T30] audit: type=1400 audit(1743233083.666:411): avc:  denied  { ioctl } for  pid=8329 comm="syz.0.614" path="/dev/ptyq4" dev="devtmpfs" ino=123 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  227.150343][    C1] vkms_vblank_simulate: vblank timer overrun
[  227.660986][ T5864] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  228.075797][ T8357] netlink: 'syz.1.621': attribute type 10 has an invalid length.
[  228.478815][ T5864] usb 1-1: Using ep0 maxpacket: 16
[  228.508089][ T5864] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  228.532761][ T5864] usb 1-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  228.542254][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.551999][ T5864] usb 1-1: config 0 descriptor??
[  228.561015][ T5864] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input15
[  228.769141][   T30] audit: type=1400 audit(1743233085.306:412): avc:  denied  { read write } for  pid=8329 comm="syz.0.614" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  228.793785][   T30] audit: type=1400 audit(1743233085.306:413): avc:  denied  { open } for  pid=8329 comm="syz.0.614" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  228.817523][    C1] vkms_vblank_simulate: vblank timer overrun
[  228.824863][   T24] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  228.968272][ T5896] libceph: connect (1)[c::]:6789 error -101
[  228.975626][ T5896] libceph: mon0 (1)[c::]:6789 connect error
[  229.037406][ T8366] ceph: No mds server is up or the cluster is laggy
[  229.088764][   T24] usb 3-1: Using ep0 maxpacket: 8
[  229.236837][ T8374] syz.4.624: attempt to access beyond end of device
[  229.236837][ T8374] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  229.579673][ T5178] bcm5974 1-1:0.0: could not read from device
[  229.587790][   T24] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  229.631143][ T8331] bcm5974 1-1:0.0: could not read from device
[  229.661175][ T5178] bcm5974 1-1:0.0: could not read from device
[  229.669361][ T5864] usb 1-1: USB disconnect, device number 9
[  229.670474][   T24] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  229.698859][ T8376] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.712454][   T24] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  229.723383][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  229.736292][   T24] usb 3-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  229.754023][   T24] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  229.763320][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.796982][   T24] usbtmc 3-1:16.0: bulk endpoints not found
[  229.804871][ T8376] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.855634][ T8385] ALSA: mixer_oss: invalid OSS volume ''
[  229.946612][ T8376] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.994406][ T8376] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.070455][ T8376] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.082120][ T8376] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.094379][ T8376] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.105899][ T8376] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.831549][ T8397] netlink: 'syz.0.633': attribute type 4 has an invalid length.
[  230.934183][ T8397] netlink: 'syz.0.633': attribute type 4 has an invalid length.
[  231.556052][   T30] audit: type=1400 audit(1743233088.096:414): avc:  denied  { accept } for  pid=8407 comm="syz.1.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  232.915513][   T30] audit: type=1400 audit(1743233089.266:415): avc:  denied  { create } for  pid=8411 comm="syz.3.639" name="#7" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  233.336574][ T5865] usb 3-1: USB disconnect, device number 10
[  233.371258][   T30] audit: type=1400 audit(1743233089.266:416): avc:  denied  { link } for  pid=8411 comm="syz.3.639" name="#7" dev="tmpfs" ino=677 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  233.406769][   T30] audit: type=1400 audit(1743233089.266:417): avc:  denied  { rename } for  pid=8411 comm="syz.3.639" name="#8" dev="tmpfs" ino=677 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  234.098666][ T8430] ceph: No mds server is up or the cluster is laggy
[  234.126449][ T5909] libceph: connect (1)[c::]:6789 error -101
[  234.134006][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[  234.446332][ T8443] netlink: 20 bytes leftover after parsing attributes in process `syz.4.644'.
[  234.477905][ T8446] ALSA: mixer_oss: invalid OSS volume ''
[  235.119430][ T8454] netlink: 'syz.2.649': attribute type 4 has an invalid length.
