last executing test programs:

27m47.146198739s ago: executing program 2 (id=889):
syz_clone3(&(0x7f0000000000)={0x82040480, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)

27m46.908299711s ago: executing program 2 (id=892):
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x200)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000280), &(0x7f0000000340)=r1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x4, @void}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000b00)=ANY=[], 0x0)

27m46.030969835s ago: executing program 2 (id=897):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000000)={0x82040480, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)

27m44.330501925s ago: executing program 2 (id=898):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4b564d07, 0x0, 0x4}]})
ptrace(0x10, r2)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r2)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r6, &(0x7f0000000000)={0x27}, 0x62)
listen(r6, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'pcl724\x00', [0x5c25, 0x9, 0x1, 0x80000000, 0x2, 0x6, 0xc, 0x10001, 0x8000, 0xfe, 0x2, 0x1, 0x200004, 0x403, 0x6, 0x8, 0x1, 0x1a449, 0x3, 0x1, 0x89, 0x81, 0x200, 0x0, 0x810b, 0x8, 0x5, 0x8, 0x8, 0x10000, 0xfffffff3]})

27m40.920916914s ago: executing program 2 (id=907):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040))
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
symlinkat(&(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000140)='./file0\x00')
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = getpgrp(0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x2, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r7 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r7, 0x1, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r4, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
readlinkat(r3, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000240)=""/65, 0x41)

27m39.941321627s ago: executing program 2 (id=908):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e22, @empty}}}, 0x84)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000180)=<r2=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000240), 0x0, 0x28900)
syz_usb_connect(0x4, 0x5f, &(0x7f0000000140)=ANY=[@ANYRES8=r3], 0x0)
socket$kcm(0x2, 0x3, 0x2)
r4 = syz_io_uring_setup(0xad3, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0x2a5cc081, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x80, 0x2, 0x0, 0x127, 0x0, 0x1, {0x1}})
io_uring_enter(r4, 0x6efc, 0x3900, 0xb, 0x0, 0x0)

27m23.97884462s ago: executing program 32 (id=908):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e22, @empty}}}, 0x84)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000180)=<r2=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000240), 0x0, 0x28900)
syz_usb_connect(0x4, 0x5f, &(0x7f0000000140)=ANY=[@ANYRES8=r3], 0x0)
socket$kcm(0x2, 0x3, 0x2)
r4 = syz_io_uring_setup(0xad3, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0x2a5cc081, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x80, 0x2, 0x0, 0x127, 0x0, 0x1, {0x1}})
io_uring_enter(r4, 0x6efc, 0x3900, 0xb, 0x0, 0x0)

8m52.352203359s ago: executing program 3 (id=3135):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
timer_create(0x1, 0x0, &(0x7f0000000000))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
io_uring_enter(0xffffffffffffffff, 0x7f78, 0x204ef8, 0x5a, &(0x7f0000000000)={[0x7]}, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141182)
r1 = socket$inet6(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f0000000140)=0x8, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x2, 0x5, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r2}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x0, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0x4, 0x100, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "0adb3fb8"}, 0x5})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

8m50.077325415s ago: executing program 3 (id=3137):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x2, &(0x7f0000000040)=@raw=[@jmp={0x5, 0x0, 0x6, 0x9, 0x3, 0xfffffffffffffff4, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x1, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000100)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000140)=[{0x2, 0x3, 0xb, 0x7}, {0x1, 0x5, 0x3, 0x3}, {0x4, 0x4, 0x9, 0xb}, {0x4, 0x5, 0xb, 0x2}, {0x0, 0x3, 0xa, 0x4}, {0x3, 0x2, 0x9, 0x8}, {0x2, 0x3, 0x8, 0x7}, {0x4, 0x5, 0x5, 0x6}, {0x0, 0x4, 0xb, 0x3}], 0x10, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='jbd2_checkpoint_stats\x00', r0, 0x0, 0x4}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
mkdirat(r2, &(0x7f0000000340)='./file0\x00', 0x122)
ioctl$int_in(r1, 0x5452, &(0x7f0000000380))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0)
ioctl$SIOCGETLINKNAME(r2, 0x89e0, &(0x7f00000003c0)={0x3, 0x2})
fsopen(&(0x7f0000000440)='openpromfs\x00', 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000580)={&(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x2, 0x8, 0x9})
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$KVM_GET_TSC_KHZ_cpu(r2, 0xaea3)
r4 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x501800, 0x10)
ioctl$SIOCGETMIFCNT_IN6(r4, 0x89e0, &(0x7f0000000600)={0xffffffffffffffff})
setsockopt$MRT6_PIM(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000640)=0x2, 0x4)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000680)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f00000006c0)={0x48, 0x2, r5})
setsockopt$MRT6_DEL_MFC(r4, 0x29, 0xcd, &(0x7f0000000740)={{0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, {0xa, 0x4e24, 0x40, @private1, 0x6}, 0x0, {[0x1, 0x1, 0x401, 0x2, 0x5, 0xfffffff6, 0x800, 0x5]}}, 0x5c)
keyctl$get_security(0x11, 0x0, &(0x7f00000007c0)=""/255, 0xff)
keyctl$invalidate(0x15, 0x0)
ioctl$SNDCTL_TMR_STOP(r4, 0x5403)
sendmsg$nl_route_sched_retired(r2, &(0x7f0000000b80)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000900)=@delqdisc={0x208, 0x25, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x10, 0x5}, {0x0, 0xc}, {0xffff, 0x10}}, [@q_dsmark={{0xb}, {0x44, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xcde}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x200}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x34, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1707}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x2}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x12}]}}, @q_dsmark={{0xb}, {0x34, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x2}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x9}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1}, @TCA_DSMARK_INDICES={0x6, 0x1, 0xd21d8cd56e1b0dfd}]}}, @q_dsmark={{0xb}, {0x8, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x8, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x40, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x89}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x5}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2e}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}]}}, @q_dsmark={{0xb}, {0x34, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x54}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3800}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x3c}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xfff5}]}}]}, 0x208}, 0x1, 0x0, 0x0, 0x40010}, 0x8880)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000bc0)='./file0\x00', 0x100)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r6, 0xc0945662, &(0x7f0000000c00)={0x6, 0x0, '\x00', {0x0, @reserved}})
syz_open_dev$rtc(&(0x7f0000000cc0), 0x8000000000000000, 0x101400)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d00), r2)
futex_waitv(&(0x7f0000002440)=[{0x4, &(0x7f0000000d40)=0xfffffffffffffffb, 0x2}, {0x7fffffffffffffff, &(0x7f0000000d80), 0x82}, {0x1000, &(0x7f0000000dc0)=0xa10, 0x2}, {0x4, &(0x7f0000000e00)=0x1, 0x2}, {0x9, &(0x7f0000000e40)=0xd8, 0x2}, {0x4, &(0x7f0000000e80)=0x1, 0x80}, {0x9, &(0x7f0000000ec0)=0x100000000, 0x2}, {0xfffffffffffffff7, &(0x7f0000000f00)=0x8, 0x2}, {0x10001, &(0x7f0000000f40)=0x7, 0x2}, {0x5, &(0x7f0000000f80)=0x2, 0x2}, {0x496, &(0x7f0000000fc0)=0xe646, 0x2}, {0x5, &(0x7f0000001000)=0x4, 0x2}, {0x3, &(0x7f0000001040)=0x9, 0x2}, {0x5, &(0x7f0000001080), 0x2}, {0x9, &(0x7f00000010c0)=0x6, 0x2}, {0x6, &(0x7f0000001100)=0x9, 0x2}, {0x7ff, &(0x7f0000001140)=0x100, 0x82}, {0x7b16, &(0x7f0000001180)=0x200, 0x82}, {0x8, &(0x7f00000011c0)=0x2, 0x2}, {0x100000001, &(0x7f0000001200)=0x8, 0x2}, {0x6, &(0x7f0000001240)=0x7, 0x2}, {0xfffffffffffffff8, &(0x7f0000001280)=0x52e, 0x82}, {0x2, &(0x7f00000012c0)=0x1000, 0x2}, {0x4, &(0x7f0000001300)=0x101, 0x82}, {0x7, &(0x7f0000001340)=0x26, 0x2}, {0x7, &(0x7f0000001380)=0x2, 0x2}, {0x4, &(0x7f00000013c0)=0x7, 0x82}, {0x6, &(0x7f0000001400)=0x6, 0x82}, {0xe5, &(0x7f0000001440)=0x5, 0x2}, {0x0, &(0x7f0000001480), 0x82}, {0x26, &(0x7f00000014c0)=0x1, 0x2}, {0x80000000, &(0x7f0000001500)=0x100, 0x2}, {0x2, &(0x7f0000001540)=0x4, 0x2}, {0x0, &(0x7f0000001580)=0x1, 0x82}, {0x1, &(0x7f00000015c0)=0xc7, 0x2}, {0x600000000000000, &(0x7f0000001600)=0x8, 0x82}, {0xd, &(0x7f0000001640)=0xfffffffffffffffd, 0x2}, {0x800, &(0x7f0000001680)=0x5, 0x2}, {0x10, &(0x7f00000016c0)=0xcb, 0x82}, {0x7, &(0x7f0000001700)=0x101, 0x82}, {0xdac, &(0x7f0000001740)=0xfffffffffffff1e4, 0x2}, {0x6, &(0x7f0000001780)=0x4, 0x2}, {0x4, &(0x7f00000017c0)=0x1, 0x82}, {0xfff, &(0x7f0000001800)=0x3a6, 0x2}, {0x80, &(0x7f0000001840)=0x4, 0x82}, {0x80000001, &(0x7f0000001880)=0x3, 0x82}, {0x71ae, &(0x7f00000018c0)=0x7fa, 0x82}, {0x8, &(0x7f0000001900)=0x7ab, 0x2}, {0x7fffffffffffffff, &(0x7f0000001940)=0x7431, 0x82}, {0x2, &(0x7f0000001980)=0xc, 0x82}, {0x1, &(0x7f00000019c0)=0x6, 0x2}, {0x0, &(0x7f0000001a00)=0x2, 0x102}, {0x3, &(0x7f0000001a40)=0x7fffffffffffffff, 0x2}, {0x1, &(0x7f0000001a80)=0x80000001, 0x2}, {0x1, &(0x7f0000001ac0)=0x2, 0x82}, {0x3080, &(0x7f0000001b00)=0x9, 0x82}, {0x3, &(0x7f0000001b40)=0x100, 0x2}, {0x57, &(0x7f0000001b80)=0xe031, 0x82}, {0x9, &(0x7f0000001bc0)=0x8f, 0x105}, {0x9a2c, &(0x7f0000001c00)=0x47e, 0x82}, {0x80000000, &(0x7f0000001c40)=0x8001, 0x82}, {0x4, &(0x7f0000001c80)=0x3, 0x2}, {0x9, &(0x7f0000001cc0)=0x5}, {0xf, &(0x7f0000001d00)=0x2, 0x82}, {0x4, &(0x7f0000001d40)=0x1, 0x82}, {0x8, &(0x7f0000001d80)=0x8, 0x82}, {0x8001, &(0x7f0000001dc0)=0xffffffffffff0000, 0x82}, {0x200, &(0x7f0000001e00)=0x5, 0x2}, {0x4000800, &(0x7f0000001e40)=0x1, 0x82}, {0x9, &(0x7f0000001e80)=0x1, 0x2}, {0x2, &(0x7f0000001ec0), 0x106}, {0x9, &(0x7f0000001f00)=0x8, 0x2}, {0xfffffffffffffbff, &(0x7f0000001f40)=0x9, 0x82}, {0x2000000000000000, &(0x7f0000001f80)=0x4, 0x2}, {0x81, &(0x7f0000001fc0)=0x9e, 0x82}, {0xf49d, &(0x7f0000002000), 0x2}, {0x5, &(0x7f0000002040)=0x3, 0x2}, {0xffffffffffffffff, &(0x7f0000002080)=0x92e, 0x82}, {0x3, &(0x7f00000020c0)=0xfffffffffffffffd, 0x82}, {0x0, &(0x7f0000002100)=0x5, 0x82}, {0x6, &(0x7f0000002140)=0x57, 0x2}, {0x5, &(0x7f0000002180), 0x2}, {0xe, &(0x7f00000021c0)=0x8, 0x2}, {0x8, 0x0, 0x82}, {0x5, &(0x7f0000002240)=0x1, 0x2}, {0xf32, &(0x7f0000002280)=0x100000001, 0x2}, {0x7fff, &(0x7f00000022c0)=0x4, 0x2}, {0x7ff, &(0x7f0000002300)=0x4, 0x82}, {0x1, &(0x7f0000002340)=0xb03, 0x82}, {0x3, &(0x7f0000002380)=0x7}, {0x7, &(0x7f0000002400)=0x7ff, 0x82}], 0x5b, 0x0, &(0x7f0000002d00), 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000002d40)={0x764, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r7=>0x0}], 0x3, "2befe1d68b0683"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000003d40)={0x0, ""/256, 0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000011c500)={0x9, [{}, {r7, r8}], 0x9, "4c06f38dba6143"})

8m46.477498045s ago: executing program 3 (id=3141):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0xb2}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

8m45.171911697s ago: executing program 3 (id=3145):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x408400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000007c0)={'syzkaller0\x00', 0x2})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20018041}, 0x4008000)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000580)={&(0x7f00000005c0)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000000340)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x80000000}, &(0x7f00000001c0)=0x2, 0x0, 0x6, 0x2, 0x1b, 0x7, 0x2e, 0x9}}], 0x58, 0x4000000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@bridge_getvlan={0x18, 0x72, 0x7e3bfe4fa73db39f}, 0x18}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r8}, 0x10)

8m43.647888206s ago: executing program 3 (id=3148):
r0 = syz_open_dev$vcsa(0x0, 0x0, 0x436000)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x5}, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x186, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000140)={0x80000000}, 0x8)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x2710})
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000280)='nv', 0x2)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000001c0)=0xa3, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x161a82, 0x0)

8m42.39203994s ago: executing program 3 (id=3150):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x200002f, 0x10000, 0x1, 0x100020b}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000000c0))
fcntl$setlease(r0, 0x400, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0)
mount(&(0x7f0000000040)=@rnullb, &(0x7f00000001c0)='./cgroup\x00', &(0x7f0000000340)='overlay\x00', 0x1, &(0x7f00000003c0)='#-[\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
r5 = io_uring_setup(0x6fab, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000280)={0x0, r4, 0x719be08bcc1338f, {0x8000, 0x3}, 0x9d}, 0x1)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140)='vfat\x00', 0x8000, 0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000400))

8m27.332368317s ago: executing program 33 (id=3150):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x200002f, 0x10000, 0x1, 0x100020b}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000000c0))
fcntl$setlease(r0, 0x400, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0)
mount(&(0x7f0000000040)=@rnullb, &(0x7f00000001c0)='./cgroup\x00', &(0x7f0000000340)='overlay\x00', 0x1, &(0x7f00000003c0)='#-[\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
r5 = io_uring_setup(0x6fab, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000280)={0x0, r4, 0x719be08bcc1338f, {0x8000, 0x3}, 0x9d}, 0x1)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140)='vfat\x00', 0x8000, 0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000400))

15.159152048s ago: executing program 5 (id=4271):
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x205, 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40080)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prctl$PR_SET_THP_DISABLE(0x41, 0x3)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="64670feea1096f00003e660f38054c880f323e26640fb9a9c94f660fc7b27f1a360f09366764f4660fdd40e69a3a00e300baa000b0e5ee", 0x37}], 0x1, 0x6, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)

14.401315608s ago: executing program 6 (id=4272):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000001800)={'#! ', './file1/../file0', [], 0xa, "760ad63bd93c65be332ef04cbf83be4a1a6540ef6c5040b4e4707c73c8087e508a4fc8366aa0e0cf8736231f869ca3d7acabf3e6daa72eb730842390d8110e6a23bd1f2bc89be6ce563b529fb77ef0d56ea6b238f9e935db72ae6866b54bd83fd2e1c7da25a05d0f8a4638808d1245d4"}, 0x84)
write$UHID_INPUT(r4, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf063a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b124e4ebe0d9883ef100f1934e42794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746733d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c1169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a63941564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9fe9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc5492b4e1083a2e3d77215a34abef947b5b9a950e780662de18873e55899c92db3ad3d437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb0466c237376ca2944ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c7c636b3a2b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e4", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000500)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "9001001c781265406c7f306003d8a0f4bd0000000300000000002f59911800"}})
sendfile(r1, r2, 0x0, 0x20000023893)
ioctl$EVIOCGKEYCODE(r2, 0x80084504, 0xfffffffffffffffd)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r7, 0x0)
accept(r7, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB="0800a0009e09000008009f000400000008002600800900000800a10005"], 0x3c}}, 0x0)
pipe(&(0x7f0000000080)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3800000054000100040000000000000807", @ANYRESHEX], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40080)
r12 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc)
splice(r10, 0x0, r12, 0x0, 0x4ffe6, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a01000000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0x68}, 0x1, 0x0, 0x0, 0x20040804}, 0x800)

13.431999874s ago: executing program 5 (id=4274):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup(0x56e6, &(0x7f0000000000)={0x0, 0xf6f7, 0x40, 0x0, 0x80dc})
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000480)=ANY=[@ANYBLOB="38010000", @ANYRES16=r2, @ANYBLOB="01002bbd7000000000000c000000180001801400020076657468305f746f5f626f6e640000000c010380040001000401038010000180050002000000000004000300180001800400030004000300080001005b07000004000300440001800800010070000000050002000000000004000300060002002700000008000100010000801200020076657468305f746f5f626f6e64000000080001003f5800002c0001801200020076657468305f746f5f626f6e6400000009000200aaaaaaaaaa00000004000300040003000c000180080001000000ffff040001805800018008000100090000000c000200657468746f6f6c000400030008000100040000000800010007000000060002002d0000000800010000000000040003001200020076657468305f746f5f626f6e64000000040003006d8e7cf63233a33d6404aace6a4737b5eb169ba967dcfb14cb08e17367d1173075be1dc11ed0692ed86d5dcef4ab9b691aa33dedde0fa23c78ba730a0be476e07489ba9ee4794c8218dd25806682294602e7f895c0e7a61b5d57c8173d9f7c33d62a2145745836974b3aba5d98cb4d5e24da922fbe7d1f7a27e013d7e0bf698ac63adffbbdb5fcb191e4726d25f1657cd33935b8acf0b2227ae1d8282a92a2e16e01f757b4280af37a52b1978c74f680"], 0x138}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="4801000042000100fffffffffddbdf250200000004003880100001800c00c800020000000000000020010480"], 0x148}, 0x1, 0x0, 0x0, 0x8800}, 0x4040)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f30"], 0xd4}}, 0x4000010)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
lchown(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
syz_emit_ethernet(0x62, &(0x7f0000000040)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x2c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0xc2, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "72067615774f0e456eb86cc800"}, @window={0x3, 0x3, 0x5}]}}}}}}}}, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]})
rename(&(0x7f0000000400)='./bus\x00', 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000340)={&(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x80800})

12.30731035s ago: executing program 1 (id=4276):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x4b, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000000)={0x0, 0x399a, 0x5, 0x1, 0x2})
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000, 0x100, 0x1}, 0x20)
arch_prctl$ARCH_SHSTK_ENABLE(0x5003, 0x2)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x2)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'netdevsim0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000001c0))
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)

12.195026323s ago: executing program 5 (id=4278):
socket$nl_route(0x10, 0x3, 0x0)
timer_create(0x1, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7f78, 0x204ef8, 0x5a, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141182)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f0000000140)=0x8, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x2, 0x5, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x0, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0x4, 0x100, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "0adb3fb8"}, 0x5})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

11.221003062s ago: executing program 6 (id=4280):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r7, 0xc018aec0, &(0x7f00000000c0)={0x1})
r8 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000340)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x4, 0x5}, {}, {0x7, 0x5}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xa, 0xffe0}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20048081}, 0xc0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r11 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$kcm(r11, &(0x7f00000000c0)={&(0x7f0000000840)=@xdp={0x2c, 0x7, r12, 0x3e}, 0x80, &(0x7f0000000480)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1}, 0x4)

11.022798682s ago: executing program 0 (id=4282):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r1, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, 0x0, 0x1, 0x7}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000680))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000880)={@loopback}, &(0x7f00000008c0)=0x14)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x1)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
r2 = epoll_create1(0x80000)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x25)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(0xffffffffffffffff, 0x40046411, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$UI_SET_RELBIT(r4, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x1)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$UI_DEV_DESTROY(r4, 0x5502)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x100000c, 0x13, r3, 0x100000000)

10.982889735s ago: executing program 1 (id=4283):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
userfaultfd(0x1)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, 0x0)
ioctl$IOMMU_VFIO_SET_IOMMU(r3, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r3, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB])

9.575923891s ago: executing program 1 (id=4284):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14)
syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa1a81004000080045000028006500004506907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c02ffff90780000"], 0x0)
syz_extract_tcp_res(0x0, 0xa, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e09200000000000010902240001000000000904000901030001000921050000012205000905810300"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000100), 0x7fffffffffffffff, 0x0)
getpid()
syz_io_uring_setup(0x235, &(0x7f0000000500)={0x0, 0x4533, 0x10100, 0x0, 0x24c}, &(0x7f0000000880), &(0x7f0000000280))
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f00000001c0)=<r2=>0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000100)={0x18, 0x0, {0x1, @local, 'veth0_to_hsr\x00'}}, 0x1e)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x400, &(0x7f0000000280)=ANY=[@ANYRES32=r2])
read$FUSE(0xffffffffffffffff, &(0x7f00000083c0)={0x2020, 0x0, <r4=>0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x8000}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dedb505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d5e02bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdc9e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705079f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff759fc677a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e402b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10fd534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb75bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eec747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0xfffffffffffffffc, {0x0, 0xe}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
r7 = dup3(r6, 0xffffffffffffffff, 0x80000)
fallocate(r7, 0x20, 0x5910, 0x9)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(r5, 0x8, &(0x7f0000000200)=0x400000bce)

9.516084372s ago: executing program 4 (id=4285):
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, "000064640000001503fe00", "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", "2fc7977386a7a0236a9cc1f0", "cf6cce2296b3f853e224c4e0"]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000200)=@multiplanar_userptr={0x9, 0x1, 0x4, 0x100004, 0x4, {0x0, 0x2710}, {0x0, 0xc, 0xf8, 0x7, 0x6, 0x0, "3b051c46"}, 0x10000, 0x2, {0x0}, 0x1}) (fail_nth: 4)

9.401102504s ago: executing program 0 (id=4286):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000180)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x10043, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0xf)
sendmsg$IPSET_CMD_LIST(r5, 0x0, 0xc000)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0xfffff)
r7 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r7, 0xc058565d, &(0x7f0000002dc0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x7, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, "488dc807"}, 0x1004, 0x2, {0x0}, 0x10000003})

9.160148372s ago: executing program 5 (id=4287):
r0 = socket(0x2a, 0x2, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r5, 0x4068aea3, &(0x7f00000002c0)) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x1c, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001040000850000008200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0xe, 0x0, &(0x7f00000002c0)="b8000005000000005baf2312bbc2", 0x0, 0x12000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x1, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_SRC_PORT={0x6}, @TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @multicast2}]}}]}, 0x44}}, 0x4000)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

8.119098817s ago: executing program 0 (id=4288):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mremap(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x20000007, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_io_uring_setup(0x10d4, &(0x7f0000000000)={0x0, 0x8193, 0x0, 0x0, 0x1000034f}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)

7.727661074s ago: executing program 1 (id=4289):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x0, 0x700, 0x1, 0x9, {{0x5, 0x4, 0x0, 0x9, 0x14, 0x66, 0x0, 0x8, 0x29, 0x0, @private=0xa010100, @empty}}}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'dummy0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0) (fail_nth: 4)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000008, 0x12, r1, 0x100000000)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)