[  235.566040][ T8457] random: crng reseeded on system resumption
[  236.720095][ T8460] ALSA: mixer_oss: invalid OSS volume ''
[  238.652725][ T8483] ceph: No mds server is up or the cluster is laggy
[  238.653110][    T9] libceph: connect (1)[c::]:6789 error -101
[  238.659772][ T5909] libceph: connect (1)[c::]:6789 error -101
[  238.665418][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  238.694528][ T8485] ceph: No mds server is up or the cluster is laggy
[  238.713775][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[  238.968966][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  239.347932][ T5829] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  239.409967][ T8503] program syz.0.662 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.540423][    T9] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  239.553987][    T9] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  239.585137][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  239.610514][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.629042][ T8481] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  239.641019][    T9] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  239.838763][ T5865] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  240.063284][    T9] usb 4-1: USB disconnect, device number 10
[  240.152760][ T8509] ALSA: mixer_oss: invalid OSS volume ''
[  240.181691][ T5865] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  240.198785][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.225381][ T5865] usb 3-1: Product: syz
[  241.307177][   T30] audit: type=1400 audit(1743233097.416:418): avc:  denied  { setopt } for  pid=8508 comm="syz.0.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  241.396941][   T30] audit: type=1400 audit(1743233097.426:419): avc:  denied  { bind } for  pid=8508 comm="syz.0.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  241.498726][ T5865] usb 3-1: Manufacturer: syz
[  241.503356][ T5865] usb 3-1: SerialNumber: syz
[  241.511922][ T5865] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  241.530057][    T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  241.702113][   T30] audit: type=1400 audit(1743233098.246:420): avc:  denied  { mounton } for  pid=8532 comm="syz.4.669" path="/proc/414/task" dev="proc" ino=18846 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  242.369530][ T8545] netlink: 20 bytes leftover after parsing attributes in process `syz.3.672'.
[  242.573388][    T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  242.664315][ T5897] libceph: connect (1)[c::]:6789 error -101
[  242.759621][ T8549] ceph: No mds server is up or the cluster is laggy
[  243.164130][    T9] ath9k_htc: Failed to initialize the device
[  243.198845][ T5897] libceph: mon0 (1)[c::]:6789 connect error
[  243.204168][    T9] usb 3-1: ath9k_htc: USB layer deinitialized
[  243.372983][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.1.674'.
[  243.443471][ T8560] ALSA: mixer_oss: invalid OSS volume ''
[  244.332442][ T5865] usb 3-1: USB disconnect, device number 11
[  244.379837][ T5864] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  244.480979][ T8575] libceph: resolve '4' (ret=-3): failed
[  244.552814][ T5864] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  244.565239][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.573873][ T5864] usb 5-1: Product: syz
[  244.578312][ T5864] usb 5-1: Manufacturer: syz
[  244.606206][ T5864] usb 5-1: SerialNumber: syz
[  244.628201][ T5864] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  244.647713][ T5865] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  245.320346][ T5897] libceph: connect (1)[c::]:6789 error -101
[  245.326613][ T5897] libceph: mon0 (1)[c::]:6789 connect error
[  245.490202][ T8583] netlink: 'syz.0.682': attribute type 10 has an invalid length.
[  245.703899][ T8587] ceph: No mds server is up or the cluster is laggy
[  245.761557][ T5865] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  245.771113][ T5865] ath9k_htc: Failed to initialize the device
[  245.797270][ T5865] usb 5-1: ath9k_htc: USB layer deinitialized
[  246.606931][ T5897] libceph: connect (1)[c::]:6789 error -101
[  246.917064][ T8596] ceph: No mds server is up or the cluster is laggy
[  246.984467][ T5897] libceph: mon0 (1)[c::]:6789 connect error
[  248.424398][ T8622] veth0_vlan: entered allmulticast mode
[  248.489720][ T8622] veth0_vlan: left promiscuous mode
[  248.498299][ T8622] veth0_vlan: entered promiscuous mode
[  249.113264][ T5897] usb 5-1: USB disconnect, device number 21
[  249.271861][   T30] audit: type=1400 audit(1743233105.806:421): avc:  denied  { execute } for  pid=8626 comm="syz.3.694" path="/dev/audio1" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  250.458801][ T5865] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  250.620028][ T5865] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  250.670583][ T5865] usb 1-1: config 0 interface 0 has no altsetting 0
[  250.691336][ T5865] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  250.702344][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  250.721528][ T5865] usb 1-1: Product: syz
[  250.745153][ T5865] usb 1-1: Manufacturer: syz
[  250.761186][ T5865] usb 1-1: SerialNumber: syz
[  250.776554][ T5865] usb 1-1: config 0 descriptor??
[  250.791022][ T5865] usb 1-1: selecting invalid altsetting 0
[  251.768830][ T8665] netlink: 'syz.3.700': attribute type 10 has an invalid length.
[  251.774730][   T30] audit: type=1400 audit(1743233108.316:422): avc:  denied  { getopt } for  pid=8646 comm="syz.1.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  251.806754][ T5909] usb 1-1: USB disconnect, device number 10
[  251.867371][ T5897] libceph: connect (1)[c::]:6789 error -101
[  252.002566][ T8667] ceph: No mds server is up or the cluster is laggy
[  252.074776][ T5897] libceph: mon0 (1)[c::]:6789 connect error
[  252.327073][ T8677] netlink: 'syz.4.702': attribute type 4 has an invalid length.
[  252.356833][ T8677] netlink: 'syz.4.702': attribute type 4 has an invalid length.
[  253.022457][ T8688] netlink: 'syz.0.704': attribute type 4 has an invalid length.
[  253.186709][ T8688] netlink: 'syz.0.704': attribute type 4 has an invalid length.
[  253.312874][ T8687] netlink: 20 bytes leftover after parsing attributes in process `syz.4.705'.
[  253.367581][ T8690] netlink: 'syz.2.706': attribute type 2 has an invalid length.
[  253.381757][   T30] audit: type=1326 audit(1743233109.916:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  253.523881][ T5865] kernel read not supported for file /video37 (pid: 5865 comm: kworker/0:6)
[  253.528017][   T30] audit: type=1326 audit(1743233109.926:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  253.609177][   T30] audit: type=1326 audit(1743233109.926:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  253.796045][   T30] audit: type=1326 audit(1743233109.926:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  253.923579][   T30] audit: type=1326 audit(1743233109.926:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.000184][ T8698] netlink: 'syz.0.708': attribute type 4 has an invalid length.
[  254.011670][ T8698] netlink: 'syz.0.708': attribute type 4 has an invalid length.
[  254.024638][ T5909] kernel read not supported for file /video37 (pid: 5909 comm: kworker/1:5)
[  254.083067][   T30] audit: type=1326 audit(1743233109.926:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.108397][ T8702] netlink: 'syz.1.709': attribute type 4 has an invalid length.
[  254.116855][ T8702] netlink: 'syz.1.709': attribute type 4 has an invalid length.
[  254.211598][   T30] audit: type=1326 audit(1743233109.926:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.254294][   T30] audit: type=1326 audit(1743233109.926:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.281105][   T30] audit: type=1326 audit(1743233109.926:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.305665][   T30] audit: type=1326 audit(1743233109.926:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.437944][   T30] audit: type=1326 audit(1743233109.936:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  254.895378][   T30] audit: type=1326 audit(1743233110.066:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.008796][   T30] audit: type=1326 audit(1743233110.066:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.032518][   T30] audit: type=1326 audit(1743233110.066:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.229197][   T30] audit: type=1326 audit(1743233110.066:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.277604][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  255.283941][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  255.307724][   T30] audit: type=1326 audit(1743233110.066:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.338775][ T5909] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  255.357500][   T30] audit: type=1326 audit(1743233110.096:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.449145][ T8724] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=8724 comm=syz.1.715
[  255.570284][   T30] audit: type=1326 audit(1743233110.096:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8689 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6b5298d169 code=0x7ffc0000
[  255.570333][ T5909] usb 1-1: config 0 has no interfaces?
[  255.818792][ T5909] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  255.968372][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.043057][ T5909] usb 1-1: Product: syz
[  256.052947][ T5909] usb 1-1: Manufacturer: syz
[  256.057621][ T5909] usb 1-1: SerialNumber: syz
[  256.097174][ T5909] usb 1-1: config 0 descriptor??
[  256.565060][ T5909] kernel read not supported for file /video37 (pid: 5909 comm: kworker/1:5)
[  258.640638][ T8777] FAULT_INJECTION: forcing a failure.