6.708530182s ago: executing program 0 (id=4290):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
setrlimit(0x7, &(0x7f0000000180)={0xfffffffe, 0x6})
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket(0x10, 0x3, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc", 0xe)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
ioctl$BINDER_FREEZE(r1, 0x400c620e, &(0x7f0000000080)={0x0, 0x0, 0x1000000})
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x2001, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000700)={'syz1\x00', {0x0, 0x0, 0x0, 0x9}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x80000000, 0x4000, 0x0, 0x0, 0x8, 0x0, 0x2000001, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0xfffffffc, 0x4, 0xfffffefe, 0x0, 0xf6, 0x0, 0x0, 0x3, 0x1, 0x9, 0x0, 0x0, 0x80001ff, 0x4, 0x0, 0x1, 0x7fffffff, 0x2, 0x0, 0xfffffffd, 0x5, 0x0, 0xfdfffffd, 0x4, 0x1, 0x0, 0x0, 0x0, 0x5, 0xfffffffe, 0xffffffff, 0x7b67], [0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0xfffffffe, 0x3, 0x0, 0x0, 0x9b05, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0xfffffff8, 0xfffffffc, 0x2, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0xfffffffc, 0x0, 0x0, 0xc0000, 0xffffffff, 0x1a0d, 0x39, 0xaecd, 0x0, 0x0, 0x3, 0x4], [0x1, 0x0, 0x567, 0x4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000005, 0x0, 0x0, 0x0, 0x0, 0x8, 0x10000000, 0x0, 0xf, 0xfffffffc, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffd, 0x0, 0x3, 0x4000000d, 0xffffffff, 0x0, 0x9, 0x3, 0x0, 0x14, 0x1, 0x0, 0xa, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x1d, 0x400, 0x0, 0xed0, 0x4000002], [0x0, 0x1ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0xf7b, 0x0, 0x0, 0x0, 0x4080, 0x10000, 0x0, 0xc956, 0x8, 0x0, 0x3e8, 0xfffffffd, 0x10000001, 0x0, 0x0, 0x5861, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0xf, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x101, 0xfffffffe, 0x0, 0x8949, 0x0, 0x2]}, 0x45c)
r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
r5 = openat$iommufd(0xffffff9c, &(0x7f0000000000), 0x24001, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r5, 0x3ba0, &(0x7f0000000400)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x3, 0x29, &(0x7f0000000040)="e4fc481d446b0bad51069ec0dc7f2a5f77e2e15e9ce98224bfcdd68b7fcd07cd99211328e0682f8fa6", 0x5})
openat$ppp(0xffffff9c, 0x0, 0x4340, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f000000fa00))

6.594293984s ago: executing program 1 (id=4291):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)=@newtfilter={0xcc, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {}, {0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0xa0, 0x2, [@TCA_U32_FLAGS={0x8, 0xb, 0x2}, @TCA_U32_SEL={0x94, 0x5, {0x10, 0x1, 0x8, 0x3, 0x3, 0xd, 0x9, 0x2, [{0xab27, 0x49, 0x101}, {0xfffff29e, 0x9f9d, 0xf, 0x9}, {0x4, 0xf9, 0x80000000, 0x2}, {0x7, 0x9, 0xffffffff, 0xfffffff7}, {0x1, 0xca99, 0x9, 0x2}, {0x3, 0x3d0, 0x8, 0x3}, {0x2, 0x449, 0x80000001, 0x6}, {0x9, 0x3, 0x2, 0x5}]}}]}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0xa0, &(0x7f0000000100)={0x0, 0x200089bd, 0x80, 0x1, 0x385}, &(0x7f0000000240), 0x0)
r10 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'veth1\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r12, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x4000000)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4043, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

6.548092159s ago: executing program 6 (id=4292):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xffd8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x29, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$swradio(0x0, 0x1, 0x2)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r5, &(0x7f0000000640)={0x2, 0x0, {0x0, 0x0, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r5, 0x0, 0x0)
write$vhost_msg(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0x1fffffffffffff65, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r6 = syz_open_dev$video(&(0x7f0000000000), 0x8000000000b, 0x28000)
ioctl$VIDIOC_LOG_STATUS(r6, 0x5646, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x1b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='bcache_write\x00', r7, 0x0, 0x8}, 0xffe7)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

5.741433692s ago: executing program 5 (id=4293):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000a00)="9cd568f007e6fbdb5a1be2afaf20620104bb485cb7d2dfcc63838529578dcb73e9adf0c31c8d318481f8fdf53d3c3e442f432eed7729dd31ebb2844bd318b9dca1c4d3e35d5ed5bab8b780431444550f170283849a58b3f025728a177a64dc07ec27b73305d532801d81ea55b1f16465e5b5b9fcc92def4c925dcce2f49a63cea0eddc84b367ad8bc94d03000000000000854ba9a6954722a02360c9c32dd2d434e6d621d929dcbcaab2b9fa02f105aea2e486f8fc046906a0c6fe0e0000004e75ef325da7af1e069c186f", 0xcb}], 0x1}}], 0x2, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
socket$inet6(0xa, 0x80000, 0x3)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

5.210026871s ago: executing program 6 (id=4294):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
userfaultfd(0x1)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, 0x0)
ioctl$IOMMU_VFIO_SET_IOMMU(r3, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r3, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB])

5.111787391s ago: executing program 4 (id=4295):
socket$key(0xf, 0x3, 0x2)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs2/custom1\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00010002"], 0x8)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

5.105920876s ago: executing program 0 (id=4296):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
poll(0x0, 0x0, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
wait4(0x0, 0x0, 0x40000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000bfe000/0x400000)=nil)
syz_emit_ethernet(0x7a, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, '\x00', 0x44, 0x2f, 0x0, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x880b, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57}, {}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}}}}}}}}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0xfffc, 0x2fd, 0x1, 0x101}})
open(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x1a1342, 0x0)

4.164762219s ago: executing program 6 (id=4297):
socket$nl_route(0x10, 0x3, 0x0)
timer_create(0x1, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7f78, 0x204ef8, 0x5a, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141182)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f0000000140)=0x8, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x2, 0x5, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x0, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0x4, 0x100, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "0adb3fb8"}, 0x5})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

4.110285934s ago: executing program 0 (id=4298):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e092000000000000109022400010000000009040009010300010009210500000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = memfd_secret(0x80000)
dup(r1)
syz_open_dev$hidraw(&(0x7f0000000100), 0x34, 0x101142)
syz_io_uring_setup(0x235, &(0x7f0000000500)={0x0, 0x4533, 0x10100, 0x0, 0x24c}, &(0x7f0000000880)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})

2.591765785s ago: executing program 4 (id=4299):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x408400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000007c0)={'syzkaller0\x00', 0x2})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70b925, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {}, {0xb, 0xb}, {0x0, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x20018041}, 0x4008000)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000580)={&(0x7f00000005c0)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000000340)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x80000000}, &(0x7f00000001c0)=0x2, 0x0, 0x6, 0x2, 0x1b, 0x7, 0x2e, 0x9}}], 0x58, 0x4000000}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@bridge_getvlan={0x18, 0x72, 0x7e3bfe4fa73db39f}, 0x18}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r8}, 0x10)

2.545128603s ago: executing program 6 (id=4300):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r1 = openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
mount(&(0x7f0000000040)=@rnullb, &(0x7f00000001c0)='./cgroup\x00', &(0x7f0000000340)='overlay\x00', 0x1, &(0x7f00000003c0)='#-[\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = io_uring_setup(0x6fab, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r4, 0x18, 0x0, 0x1)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
connect$inet6(r5, 0x0, 0x0)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140)='vfat\x00', 0x8000, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x20, 0x1411, 0x200, 0x70bd2c, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x50}, 0x40)

2.480119569s ago: executing program 5 (id=4301):
r0 = socket$nl_route(0x10, 0x3, 0x0)
gettid()
timer_create(0x1, 0x0, &(0x7f0000000000))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
io_uring_enter(0xffffffffffffffff, 0x7f78, 0x204ef8, 0x5a, &(0x7f0000000000)={[0x7]}, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141182)
r2 = socket$inet6(0xa, 0x3, 0x3a)
connect$inet6(r2, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x10, &(0x7f0000000140)=0x8, 0x4)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x2, 0x5, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r3}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x0, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000040)=0x1)
lseek(r0, 0x4, 0x4)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0x4, 0x100, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "0adb3fb8"}, 0x5})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

2.383922095s ago: executing program 1 (id=4302):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000009c0)={{0x12, 0x1, 0x0, 0x3a, 0x98, 0x2a, 0x8, 0xccd, 0x10a3, 0x23a2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x57, 0x33, 0x19}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000080)=ANY=[@ANYBLOB="000206"], 0x0, 0x0})
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000000))
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000280)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000200)=[{&(0x7f00000005c0)="27050200590214000600002fb96da7f706e10500000086ddffff1144ee1611d4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184bbfdb9dd6f635406c4a67c5ff905a80e8404bb39fa4647893c17de955e6c8e765fa111bab1b33a1571772290d038d6cdfe81208da10a97337ccacb53d20e2311bbcc6f8e4d2a5f8256cb8584db15a24067e11e1462505442d912f40e409000000f8dd2eb87781e0802b62ce525aaa91b19a8296d13e2f0b6ef45c8e76a8e12bb7b77f5b882f41a1abc6839ba447dee5704f6c7e70", 0xc9}, {&(0x7f00000006c0)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f472bbdc8e3a2275f2587f0ca0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292e24a9952f18ec3d8b37bb3391096c1d4442a754899299321c03cbcfb98a26994b2a072c2b9d9c70d619545e5f61b050e40166d2ff57dcc008f24fd5339e7bc21e25863f80d2487c30b6bf781608a31d68e9319ab1712d8f5bfde849c040417c864cbfd3923dcb9fc6bdc2ea53334184b03efcb631dc68f0a7b6e13eea4b80d4237120e32932ca4e2b50bad0a35496d36a191d91f03b477b9587bc0ba489932e34f819fa1524ebad53a3d94b46c6aeff4f42fa067729fbb2862c09d337a75e0c8429d4bfe0dee2e1e23e8c22787178600ecca135623731e4701f35bd4e7c936a8ee274120e7662328a5aba1161b05889b045696721c79bff0547efe051f3c5de77fdd3c77afd41a1a7747a982b7efb013c9d6bac7d3ad1f9b7c3a5a1448b35696f03bca1c875e346edc55b7a271c3e5f3c0df72c8e4d7cccfa2827b87e8d4ae9c17bd51ed1a21cdb3f3e9b598f0ae06efbc1a5d5bd91aed6b32deccf7755cef50fab72633c80253", 0x1d9}], 0x2}, 0x9cdc2384056b48b8)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x18c)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, &(0x7f0000000100)={0x40, 0xc, 0x100, {0x100, 0x23, "027ba715be24edf3bca1f4a60c71567ead63dce222f4716641644f3dbefd85d1c51aa11707219e16536d416878b3b9e0090b3f50c5573bea2a881951369904d67e0ae76980217dc343b11e687617c9c8566355d3c87a5b1cc3a848726a016047c1ec15ad19b953870e503318f846c64190e609772d6d393735f39e28c904c7e7dabf14c13dc1fc9bdde1114359826850c95f9ada6752ad4a86bdc61a5e0926a05a967261dd876ae133df832874283df93e8333e1c1275d1fc1b56fc8a202e7d16e1085cf59f81a9331a9f7e8296eacec10670f31090d9ae12ecee8bfcbbfe69734f324151685d6653d8574d7bc97e77887d7b44a77507f31e159a00acb39"}}, &(0x7f0000000240)={0x0, 0x3, 0x6b, @string={0x6b, 0x3, "a8c4a398904bee256de26f2a23b8351f0836620b646ab7270aa10fce37207be2b58a7d4100ed74631f06fef497c924e827fb588de0be3b876500c27e911c5b51d13b7a850a9ae39ab09dca0f0b70eae973fbe81ddaa7fa9cfb8eec606f3f0583127e68f53dd5e42679"}}, &(0x7f0000000040)={0x0, 0x22, 0x15, {[@main=@item_012={0x1, 0x0, 0x9, "bf"}, @local=@item_012={0x1, 0x2, 0x4, "a6"}, @global=@item_4={0x3, 0x1, 0x9, "1ec0bb25"}, @local=@item_4={0x3, 0x2, 0x5, "267cc423"}, @local=@item_012={0x1, 0x2, 0x3, "ff"}, @local=@item_012={0x1, 0x2, 0x4, 'Z'}, @global=@item_012={0x2, 0x1, 0x4, '+\n'}]}}, &(0x7f00000002c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x2, 0x0, 0x1, {0x22, 0x505}}}}, &(0x7f00000005c0)={0x2c, &(0x7f0000000600)=ANY=[@ANYBLOB="2016b4000000d32dfacd6953054ef1972489a14577c841968eae01a850b57df677468664812a00e779d06e1b29fa053c40c20f7d6e30f8079735ef6210edf40ca934f06934b8960e113a7d596edc1db41e90d2e8821f8db46c74dd375b12125440be4819d8ce945a9bc831e5c88920ff8d5598746337fe105c916236744584f39b90c8918bcdc8ae3936430d507dbfdd128718ffa898e9dcda7b9ca0a96ce46a0ed27b2ba507f0cf37a22422e4766f202443ac172f0a2391612de30e"], &(0x7f0000000440)={0x0, 0xa, 0x1, 0x2e}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x66}, &(0x7f00000004c0)=ANY=[@ANYBLOB="20019c000000e53b3bdb981d9c95dfb3ee071bcd4e8e52addbc41a264686f0eec59ce751982e44023be181d3aaf192a378bcb1efc0a7e29647a6209b0af50b3efa91cbadf0dc077ce18d939dffb53e3e26ebbb56185032fef0f4f3c14eff5da90d0a0900101368d923096c01ad3a687eb795e11b5953d78f5237fe7ac3f5f13f958e17c94da4b70512d4c67bbababfc32dd32a3fba316582dd8809c5869f04"], &(0x7f0000000580)={0x20, 0x3, 0x1, 0x5}})
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@quota}]})
lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xffffffffffffffff)

2.019709005s ago: executing program 4 (id=4303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
poll(0x0, 0x0, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
wait4(0x0, 0x0, 0x40000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000bfe000/0x400000)=nil)
syz_emit_ethernet(0x7a, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, '\x00', 0x44, 0x2f, 0x0, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x880b, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57}, {}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}}}}}}}}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0xfffc, 0x2fd, 0x1, 0x101}})
open(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x1a1342, 0x0)

476.574291ms ago: executing program 4 (id=4304):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8983, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x8000, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000007c0)=ANY=[@ANYBLOB="d0010000210001000000000004000000ff010000000000000000000000000001fc02000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000080011100fe8000000000000000000000000000bbac1e000100000000000000000000000020010000000000000000000000000000fe8800000000000000000000000001012b0200000135000002000200e0000001000000000000000000000000ac1414aa000000000000000000000000fc020000000000000000000000000000fe88000000000000000000000000000133040000ff34000002000200fc010000000000000000000000000001fe800000000000000000000000000035ac1414aa000000000000000000000000fc0200000000000000000000000000013c000000000000000a0008000a01010200000000000000000000000000000000000000000000000000000000ac1414aa000000000000000000000000fe80000000000000000000000535000002000a007f000001000000000000000000000000ac1414aa000000000000000000000000fc010000000000000000000000000001fc00000000000000000000000000000133040000033500000a00020089a9053d05"], 0x1d0}}, 0x0) (fail_nth: 4)

0s ago: executing program 4 (id=4305):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0) (fail_nth: 4)

kernel console output (not intermixed with test programs):