[  258.640638][ T8777] name failslab, interval 1, probability 0, space 0, times 0
[  258.653323][ T8777] CPU: 1 UID: 0 PID: 8777 Comm: syz.4.730 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  258.653345][ T8777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.653355][ T8777] Call Trace:
[  258.653361][ T8777]  <TASK>
[  258.653367][ T8777]  dump_stack_lvl+0x16c/0x1f0
[  258.653395][ T8777]  should_fail_ex+0x512/0x640
[  258.653413][ T8777]  ? fs_reclaim_acquire+0xae/0x150
[  258.653439][ T8777]  ? tomoyo_encode2+0x100/0x3e0
[  258.653460][ T8777]  should_failslab+0xc2/0x120
[  258.653482][ T8777]  __kmalloc_noprof+0xd2/0x510
[  258.653501][ T8777]  ? d_absolute_path+0x136/0x1a0
[  258.653528][ T8777]  tomoyo_encode2+0x100/0x3e0
[  258.653551][ T8777]  tomoyo_encode+0x29/0x50
[  258.653571][ T8777]  tomoyo_realpath_from_path+0x18f/0x6e0
[  258.653598][ T8777]  tomoyo_path_number_perm+0x245/0x580
[  258.653615][ T8777]  ? tomoyo_path_number_perm+0x237/0x580
[  258.653635][ T8777]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  258.653667][ T8777]  ? find_held_lock+0x2b/0x80
[  258.653706][ T8777]  ? find_held_lock+0x2b/0x80
[  258.653725][ T8777]  ? hook_file_ioctl_common+0x145/0x410
[  258.653754][ T8777]  ? __fget_files+0x20e/0x3c0
[  258.653775][ T8777]  security_file_ioctl+0x9b/0x240
[  258.653798][ T8777]  __x64_sys_ioctl+0xb7/0x200
[  258.653824][ T8777]  do_syscall_64+0xcd/0x260
[  258.653849][ T8777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.653866][ T8777] RIP: 0033:0x7f2dc2d8d169
[  258.653880][ T8777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.653896][ T8777] RSP: 002b:00007f2dc3bf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.653913][ T8777] RAX: ffffffffffffffda RBX: 00007f2dc2fa5fa0 RCX: 00007f2dc2d8d169
[  258.653924][ T8777] RDX: 0000200000000180 RSI: 00000000c0045002 RDI: 0000000000000007
[  258.653934][ T8777] RBP: 00007f2dc3bf0090 R08: 0000000000000000 R09: 0000000000000000
[  258.653943][ T8777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.653953][ T8777] R13: 0000000000000000 R14: 00007f2dc2fa5fa0 R15: 00007fff030acee8
[  258.653972][ T8777]  </TASK>
[  258.653984][ T8777] ERROR: Out of memory at tomoyo_realpath_from_path.
[  259.365160][ T5865] libceph: connect (1)[c::]:6789 error -101
[  259.371189][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  259.639134][    T9] libceph: connect (1)[c::]:6789 error -101
[  259.650606][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  259.820295][    T9] usb 1-1: USB disconnect, device number 11
[  260.237121][ T5865] libceph: connect (1)[c::]:6789 error -101
[  260.245185][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  260.245862][ T8789] ceph: No mds server is up or the cluster is laggy
[  260.740348][    T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  260.909982][    T9] usb 1-1: config 0 has an invalid interface number: 90 but max is 0
[  260.918232][    T9] usb 1-1: config 0 has no interface number 0
[  260.928201][    T9] usb 1-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=de.7f
[  260.973915][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.982334][    T9] usb 1-1: Product: syz
[  260.987069][    T9] usb 1-1: Manufacturer: syz
[  261.532854][ T8821] validate_nla: 2 callbacks suppressed
[  261.532885][ T8821] netlink: 'syz.2.742': attribute type 4 has an invalid length.
[  261.555975][ T8821] netlink: 'syz.2.742': attribute type 4 has an invalid length.
[  261.655974][ T5897] kernel read not supported for file /video37 (pid: 5897 comm: kworker/1:4)
[  261.657180][    T9] usb 1-1: SerialNumber: syz
[  261.753795][    T9] usb 1-1: config 0 descriptor??