___sys_sendmsg+0xa5d/0xc30
[ 1865.642701][T20681]  ? copy_msghdr_from_user+0x10a/0x160
[ 1865.642720][T20681]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1865.642755][T20681]  ___sys_sendmsg+0x134/0x1d0
[ 1865.642775][T20681]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1865.642826][T20681]  __sys_sendmsg+0x16d/0x220
[ 1865.642845][T20681]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1865.642880][T20681]  do_syscall_64+0xcd/0xf80
[ 1865.642905][T20681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1865.642922][T20681] RIP: 0033:0x7fef7a58f749
[ 1865.642935][T20681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1865.642951][T20681] RSP: 002b:00007fef7b443038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1865.642967][T20681] RAX: ffffffffffffffda RBX: 00007fef7a7e5fa0 RCX: 00007fef7a58f749
[ 1865.642978][T20681] RDX: 0000000020000084 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1865.642988][T20681] RBP: 00007fef7b443090 R08: 0000000000000000 R09: 0000000000000000
[ 1865.642997][T20681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1865.643006][T20681] R13: 00007fef7a7e6038 R14: 00007fef7a7e5fa0 R15: 00007fff69276a98
[ 1865.643031][T20681]  </TASK>
[ 1865.904945][ T6427] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1865.925474][ T6427] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1865.959937][ T6427] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1865.987448][ T6427] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1866.114076][ T6427] usb 7-1: config 0 descriptor??
[ 1866.686049][ T6427] koneplus 0003:1E7D:2D51.0023: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.6-1/input0
[ 1867.883314][   T10] usb 7-1: USB disconnect, device number 6
[ 1868.234848][T20714] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[ 1868.255133][T20714] audit: out of memory in audit_log_start
[ 1868.826357][   T30] audit: type=1400 audit(1768801787.431:2008): avc:  denied  { map } for  pid=20711 comm="syz.5.3820" path="socket:[63745]" dev="sockfs" ino=63745 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[ 1868.913881][   T30] audit: type=1400 audit(1768801787.901:2009): avc:  denied  { ioctl } for  pid=20716 comm="syz.6.3823" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 1870.999620][   T30] audit: type=1400 audit(1768801790.021:2010): avc:  denied  { create } for  pid=20735 comm="syz.4.3828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[ 1873.045499][   T30] audit: type=1400 audit(1768801792.041:2011): avc:  denied  { getopt } for  pid=20752 comm="syz.4.3834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1873.329343][   T30] audit: type=1400 audit(1768801792.351:2012): avc:  denied  { read } for  pid=20750 comm="syz.6.3833" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1873.410628][   T24] usb 5-1: new low-speed USB device number 42 using dummy_hcd
[ 1873.549362][   T30] audit: type=1400 audit(1768801792.571:2013): avc:  denied  { map } for  pid=20750 comm="syz.6.3833" path="socket:[63807]" dev="sockfs" ino=63807 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 1873.590879][   T24] usb 5-1: Invalid ep0 maxpacket: 32
[ 1873.780726][   T24] usb 5-1: new low-speed USB device number 43 using dummy_hcd
[ 1875.331147][   T24] usb 5-1: Invalid ep0 maxpacket: 32
[ 1875.332979][T20771] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1875.540799][   T24] usb usb5-port1: attempt power cycle
[ 1876.293888][   T24] usb 5-1: new low-speed USB device number 44 using dummy_hcd
[ 1876.356892][   T24] usb 5-1: device descriptor read/8, error -71
[ 1876.363240][ T6427] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1877.048953][ T6427] usb 1-1: Using ep0 maxpacket: 32
[ 1877.071188][ T6427] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1877.078887][ T6427] usb 1-1: too many configurations: 91, using maximum allowed: 8
[ 1878.052322][ T6427] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1878.060183][ T6427] usb 1-1: can't read configurations, error -61
[ 1878.200663][ T6427] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1878.820622][ T6427] usb 1-1: Using ep0 maxpacket: 32
[ 1878.827344][ T6427] usb 1-1: device descriptor read/all, error -71
[ 1878.834470][ T6427] usb usb1-port1: attempt power cycle
[ 1883.397524][   T30] audit: type=1400 audit(1768801802.421:2014): avc:  denied  { write } for  pid=20826 comm="syz.5.3837" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1883.460872][   T30] audit: type=1400 audit(1768801802.451:2015): avc:  denied  { open } for  pid=20826 comm="syz.5.3837" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1883.496486][   T30] audit: type=1400 audit(1768801802.451:2016): avc:  denied  { ioctl } for  pid=20826 comm="syz.5.3837" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1884.520847][T20844] atomic_op ffff888031286998 conn xmit_atomic 0000000000000000
[ 1884.596262][   T30] audit: type=1400 audit(1768801803.601:2017): avc:  denied  { ioctl } for  pid=20841 comm="syz.4.3852" path="socket:[63288]" dev="sockfs" ino=63288 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1884.642284][T20845] blktrace: Concurrent blktraces are not allowed on loop2
[ 1887.187984][   T30] audit: type=1400 audit(1768801806.141:2018): avc:  denied  { setattr } for  pid=20848 comm="syz.4.3859" path="pipe:[63384]" dev="pipefs" ino=63384 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1888.990882][   T24] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1889.275279][   T24] usb 6-1: Using ep0 maxpacket: 8
[ 1889.291839][   T24] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1889.300040][   T24] usb 6-1: config 0 has no interface number 0
[ 1889.315243][   T24] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1889.431031][   T24] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1889.442878][   T24] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1889.530072][   T24] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1889.573986][   T30] audit: type=1400 audit(1768801808.601:2019): avc:  denied  { write } for  pid=20886 comm="syz.6.3867" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 1889.637838][   T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1889.650576][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1889.693516][   T24] usb 6-1: config 0 descriptor??
[ 1889.850158][   T24] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1890.000142][   T30] audit: type=1400 audit(1768801809.011:2020): avc:  denied  { read } for  pid=20892 comm="syz.4.3869" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1890.103163][   T10] usb 6-1: USB disconnect, device number 18
[ 1890.127735][   T10] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[ 1890.328434][T20902] overlayfs: missing 'workdir'
[ 1890.465772][T20907] fuse: Bad value for 'rootmode'
[ 1891.146799][T20909] block device autoloading is deprecated and will be removed.
[ 1891.165651][   T30] audit: type=1400 audit(1768801810.191:2021): avc:  denied  { read } for  pid=20913 comm="syz.6.3873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1891.255046][T20919] sch_tbf: burst 1885 is lower than device lo mtu (65550) !
[ 1891.375463][T20919] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3873'.
[ 1891.473976][T20921] vxcan1: entered promiscuous mode
[ 1891.501524][T20924] blktrace: Concurrent blktraces are not allowed on loop8
[ 1891.762085][   T30] audit: type=1400 audit(1768801810.791:2022): avc:  denied  { name_bind } for  pid=20931 comm="syz.6.3879" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1892.105040][   T30] audit: type=1400 audit(1768801811.131:2023): avc:  denied  { shutdown } for  pid=20934 comm="syz.1.3880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1892.453162][   T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1892.751759][   T10] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1892.760452][   T10] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1892.784680][   T10] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1892.860669][   T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1892.886767][   T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1892.910943][   T10] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1892.940808][   T10] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1892.945346][   T30] audit: type=1400 audit(1768801811.971:2024): avc:  denied  { mount } for  pid=20943 comm="syz.5.3881" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1892.964098][   T10] usb 7-1: Product: syz
[ 1893.012225][   T10] usb 7-1: Manufacturer: syz
[ 1893.068380][   T10] cdc_wdm 7-1:1.0: skipping garbage
[ 1893.075767][T20944] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1893.700876][   T10] cdc_wdm 7-1:1.0: skipping garbage
[ 1893.730311][   T10] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[ 1893.739082][   T10] cdc_wdm 7-1:1.0: Unknown control protocol
[ 1893.753352][   T10] usb 7-1: USB disconnect, device number 7
[ 1894.733202][   T30] audit: type=1400 audit(1768801813.761:2025): avc:  denied  { unmount } for  pid=20485 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1895.105876][T20962] overlayfs: missing 'workdir'
[ 1896.738707][T20974] blktrace: Concurrent blktraces are not allowed on loop2
[ 1896.810652][T20816] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[ 1896.982421][T20816] usb 7-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1897.017109][T20816] usb 7-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1897.050592][T20816] usb 7-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[ 1897.087783][T20816] usb 7-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1897.115952][T20816] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1897.141758][T20967] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1897.192044][T20978] blktrace: Concurrent blktraces are not allowed on loop8
[ 1897.562938][T20816] aiptek 7-1:17.0: Aiptek using 400 ms programming speed
[ 1898.059048][T20816] input: Aiptek as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:17.0/input/input119
[ 1898.139657][T20816] usb 7-1: USB disconnect, device number 8
[ 1898.145598][    C1] aiptek 7-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1898.265611][T20989] FAULT_INJECTION: forcing a failure.
[ 1898.265611][T20989] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.278575][T20989] CPU: 1 UID: 0 PID: 20989 Comm: syz.1.3893 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1898.278602][T20989] Tainted: [L]=SOFTLOCKUP
[ 1898.278609][T20989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1898.278619][T20989] Call Trace:
[ 1898.278625][T20989]  <TASK>
[ 1898.278632][T20989]  dump_stack_lvl+0x16c/0x1f0
[ 1898.278661][T20989]  should_fail_ex+0x512/0x640
[ 1898.278677][T20989]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1898.278697][T20989]  should_failslab+0xc2/0x120
[ 1898.278721][T20989]  __kmalloc_cache_noprof+0x80/0x800
[ 1898.278738][T20989]  ? drm_mode_duplicate+0x47/0x200
[ 1898.278765][T20989]  ? drm_mode_duplicate+0x47/0x200
[ 1898.278785][T20989]  drm_mode_duplicate+0x47/0x200
[ 1898.278809][T20989]  drm_add_modes_noedid+0x167/0x200
[ 1898.278833][T20989]  vkms_conn_get_modes+0x20/0x40
[ 1898.278855][T20989]  drm_helper_probe_single_connector_modes+0x574/0x16c0
[ 1898.278880][T20989]  ? __pfx___might_resched+0x10/0x10
[ 1898.278908][T20989]  ? __pfx_drm_helper_probe_single_connector_modes+0x10/0x10
[ 1898.278931][T20989]  ? drm_master_put+0x6f/0xe0
[ 1898.278962][T20989]  ? drm_is_current_master+0x2c/0x40
[ 1898.278983][T20989]  ? __pfx_drm_helper_probe_single_connector_modes+0x10/0x10
[ 1898.279008][T20989]  drm_mode_getconnector+0x727/0x1530
[ 1898.279039][T20989]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 1898.279076][T20989]  ? drm_dev_exit+0x41/0x60
[ 1898.279108][T20989]  drm_ioctl_kernel+0x1f4/0x3e0
[ 1898.279132][T20989]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 1898.279157][T20989]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[ 1898.279192][T20989]  drm_ioctl+0x5c9/0xc30
[ 1898.279221][T20989]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 1898.279244][T20989]  ? __pfx_drm_ioctl+0x10/0x10
[ 1898.279280][T20989]  ? selinux_file_ioctl+0x180/0x270
[ 1898.279302][T20989]  ? selinux_file_ioctl+0xb4/0x270
[ 1898.279326][T20989]  ? __pfx_drm_ioctl+0x10/0x10
[ 1898.279352][T20989]  __x64_sys_ioctl+0x18e/0x210
[ 1898.279376][T20989]  do_syscall_64+0xcd/0xf80
[ 1898.279402][T20989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1898.279419][T20989] RIP: 0033:0x7f0dce78f749
[ 1898.279434][T20989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1898.279450][T20989] RSP: 002b:00007f0dcc9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1898.279466][T20989] RAX: ffffffffffffffda RBX: 00007f0dce9e6090 RCX: 00007f0dce78f749
[ 1898.279477][T20989] RDX: 0000200000000500 RSI: 00000000c05064a7 RDI: 0000000000000008
[ 1898.279488][T20989] RBP: 00007f0dcc9f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1898.279498][T20989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1898.279508][T20989] R13: 00007f0dce9e6128 R14: 00007f0dce9e6090 R15: 00007ffed6153878
[ 1898.279534][T20989]  </TASK>
[ 1901.117246][T21005] overlayfs: missing 'workdir'
[ 1901.457639][T21011] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1901.620560][   T30] audit: type=1400 audit(1768801820.531:2026): avc:  denied  { bind } for  pid=21007 comm="syz.4.3902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1901.746660][T21012] blk_print_req_error: 55 callbacks suppressed
[ 1901.746697][T21012] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.762680][T21012] buffer_io_error: 54 callbacks suppressed
[ 1901.762709][T21012] Buffer I/O error on dev nbd6, logical block 0, async page read
[ 1901.776789][T21012] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.786469][T21012] Buffer I/O error on dev nbd6, logical block 1, async page read
[ 1901.794731][T21012] I/O error, dev nbd6, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.804423][T21012] Buffer I/O error on dev nbd6, logical block 2, async page read
[ 1901.812626][T21012] I/O error, dev nbd6, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.822183][T21012] Buffer I/O error on dev nbd6, logical block 3, async page read
[ 1901.830273][T21012] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.850584][T21012] Buffer I/O error on dev nbd6, logical block 0, async page read
[ 1901.858701][T21012] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.868322][T21012] Buffer I/O error on dev nbd6, logical block 1, async page read
[ 1901.876452][T21012] I/O error, dev nbd6, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.886013][T21012] Buffer I/O error on dev nbd6, logical block 2, async page read
[ 1901.894169][T21012] I/O error, dev nbd6, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.903752][T21012] Buffer I/O error on dev nbd6, logical block 3, async page read
[ 1901.913338][T21012] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.922945][T21012] Buffer I/O error on dev nbd6, logical block 0, async page read
[ 1901.931132][T21012] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1901.941271][T21012] Buffer I/O error on dev nbd6, logical block 1, async page read
[ 1901.960742][T21012] ldm_validate_partition_table(): Disk read failed.
[ 1901.970179][T21012] Dev nbd6: unable to read RDB block 0
[ 1901.979575][T21012]  nbd6: unable to read partition table
[ 1901.987471][T21012] FAT-fs (nbd6): unable to read boot sector
[ 1902.170657][   T30] audit: type=1400 audit(1768801820.551:2027): avc:  denied  { write } for  pid=21007 comm="syz.4.3902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1903.811688][T21016] blktrace: Concurrent blktraces are not allowed on loop12
[ 1904.361915][T21027] blktrace: Concurrent blktraces are not allowed on loop8
[ 1907.012732][   T30] audit: type=1400 audit(1768801825.201:2028): avc:  denied  { create } for  pid=21050 comm="syz.1.3909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 1907.314595][   T30] audit: type=1400 audit(1768801825.251:2029): avc:  denied  { sys_admin } for  pid=21050 comm="syz.1.3909" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1908.794528][T21067] blktrace: Concurrent blktraces are not allowed on loop2
[ 1909.182575][T21071] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=50 sclass=netlink_xfrm_socket pid=21071 comm=syz.4.3915
[ 1909.426563][T21075] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3915'.
[ 1909.822746][   T30] audit: type=1400 audit(1768801828.451:2030): avc:  denied  { nlmsg_read } for  pid=21070 comm="syz.4.3915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1911.862336][T21100] FAULT_INJECTION: forcing a failure.
[ 1911.862336][T21100] name failslab, interval 1, probability 0, space 0, times 0
[ 1911.916718][T21100] CPU: 1 UID: 0 PID: 21100 Comm: syz.5.3922 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1911.916746][T21100] Tainted: [L]=SOFTLOCKUP
[ 1911.916751][T21100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1911.916761][T21100] Call Trace:
[ 1911.916767][T21100]  <TASK>
[ 1911.916773][T21100]  dump_stack_lvl+0x16c/0x1f0
[ 1911.916800][T21100]  should_fail_ex+0x512/0x640
[ 1911.916814][T21100]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1911.916833][T21100]  should_failslab+0xc2/0x120
[ 1911.916855][T21100]  kmem_cache_alloc_noprof+0x83/0x770
[ 1911.916873][T21100]  ? skb_clone+0x190/0x3f0
[ 1911.916895][T21100]  ? skb_clone+0x190/0x3f0
[ 1911.916911][T21100]  skb_clone+0x190/0x3f0
[ 1911.916930][T21100]  netlink_deliver_tap+0xabd/0xd30
[ 1911.916957][T21100]  netlink_unicast+0x64c/0x870
[ 1911.916985][T21100]  ? __pfx_netlink_unicast+0x10/0x10
[ 1911.917016][T21100]  netlink_sendmsg+0x8c8/0xdd0
[ 1911.917041][T21100]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1911.917072][T21100]  ____sys_sendmsg+0xa5d/0xc30
[ 1911.917096][T21100]  ? copy_msghdr_from_user+0x10a/0x160
[ 1911.917113][T21100]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1911.917152][T21100]  ___sys_sendmsg+0x134/0x1d0
[ 1911.917171][T21100]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1911.917219][T21100]  __sys_sendmsg+0x16d/0x220
[ 1911.917238][T21100]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1911.917271][T21100]  do_syscall_64+0xcd/0xf80
[ 1911.917295][T21100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1911.917311][T21100] RIP: 0033:0x7f19f858f749
[ 1911.917324][T21100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1911.917339][T21100] RSP: 002b:00007f19f9406038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1911.917354][T21100] RAX: ffffffffffffffda RBX: 00007f19f87e5fa0 RCX: 00007f19f858f749
[ 1911.917364][T21100] RDX: 00000000000000c0 RSI: 0000200000000140 RDI: 0000000000000003
[ 1911.917374][T21100] RBP: 00007f19f9406090 R08: 0000000000000000 R09: 0000000000000000
[ 1911.917383][T21100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1911.917393][T21100] R13: 00007f19f87e6038 R14: 00007f19f87e5fa0 R15: 00007ffcdad9ba68
[ 1911.917417][T21100]  </TASK>
[ 1914.093303][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.099915][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1916.324474][T21131] FAULT_INJECTION: forcing a failure.
[ 1916.324474][T21131] name failslab, interval 1, probability 0, space 0, times 0
[ 1916.337332][T21131] CPU: 0 UID: 0 PID: 21131 Comm: syz.0.3929 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1916.337355][T21131] Tainted: [L]=SOFTLOCKUP
[ 1916.337358][T21131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1916.337365][T21131] Call Trace:
[ 1916.337369][T21131]  <TASK>
[ 1916.337373][T21131]  dump_stack_lvl+0x16c/0x1f0
[ 1916.337392][T21131]  should_fail_ex+0x512/0x640
[ 1916.337405][T21131]  should_failslab+0xc2/0x120
[ 1916.337420][T21131]  __kmalloc_noprof+0xeb/0x910
[ 1916.337430][T21131]  ? lsm_blob_alloc+0x68/0x90
[ 1916.337443][T21131]  ? lsm_blob_alloc+0x68/0x90
[ 1916.337451][T21131]  lsm_blob_alloc+0x68/0x90
[ 1916.337462][T21131]  security_sk_alloc+0x2f/0x270
[ 1916.337475][T21131]  sk_prot_alloc+0x1c7/0x2a0
[ 1916.337491][T21131]  sk_alloc+0x36/0xe30
[ 1916.337502][T21131]  bt_sock_alloc+0x3b/0x3a0
[ 1916.337515][T21131]  l2cap_sock_alloc.constprop.0+0x33/0x1d0
[ 1916.337530][T21131]  l2cap_sock_create+0x123/0x220
[ 1916.337546][T21131]  bt_sock_create+0x185/0x350
[ 1916.337558][T21131]  __sock_create+0x339/0x8a0
[ 1916.337575][T21131]  rfcomm_l2sock_create+0x2f/0x160
[ 1916.337587][T21131]  rfcomm_dlc_open+0x624/0xaf0
[ 1916.337601][T21131]  ? __pfx_rfcomm_dlc_open+0x10/0x10
[ 1916.337613][T21131]  ? find_held_lock+0x2b/0x80
[ 1916.337630][T21131]  ? rfcomm_sock_connect+0x3df/0x6a0
[ 1916.337644][T21131]  ? rcu_is_watching+0x12/0xc0
[ 1916.337654][T21131]  ? __local_bh_enable_ip+0xa4/0x120
[ 1916.337672][T21131]  rfcomm_sock_connect+0x423/0x6a0
[ 1916.337686][T21131]  ? __sys_connect_file+0xa7/0x1a0
[ 1916.337696][T21131]  ? __pfx_rfcomm_sock_connect+0x10/0x10
[ 1916.337709][T21131]  __sys_connect_file+0x141/0x1a0
[ 1916.337720][T21131]  __sys_connect+0x13b/0x160
[ 1916.337729][T21131]  ? __pfx___sys_connect+0x10/0x10
[ 1916.337738][T21131]  ? lockdep_hardirqs_on+0x10/0x110
[ 1916.337756][T21131]  ? __pfx_ksys_write+0x10/0x10
[ 1916.337773][T21131]  __x64_sys_connect+0x72/0xb0
[ 1916.337781][T21131]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1916.337795][T21131]  do_syscall_64+0xcd/0xf80
[ 1916.337810][T21131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1916.337821][T21131] RIP: 0033:0x7fef7a58f749
[ 1916.337830][T21131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1916.337842][T21131] RSP: 002b:00007fef7b401038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1916.337854][T21131] RAX: ffffffffffffffda RBX: 00007fef7a7e6180 RCX: 00007fef7a58f749
[ 1916.337861][T21131] RDX: 0000000000000014 RSI: 0000200000000200 RDI: 0000000000000005
[ 1916.337867][T21131] RBP: 00007fef7b401090 R08: 0000000000000000 R09: 0000000000000000
[ 1916.337872][T21131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1916.337878][T21131] R13: 00007fef7a7e6218 R14: 00007fef7a7e6180 R15: 00007fff69276a98
[ 1916.337891][T21131]  </TASK>
[ 1917.307582][T21139] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1918.941148][T12339] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 1919.900590][T12339] usb 1-1: Using ep0 maxpacket: 32
[ 1919.929705][T12339] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[ 1919.979824][T12339] usb 1-1: config 0 has no interface number 0
[ 1920.008017][T12339] usb 1-1: config 0 interface 184 has no altsetting 0
[ 1920.042085][T12339] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1920.070939][T12339] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1920.100593][T12339] usb 1-1: Product: syz
[ 1920.129279][T12339] usb 1-1: Manufacturer: syz
[ 1920.139426][T12339] usb 1-1: SerialNumber: syz
[ 1920.172146][T12339] usb 1-1: config 0 descriptor??
[ 1920.192862][T12339] smsc75xx v1.0.0
[ 1921.413745][T12339] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1921.560562][T12339] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1923.216106][T12339] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[ 1923.239611][T12339] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[ 1923.303272][T12339] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1923.418153][T12339] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[ 1923.553118][T12339] usb 1-1: USB disconnect, device number 43
[ 1923.835398][T21215] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1925.660100][T21227] netlink: 272 bytes leftover after parsing attributes in process `syz.4.3948'.
[ 1926.525351][T21232] blktrace: Concurrent blktraces are not allowed on loop8
[ 1927.370621][T21240] FAULT_INJECTION: forcing a failure.
[ 1927.370621][T21240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1927.383751][T21240] CPU: 1 UID: 0 PID: 21240 Comm: syz.1.3946 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1927.383775][T21240] Tainted: [L]=SOFTLOCKUP
[ 1927.383781][T21240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1927.383790][T21240] Call Trace:
[ 1927.383796][T21240]  <TASK>
[ 1927.383803][T21240]  dump_stack_lvl+0x16c/0x1f0
[ 1927.383830][T21240]  should_fail_ex+0x512/0x640
[ 1927.383849][T21240]  _copy_to_user+0x32/0xd0
[ 1927.383875][T21240]  simple_read_from_buffer+0xcb/0x170
[ 1927.383900][T21240]  proc_fail_nth_read+0x197/0x240
[ 1927.383918][T21240]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1927.383936][T21240]  ? rw_verify_area+0xcf/0x6c0
[ 1927.383953][T21240]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1927.383970][T21240]  vfs_read+0x1e4/0xcf0
[ 1927.383991][T21240]  ? __pfx___mutex_lock+0x10/0x10
[ 1927.384016][T21240]  ? __pfx_vfs_read+0x10/0x10
[ 1927.384043][T21240]  ? __fget_files+0x20e/0x3c0
[ 1927.384070][T21240]  ksys_read+0x12a/0x250
[ 1927.384088][T21240]  ? __pfx_ksys_read+0x10/0x10
[ 1927.384106][T21240]  ? fput+0x70/0xf0
[ 1927.384124][T21240]  do_syscall_64+0xcd/0xf80
[ 1927.384145][T21240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1927.384160][T21240] RIP: 0033:0x7f0dce78e15c
[ 1927.384173][T21240] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1927.384188][T21240] RSP: 002b:00007f0dcc9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1927.384202][T21240] RAX: ffffffffffffffda RBX: 00007f0dce9e6090 RCX: 00007f0dce78e15c
[ 1927.384213][T21240] RDX: 000000000000000f RSI: 00007f0dcc9f60a0 RDI: 0000000000000008
[ 1927.384222][T21240] RBP: 00007f0dcc9f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1927.384231][T21240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1927.384239][T21240] R13: 00007f0dce9e6128 R14: 00007f0dce9e6090 R15: 00007ffed6153878
[ 1927.384263][T21240]  </TASK>
[ 1927.726736][   T30] audit: type=1400 audit(1768801846.751:2031): avc:  denied  { listen } for  pid=21243 comm="syz.5.3951" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1928.060650][T10756] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1928.081591][T21248] blktrace: Concurrent blktraces are not allowed on loop12
[ 1928.390605][T10756] usb 2-1: Using ep0 maxpacket: 16
[ 1928.396878][T10756] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1928.417953][T10756] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1928.437668][T10756] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1928.474689][T10756] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1928.494750][T10756] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1928.513320][T10756] usb 2-1: config 0 descriptor??
[ 1928.948327][T10756] microsoft 0003:045E:07DA.0024: unknown main item tag 0x0
[ 1928.949226][T21264] autofs: Bad value for 'fd'
[ 1928.980923][T10756] microsoft 0003:045E:07DA.0024: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1929.008315][T10756] microsoft 0003:045E:07DA.0024: no inputs found
[ 1929.020548][T10756] microsoft 0003:045E:07DA.0024: could not initialize ff, continuing anyway
[ 1929.103234][T21267] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3956'.
[ 1929.172988][T10756] usb 2-1: USB disconnect, device number 38
[ 1930.641757][T21291] netlink: 1276 bytes leftover after parsing attributes in process `syz.1.3964'.
[ 1930.878384][T21298] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1930.962195][T10756] usb 1-1: new full-speed USB device number 44 using dummy_hcd
[ 1931.101188][T21303] tipc: Started in network mode
[ 1931.106123][T21303] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[ 1931.118874][T21303] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[ 1931.137033][T21303] tipc: Enabled bearer <udp:syz0>, priority 10
[ 1931.211707][T10756] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[ 1931.327440][T10756] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1931.344597][T10756] usb 1-1: config 0 has no interface number 0
[ 1931.354086][T10756] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10
[ 1931.365604][T10756] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1931.375753][T10756] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1931.410577][ T5924] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[ 1931.438471][T10756] usb 1-1: config 0 interface 52 has no altsetting 0
[ 1931.470407][T10756] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1931.488700][T10756] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1931.500442][T10756] usb 1-1: Manufacturer: syz
[ 1931.566037][T10756] usb 1-1: config 0 descriptor??
[ 1931.584975][ T5924] usb 5-1: Using ep0 maxpacket: 32
[ 1931.597310][ T5924] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[ 1931.616957][T10756] hub 1-1:0.52: bad descriptor, ignoring hub
[ 1931.630160][ T5924] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1931.663123][T10756] hub 1-1:0.52: probe with driver hub failed with error -5
[ 1931.674461][ T5924] usb 5-1: Product: syz
[ 1931.717194][ T5924] usb 5-1: Manufacturer: syz
[ 1931.736192][ T5924] usb 5-1: SerialNumber: syz
[ 1931.764855][ T5924] usb 5-1: config 0 descriptor??
[ 1931.851804][T21295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1931.912733][T21295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1931.987997][ T5924] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 046
[ 1932.718610][T10756] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1932.729427][T10756] synaptics_usb 1-1:0.52: probe with driver synaptics_usb failed with error -5
[ 1932.900335][T19181] tipc: Node number set to 1
[ 1932.974655][T21300] i2c i2c-1: failure reading data
[ 1933.282380][T10756] usb 5-1: USB disconnect, device number 46
[ 1933.616308][T21331] overlay: Unknown parameter '#-['
[ 1933.703582][T21332] blk_print_req_error: 55 callbacks suppressed
[ 1933.703609][T21332] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1933.719479][T21332] buffer_io_error: 54 callbacks suppressed
[ 1933.719522][T21332] Buffer I/O error on dev nbd6, logical block 0, async page read
[ 1933.733743][T21332] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1933.743336][T21332] Buffer I/O error on dev nbd6, logical block 1, async page read
[ 1933.817385][T21332] I/O error, dev nbd6, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1933.899228][ T5924] usb 1-1: USB disconnect, device number 44
[ 1934.155049][T21332] Buffer I/O error on dev nbd6, logical block 2, async page read
[ 1934.178904][T21332] I/O error, dev nbd6, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.254830][T21332] Buffer I/O error on dev nbd6, logical block 3, async page read
[ 1934.254935][T21332] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.254960][T21332] Buffer I/O error on dev nbd6, logical block 0, async page read
[ 1934.255002][T21332] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.255026][T21332] Buffer I/O error on dev nbd6, logical block 1, async page read
[ 1934.255065][T21332] I/O error, dev nbd6, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.255087][T21332] Buffer I/O error on dev nbd6, logical block 2, async page read
[ 1934.255125][T21332] I/O error, dev nbd6, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.255147][T21332] Buffer I/O error on dev nbd6, logical block 3, async page read
[ 1934.255191][T21332] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.255211][T21332] Buffer I/O error on dev nbd6, logical block 0, async page read
[ 1934.255248][T21332] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1934.255268][T21332] Buffer I/O error on dev nbd6, logical block 1, async page read
[ 1934.259604][T21332] ldm_validate_partition_table(): Disk read failed.
[ 1934.291994][T21332] Dev nbd6: unable to read RDB block 0
[ 1934.294158][T21332]  nbd6: unable to read partition table
[ 1934.294396][T21332] FAT-fs (nbd6): unable to read boot sector
[ 1937.231521][T17767] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1937.356351][ T5904] kernel read not supported for file /dsp1 (pid: 5904 comm: kworker/0:5)
[ 1937.510926][T17767] usb 2-1: Using ep0 maxpacket: 32
[ 1937.518215][T17767] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1937.534754][T17767] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1937.620665][T21364] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1937.713681][T17767] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1937.728996][T17767] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1937.749241][T17767] usb 2-1: config 0 descriptor??
[ 1938.090420][T21348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3979'.
[ 1938.109977][T17767] usbhid 2-1:0.0: can't add hid device: -71
[ 1938.280690][T17767] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1938.354273][T17767] usb 2-1: USB disconnect, device number 39
[ 1940.656456][T21385] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1941.235053][T21395] atomic_op ffff88802c0aa998 conn xmit_atomic 0000000000000000
[ 1941.470676][T10756] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1941.676332][   T30] audit: type=1326 audit(1768801860.701:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21402 comm="syz.0.3993" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fef7a58f749 code=0x0
[ 1941.700673][T10756] usb 7-1: device descriptor read/64, error -71
[ 1941.940668][T10756] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1942.080902][T10756] usb 7-1: device descriptor read/64, error -71
[ 1942.202843][T10756] usb usb7-port1: attempt power cycle
[ 1942.632944][T10756] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1942.668633][T10756] usb 7-1: device descriptor read/8, error -71
[ 1942.766806][T21432] blk_print_req_error: 55 callbacks suppressed
[ 1942.766839][T21432] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.783168][T21432] buffer_io_error: 54 callbacks suppressed
[ 1942.783201][T21432] Buffer I/O error on dev nbd4, logical block 0, async page read
[ 1942.797376][T21432] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.816465][T21432] Buffer I/O error on dev nbd4, logical block 1, async page read
[ 1942.824732][T21432] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.834488][T21432] Buffer I/O error on dev nbd4, logical block 2, async page read
[ 1942.843407][T21432] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.853018][T21432] Buffer I/O error on dev nbd4, logical block 3, async page read
[ 1942.861307][T21432] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.870991][T21432] Buffer I/O error on dev nbd4, logical block 0, async page read
[ 1942.878984][T21432] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.888499][T21432] Buffer I/O error on dev nbd4, logical block 1, async page read
[ 1942.896575][T21432] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1942.915488][T21432] Buffer I/O error on dev nbd4, logical block 2, async page read
[ 1942.989563][T10756] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1943.021030][T10756] usb 7-1: device descriptor read/8, error -71
[ 1943.055099][T21432] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1943.064984][T21432] Buffer I/O error on dev nbd4, logical block 3, async page read
[ 1943.073272][T21432] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1943.082925][T21432] Buffer I/O error on dev nbd4, logical block 0, async page read
[ 1943.091063][T21432] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1943.100665][T21432] Buffer I/O error on dev nbd4, logical block 1, async page read
[ 1943.128802][T21432] ldm_validate_partition_table(): Disk read failed.
[ 1943.138108][T21432] Dev nbd4: unable to read RDB block 0
[ 1943.140820][T10756] usb usb7-port1: unable to enumerate USB device
[ 1943.153854][T21432]  nbd4: unable to read partition table
[ 1943.160523][T21432] FAT-fs (nbd4): unable to read boot sector
[ 1945.940583][ T5904] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1946.560880][ T5904] usb 2-1: Using ep0 maxpacket: 16
[ 1946.567894][ T5904] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1946.584459][ T5904] usb 2-1: config 8 has an invalid interface number: 140 but max is 0
[ 1946.605578][ T5904] usb 2-1: config 8 has no interface number 0
[ 1946.618983][ T5904] usb 2-1: config 8 interface 140 has no altsetting 0
[ 1946.668055][ T5904] usb 2-1: string descriptor 0 read error: -22
[ 1946.684450][ T5904] usb 2-1: New USB device found, idVendor=2c7c, idProduct=0306, bcdDevice=85.46
[ 1946.732062][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1946.970695][   T30] audit: type=1326 audit(1768801865.981:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21466 comm="syz.4.4008" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f8a18f749 code=0x0
[ 1947.034175][ T5904] qmi_wwan 2-1:8.140: probe with driver qmi_wwan failed with error -22
[ 1947.045802][ T5904] usb 2-1: USB disconnect, device number 40
[ 1947.277925][   T30] audit: type=1400 audit(1768801866.301:2034): avc:  denied  { ioctl } for  pid=21474 comm="syz.6.4009" path="socket:[65794]" dev="sockfs" ino=65794 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1948.211266][T21486] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4013'.