[  262.613337][ T8829] ------------[ cut here ]------------
[  262.618838][ T8829] UBSAN: array-index-out-of-bounds in kernel/bpf/core.c:2384:29
[  262.626494][ T8829] index 16 is out of range for type '<unknown> *[16]'
[  262.633290][ T8829] CPU: 1 UID: 0 PID: 8829 Comm: syz.1.746 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  262.633316][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  262.633325][ T8829] Call Trace:
[  262.633332][ T8829]  <TASK>
[  262.633339][ T8829]  dump_stack_lvl+0x16c/0x1f0
[  262.633361][ T8829]  __ubsan_handle_out_of_bounds+0x11c/0x160
[  262.633378][ T8829]  bpf_prog_select_runtime+0x665/0x6f0
[  262.633391][ T8829]  ? selinux_bpf_prog_load+0x15f/0x1c0
[  262.633408][ T8829]  bpf_prog_load+0xe70/0x2480
[  262.633430][ T8829]  ? __pfx_bpf_prog_load+0x10/0x10
[  262.633447][ T8829]  ? avc_has_perm_noaudit+0x149/0x3b0
[  262.633481][ T8829]  ? selinux_bpf+0xde/0x130
[  262.633501][ T8829]  __sys_bpf+0x4890/0x4c80
[  262.633514][ T8829]  ? __pfx___sys_bpf+0x10/0x10
[  262.633525][ T8829]  ? vfs_write+0x316/0x1180
[  262.633536][ T8829]  ? __pfx_anon_pipe_write+0x10/0x10
[  262.633549][ T8829]  ? do_futex+0x122/0x350
[  262.633569][ T8829]  ? __pfx_do_futex+0x10/0x10
[  262.633598][ T8829]  ? xfd_validate_state+0x5d/0x180
[  262.633625][ T8829]  ? rcu_is_watching+0x12/0xc0
[  262.633646][ T8829]  __x64_sys_bpf+0x78/0xc0
[  262.633658][ T8829]  ? lockdep_hardirqs_on+0x7c/0x110
[  262.633672][ T8829]  do_syscall_64+0xcd/0x260
[  262.633688][ T8829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.633699][ T8829] RIP: 0033:0x7f5381b8d169
[  262.633712][ T8829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.633727][ T8829] RSP: 002b:00007f5382a56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  262.633743][ T8829] RAX: ffffffffffffffda RBX: 00007f5381da5fa0 RCX: 00007f5381b8d169
[  262.633753][ T8829] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  262.633762][ T8829] RBP: 00007f5381c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  262.633771][ T8829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  262.633780][ T8829] R13: 0000000000000000 R14: 00007f5381da5fa0 R15: 00007ffe8b73c198
[  262.633797][ T8829]  </TASK>
[  262.633803][ T8829] ---[ end trace ]---
[  262.840299][ T8829] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  262.847475][ T8829] CPU: 1 UID: 0 PID: 8829 Comm: syz.1.746 Not tainted 6.14.0-syzkaller-07540-geff5f16bfd87 #0 PREEMPT(full) 
[  262.859000][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  262.869043][ T8829] Call Trace:
[  262.872310][ T8829]  <TASK>
[  262.875223][ T8829]  dump_stack_lvl+0x3d/0x1f0
[  262.879814][ T8829]  panic+0x71c/0x800
[  262.883693][ T8829]  ? __pfx_panic+0x10/0x10
[  262.888084][ T8829]  ? __pfx__printk+0x10/0x10
[  262.892680][ T8829]  check_panic_on_warn+0xab/0xb0
[  262.897607][ T8829]  __ubsan_handle_out_of_bounds+0x143/0x160
[  262.903507][ T8829]  bpf_prog_select_runtime+0x665/0x6f0
[  262.908940][ T8829]  ? selinux_bpf_prog_load+0x15f/0x1c0
[  262.914388][ T8829]  bpf_prog_load+0xe70/0x2480
[  262.919061][ T8829]  ? __pfx_bpf_prog_load+0x10/0x10
[  262.924174][ T8829]  ? avc_has_perm_noaudit+0x149/0x3b0
[  262.929562][ T8829]  ? selinux_bpf+0xde/0x130
[  262.934068][ T8829]  __sys_bpf+0x4890/0x4c80
[  262.938550][ T8829]  ? __pfx___sys_bpf+0x10/0x10
[  262.943340][ T8829]  ? vfs_write+0x316/0x1180
[  262.947831][ T8829]  ? __pfx_anon_pipe_write+0x10/0x10
[  262.953117][ T8829]  ? do_futex+0x122/0x350
[  262.957442][ T8829]  ? __pfx_do_futex+0x10/0x10
[  262.962105][ T8829]  ? xfd_validate_state+0x5d/0x180
[  262.967198][ T8829]  ? rcu_is_watching+0x12/0xc0
[  262.971952][ T8829]  __x64_sys_bpf+0x78/0xc0
[  262.976354][ T8829]  ? lockdep_hardirqs_on+0x7c/0x110
[  262.981552][ T8829]  do_syscall_64+0xcd/0x260
[  262.986064][ T8829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.991959][ T8829] RIP: 0033:0x7f5381b8d169
[  262.996366][ T8829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.015977][ T8829] RSP: 002b:00007f5382a56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  263.024392][ T8829] RAX: ffffffffffffffda RBX: 00007f5381da5fa0 RCX: 00007f5381b8d169
[  263.032355][ T8829] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  263.040323][ T8829] RBP: 00007f5381c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  263.048285][ T8829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  263.056245][ T8829] R13: 0000000000000000 R14: 00007f5381da5fa0 R15: 00007ffe8b73c198
[  263.064208][ T8829]  </TASK>
[  263.067398][ T8829] Kernel Offset: disabled
[  263.071722][ T8829] Rebooting in 86400 seconds..