[ 1948.220812][T21483] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4011'.
[ 1948.229291][T21481] block device autoloading is deprecated and will be removed.
[ 1948.315663][   T30] audit: type=1400 audit(1768801867.341:2035): avc:  denied  { write } for  pid=21485 comm="syz.6.4013" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1948.326409][T21483] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4011'.
[ 1949.094214][T21497] overlay: Unknown parameter '#-['
[ 1949.641434][T21502] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1950.606158][T21517] CUSE: unknown device info ""
[ 1950.611260][T21517] CUSE: unknown device info "`"
[ 1950.616128][T21517] CUSE: unknown device info ""
[ 1950.621079][T21517] CUSE: unknown device info "€"
[ 1950.625955][T21517] CUSE: DEVNAME unspecified
[ 1950.760217][T21517] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=21517 comm=syz.5.4020
[ 1951.620370][   T30] audit: type=1400 audit(1768801870.641:2036): avc:  denied  { read write } for  pid=21530 comm="syz.0.4024" name="vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1951.774248][   T30] audit: type=1400 audit(1768801870.671:2037): avc:  denied  { open } for  pid=21530 comm="syz.0.4024" path="/dev/vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1951.910579][   T30] audit: type=1400 audit(1768801870.671:2038): avc:  denied  { ioctl } for  pid=21530 comm="syz.0.4024" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1953.870219][   T30] audit: type=1400 audit(1768801870.671:2039): avc:  denied  { create } for  pid=21530 comm="syz.0.4024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1954.407784][   T30] audit: type=1400 audit(1768801870.781:2040): avc:  denied  { mount } for  pid=21530 comm="syz.0.4024" name="/" dev="hugetlbfs" ino=65940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[ 1954.431150][   T30] audit: type=1400 audit(1768801870.781:2041): avc:  denied  { create } for  pid=21530 comm="syz.0.4024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1954.452139][   T30] audit: type=1400 audit(1768801870.921:2042): avc:  denied  { unmount } for  pid=17363 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[ 1954.601192][T21544] overlayfs: missing 'workdir'
[ 1954.608274][   T30] audit: type=1400 audit(1768801870.921:2043): avc:  denied  { read write } for  pid=17363 comm="syz-executor" name="loop0" dev="devtmpfs" ino=3382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1954.634575][   T30] audit: type=1400 audit(1768801870.921:2044): avc:  denied  { open } for  pid=17363 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=3382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1954.688113][   T30] audit: type=1400 audit(1768801870.921:2045): avc:  denied  { ioctl } for  pid=17363 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=3382 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1954.875612][   T30] audit: type=1400 audit(1768801871.041:2046): avc:  denied  { write } for  pid=21536 comm="syz.5.4025" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1954.917858][   T30] audit: type=1400 audit(1768801871.041:2047): avc:  denied  { open } for  pid=21536 comm="syz.5.4025" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1954.977151][T21557] FAULT_INJECTION: forcing a failure.
[ 1954.977151][T21557] name failslab, interval 1, probability 0, space 0, times 0
[ 1954.991482][T21557] CPU: 1 UID: 0 PID: 21557 Comm: syz.4.4029 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1954.991508][T21557] Tainted: [L]=SOFTLOCKUP
[ 1954.991514][T21557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1954.991525][T21557] Call Trace:
[ 1954.991531][T21557]  <TASK>
[ 1954.991538][T21557]  dump_stack_lvl+0x16c/0x1f0
[ 1954.991566][T21557]  should_fail_ex+0x512/0x640
[ 1954.991582][T21557]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1954.991602][T21557]  should_failslab+0xc2/0x120
[ 1954.991625][T21557]  kmem_cache_alloc_noprof+0x83/0x770
[ 1954.991648][T21557]  ? security_file_alloc+0x34/0x2b0
[ 1954.991678][T21557]  ? security_file_alloc+0x34/0x2b0
[ 1954.991701][T21557]  security_file_alloc+0x34/0x2b0
[ 1954.991725][T21557]  init_file+0x93/0x4c0
[ 1954.991742][T21557]  alloc_empty_file+0x73/0x1e0
[ 1954.991760][T21557]  alloc_file_pseudo+0x13a/0x230
[ 1954.991778][T21557]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1954.991797][T21557]  ? _raw_spin_unlock+0x3e/0x50
[ 1954.991816][T21557]  ? alloc_fd+0x471/0x7d0
[ 1954.991842][T21557]  __anon_inode_getfile+0xe8/0x280
[ 1954.991864][T21557]  __anon_inode_getfd+0x5c/0x160
[ 1954.991884][T21557]  __do_sys_landlock_create_ruleset+0x294/0x4e0
[ 1954.991908][T21557]  ? fput+0xe2/0xf0
[ 1954.991922][T21557]  ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10
[ 1954.991944][T21557]  ? ksys_write+0x1ac/0x250
[ 1954.991974][T21557]  do_syscall_64+0xcd/0xf80
[ 1954.991999][T21557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1954.992016][T21557] RIP: 0033:0x7f8f8a18f749
[ 1954.992030][T21557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1954.992046][T21557] RSP: 002b:00007f8f8af93038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc
[ 1954.992064][T21557] RAX: ffffffffffffffda RBX: 00007f8f8a3e6180 RCX: 00007f8f8a18f749
[ 1954.992074][T21557] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000200000000000
[ 1954.992085][T21557] RBP: 00007f8f8af93090 R08: 0000000000000000 R09: 0000000000000000
[ 1954.992095][T21557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1954.992104][T21557] R13: 00007f8f8a3e6218 R14: 00007f8f8a3e6180 R15: 00007ffe74351318
[ 1954.992129][T21557]  </TASK>
[ 1955.667214][   T30] audit: type=1400 audit(1768801871.041:2048): avc:  denied  { ioctl } for  pid=21536 comm="syz.5.4025" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1957.888378][T21585] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4037'.
[ 1957.930333][T21582] virtio-fs: tag </dev/md0> not found
[ 1958.024305][T21582] can0: slcan on ttyS3.
[ 1958.201472][T21578] can0 (unregistered): slcan off ttyS3.
[ 1958.208979][ T5826] Bluetooth: hci4: unexpected event for opcode 0x203b
[ 1958.943182][T21596] IPv6: Can't replace route, no match found
[ 1958.963762][   T30] kauditd_printk_skb: 46 callbacks suppressed
[ 1958.963775][   T30] audit: type=1400 audit(1768801877.991:2095): avc:  denied  { unlink } for  pid=20485 comm="syz-executor" name="file0" dev="tmpfs" ino=277 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1959.117441][   T30] audit: type=1400 audit(1768801878.141:2096): avc:  denied  { create } for  pid=21601 comm="syz.0.4043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1959.330702][   T30] audit: type=1400 audit(1768801878.241:2097): avc:  denied  { ioctl } for  pid=21598 comm="syz.5.4042" path="socket:[66050]" dev="sockfs" ino=66050 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1959.856535][   T30] audit: type=1400 audit(1768801878.441:2098): avc:  denied  { create } for  pid=21598 comm="syz.5.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1959.866809][T21613] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4045'.
[ 1959.876387][   T30] audit: type=1400 audit(1768801878.451:2099): avc:  denied  { create } for  pid=21598 comm="syz.5.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1959.942959][T21613] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21613 comm=syz.6.4045
[ 1960.325783][   T30] audit: type=1400 audit(1768801879.321:2100): avc:  denied  { write } for  pid=21615 comm="syz.4.4046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1960.752596][   T30] audit: type=1400 audit(1768801879.701:2101): avc:  denied  { create } for  pid=21609 comm="syz.6.4045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1960.815577][   T30] audit: type=1400 audit(1768801879.711:2102): avc:  denied  { create } for  pid=21619 comm="syz.1.4048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1961.956343][T21636] vivid-007: disconnect
[ 1961.969804][   T30] audit: type=1400 audit(1768801880.961:2103): avc:  denied  { create } for  pid=21626 comm="syz.5.4050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1962.344671][T21627] vivid-007: reconnect
[ 1962.629420][   T30] audit: type=1400 audit(1768801880.981:2104): avc:  denied  { create } for  pid=21627 comm="syz.4.4049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1962.827943][T21640] fuse: Unknown parameter '0x0000000000000004'
[ 1962.993567][T21646] block device autoloading is deprecated and will be removed.
[ 1963.650623][ T6427] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1963.860899][ T6427] usb 6-1: Using ep0 maxpacket: 8
[ 1963.869201][ T6427] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1963.881811][ T6427] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1963.894704][ T6427] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 14385, setting to 1024
[ 1963.936151][ T6427] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1964.022528][   T30] kauditd_printk_skb: 22 callbacks suppressed
[ 1964.022538][   T30] audit: type=1400 audit(1768801883.051:2127): avc:  denied  { bind } for  pid=21669 comm="syz.0.4062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1964.123989][   T30] audit: type=1400 audit(1768801883.081:2128): avc:  denied  { setopt } for  pid=21669 comm="syz.0.4062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1964.181799][   T30] audit: type=1400 audit(1768801883.121:2129): avc:  denied  { read write } for  pid=21669 comm="syz.0.4062" name="rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 1964.206611][ T6427] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1964.206656][ T6427] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1964.206678][ T6427] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1964.515493][   T30] audit: type=1400 audit(1768801883.121:2130): avc:  denied  { open } for  pid=21669 comm="syz.0.4062" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 1964.805445][   T30] audit: type=1400 audit(1768801883.131:2131): avc:  denied  { sqpoll } for  pid=21669 comm="syz.0.4062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1964.819194][ T6427] usb 6-1: GET_CAPABILITIES returned 0
[ 1964.887075][ T6427] usbtmc 6-1:16.0: can't read capabilities
[ 1965.065633][ T6427] usb 6-1: USB disconnect, device number 19
[ 1965.126530][   T30] audit: type=1400 audit(1768801883.301:2132): avc:  denied  { lock } for  pid=21673 comm="syz.1.4063" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1965.966543][   T30] audit: type=1400 audit(1768801883.301:2133): avc:  denied  { map } for  pid=21673 comm="syz.1.4063" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1965.989775][   T30] audit: type=1400 audit(1768801883.301:2134): avc:  denied  { execute } for  pid=21673 comm="syz.1.4063" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1965.997059][T21688] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1966.033751][   T30] audit: type=1400 audit(1768801884.071:2135): avc:  denied  { create } for  pid=21683 comm="syz.0.4066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1966.038058][T21688] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1966.160208][   T30] audit: type=1400 audit(1768801885.021:2136): avc:  denied  { ioctl } for  pid=21687 comm="syz.5.4068" path="socket:[66216]" dev="sockfs" ino=66216 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1966.200686][T21688] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=21688 comm=syz.5.4068
[ 1967.058350][T21709] IPVS: Error during creation of socket; terminating
[ 1967.351733][T21718] Bluetooth: MGMT ver 1.23
[ 1969.034036][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1969.034052][   T30] audit: type=1400 audit(1768801888.061:2148): avc:  denied  { ioctl } for  pid=21735 comm="syz.5.4084" path="mnt:[4026532831]" dev="nsfs" ino=4026532831 ioctlcmd=0xf50c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1969.292446][   T30] audit: type=1400 audit(1768801888.101:2149): avc:  denied  { read } for  pid=21735 comm="syz.5.4084" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1969.315358][   T30] audit: type=1400 audit(1768801888.101:2150): avc:  denied  { open } for  pid=21735 comm="syz.5.4084" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1969.480714][ T5826] Bluetooth: hci3: command 0x0406 tx timeout
[ 1969.843364][   T30] audit: type=1400 audit(1768801888.101:2151): avc:  denied  { prog_load } for  pid=21735 comm="syz.5.4084" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1969.862581][   T30] audit: type=1400 audit(1768801888.141:2152): avc:  denied  { create } for  pid=21741 comm="syz.4.4085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1970.230570][   T30] audit: type=1400 audit(1768801888.141:2153): avc:  denied  { bpf } for  pid=21741 comm="syz.4.4085" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1970.289435][   T30] audit: type=1400 audit(1768801888.141:2154): avc:  denied  { perfmon } for  pid=21741 comm="syz.4.4085" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1970.388422][   T30] audit: type=1400 audit(1768801888.141:2155): avc:  denied  { execmem } for  pid=21741 comm="syz.4.4085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1970.597464][   T30] audit: type=1400 audit(1768801888.241:2156): avc:  denied  { write } for  pid=21741 comm="syz.4.4085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1971.132131][   T30] audit: type=1400 audit(1768801888.481:2157): avc:  denied  { create } for  pid=21743 comm="syz.5.4086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1972.191254][T21785] block device autoloading is deprecated and will be removed.
[ 1972.621559][T21792] atomic_op ffff888033ee1998 conn xmit_atomic 0000000000000000
[ 1974.374450][   T30] kauditd_printk_skb: 54 callbacks suppressed
[ 1975.016608][   T30] audit: type=1400 audit(1768801893.361:2212): avc:  denied  { create } for  pid=21798 comm="syz.4.4100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1975.150785][   T30] audit: type=1400 audit(1768801893.371:2213): avc:  denied  { ioctl } for  pid=21798 comm="syz.4.4100" path="socket:[67503]" dev="sockfs" ino=67503 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1975.303627][T21819] sd 0:0:1:0: PR command failed: 1026
[ 1975.312924][T21819] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1975.340000][   T30] audit: type=1400 audit(1768801894.141:2214): avc:  denied  { read write } for  pid=21816 comm="syz.1.4106" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1975.370793][T21819] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1975.800418][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1975.806793][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1976.036790][T21824] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4103'.
[ 1976.046165][T21824] netlink: 5528 bytes leftover after parsing attributes in process `syz.0.4103'.
[ 1976.301944][   T30] audit: type=1400 audit(1768801894.141:2215): avc:  denied  { open } for  pid=21816 comm="syz.1.4106" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1976.510594][   T30] audit: type=1400 audit(1768801894.141:2216): avc:  denied  { mounton } for  pid=21816 comm="syz.1.4106" path="/211/file0" dev="tmpfs" ino=1210 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1976.510637][   T30] audit: type=1400 audit(1768801894.151:2217): avc:  denied  { mount } for  pid=21816 comm="syz.1.4106" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1976.510671][   T30] audit: type=1400 audit(1768801894.221:2218): avc:  denied  { read } for  pid=21816 comm="syz.1.4106" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1976.510711][   T30] audit: type=1400 audit(1768801894.231:2219): avc:  denied  { open } for  pid=21816 comm="syz.1.4106" path="/211/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1976.510746][   T30] audit: type=1400 audit(1768801894.261:2220): avc:  denied  { create } for  pid=21813 comm="syz.0.4103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1976.510779][   T30] audit: type=1400 audit(1768801894.271:2221): avc:  denied  { setopt } for  pid=21813 comm="syz.0.4103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1976.868281][ T5924] kernel write not supported for file /dsp1 (pid: 5924 comm: kworker/1:6)
[ 1977.010886][T21836] blktrace: Concurrent blktraces are not allowed on loop12
[ 1977.598685][T21822] Bluetooth: hci2: unexpected event for opcode 0x203b
[ 1978.392906][T21845] smc: net device bond0 applied user defined pnetid SYZ2
[ 1978.491587][T21848] netlink: 35 bytes leftover after parsing attributes in process `syz.0.4113'.
[ 1980.007823][   T30] kauditd_printk_skb: 26 callbacks suppressed
[ 1980.007837][   T30] audit: type=1400 audit(1768801899.031:2248): avc:  denied  { watch_mount watch_reads } for  pid=21867 comm="syz.4.4121" path="/211" dev="tmpfs" ino=1157 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1980.139655][   T30] audit: type=1400 audit(1768801899.161:2249): avc:  denied  { mount } for  pid=21874 comm="syz.6.4123" name="/" dev="autofs" ino=68726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[ 1981.135736][   T30] audit: type=1400 audit(1768801899.721:2250): avc:  denied  { mount } for  pid=21873 comm="syz.5.4124" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1981.191637][T18605] usb 5-1: new full-speed USB device number 47 using dummy_hcd
[ 1981.234955][   T30] audit: type=1400 audit(1768801899.741:2251): avc:  denied  { write } for  pid=21873 comm="syz.5.4124" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1981.408702][T18605] usb 5-1: config 0 has an invalid interface number: 128 but max is 0
[ 1981.478572][T18605] usb 5-1: config 0 has no interface number 0
[ 1981.484809][   T30] audit: type=1400 audit(1768801900.191:2252): avc:  denied  { unmount } for  pid=18059 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[ 1981.513677][T18605] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1981.523542][T18605] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1981.533867][T18605] usb 5-1: Product: syz
[ 1981.538024][T18605] usb 5-1: Manufacturer: syz
[ 1981.549615][   T30] audit: type=1400 audit(1768801900.201:2253): avc:  denied  { unmount } for  pid=20485 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1981.569839][T18605] usb 5-1: SerialNumber: syz
[ 1981.594038][T18605] usb 5-1: config 0 descriptor??
[ 1981.655461][T21892] mac80211_hwsim hwsim23 
4

: renamed from wlan1 (while UP)
[ 1981.671923][T21892] netlink: 'syz.6.4129': attribute type 10 has an invalid length.
[ 1981.679786][T21892] netlink: 55 bytes leftover after parsing attributes in process `syz.6.4129'.
[ 1981.699985][   T30] audit: type=1400 audit(1768801900.691:2254): avc:  denied  { bind } for  pid=21890 comm="syz.6.4129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1981.722241][   T30] audit: type=1400 audit(1768801900.691:2255): avc:  denied  { write } for  pid=21890 comm="syz.6.4129" path="socket:[67664]" dev="sockfs" ino=67664 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1982.022696][T18605] usb 5-1: Firmware version (0.0) predates our first public release.
[ 1982.040619][T18605] usb 5-1: Please update to version 0.2 or newer
[ 1982.056056][T18605] usb 5-1: Firmware: build 
[ 1982.282606][T18605] usb 5-1: USB disconnect, device number 47
[ 1982.465619][   T30] audit: type=1400 audit(1768801901.491:2256): avc:  denied  { bind } for  pid=21902 comm="syz.6.4132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1982.578211][T21905] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1982.586731][T21905] team0: Port device batadv1 added
[ 1983.068417][   T30] audit: type=1400 audit(1768801901.601:2257): avc:  denied  { ioctl } for  pid=21896 comm="syz.0.4130" path="socket:[68825]" dev="sockfs" ino=68825 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1983.101172][T21910] blktrace: Concurrent blktraces are not allowed on loop10
[ 1983.451179][T21919] FAULT_INJECTION: forcing a failure.
[ 1983.451179][T21919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1983.488800][T21919] CPU: 1 UID: 0 PID: 21919 Comm: syz.1.4135 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1983.488820][T21919] Tainted: [L]=SOFTLOCKUP
[ 1983.488823][T21919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1983.488829][T21919] Call Trace:
[ 1983.488833][T21919]  <TASK>
[ 1983.488837][T21919]  dump_stack_lvl+0x16c/0x1f0
[ 1983.488856][T21919]  should_fail_ex+0x512/0x640
[ 1983.488867][T21919]  _copy_to_user+0x32/0xd0
[ 1983.488885][T21919]  video_usercopy+0xf43/0x16c0
[ 1983.488900][T21919]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1983.488913][T21919]  ? selinux_kernel_read_file+0x60/0x120
[ 1983.488928][T21919]  ? __pfx_video_usercopy+0x10/0x10
[ 1983.488949][T21919]  v4l2_ioctl+0x1bd/0x250
[ 1983.488961][T21919]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1983.488974][T21919]  __x64_sys_ioctl+0x18e/0x210
[ 1983.488988][T21919]  do_syscall_64+0xcd/0xf80
[ 1983.489004][T21919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1983.489015][T21919] RIP: 0033:0x7f0dce78f749
[ 1983.489023][T21919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1983.489034][T21919] RSP: 002b:00007f0dcf545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1983.489044][T21919] RAX: ffffffffffffffda RBX: 00007f0dce9e5fa0 RCX: 00007f0dce78f749
[ 1983.489050][T21919] RDX: 0000200000000100 RSI: 00000000c008561c RDI: 0000000000000003
[ 1983.489057][T21919] RBP: 00007f0dcf545090 R08: 0000000000000000 R09: 0000000000000000
[ 1983.489064][T21919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1983.489070][T21919] R13: 00007f0dce9e6038 R14: 00007f0dce9e5fa0 R15: 00007ffed6153878
[ 1983.489083][T21919]  </TASK>
[ 1983.900683][T21922] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21922 comm=syz.5.4136
[ 1983.916031][T18605] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[ 1984.050642][T18605] usb 5-1: device descriptor read/64, error -71
[ 1984.290826][T18605] usb 5-1: new full-speed USB device number 49 using dummy_hcd
[ 1985.206131][   T30] kauditd_printk_skb: 15 callbacks suppressed
[ 1985.206147][   T30] audit: type=1400 audit(1768801904.231:2273): avc:  denied  { block_suspend } for  pid=21933 comm="syz.0.4141" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1985.247142][   T30] audit: type=1400 audit(1768801904.271:2274): avc:  denied  { sqpoll } for  pid=21940 comm="syz.6.4143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1985.290583][T18605] usb 5-1: device descriptor read/64, error -71
[ 1985.319623][   T30] audit: type=1400 audit(1768801904.301:2275): avc:  denied  { read } for  pid=21940 comm="syz.6.4143" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1985.526661][T18605] usb usb5-port1: attempt power cycle
[ 1985.620861][   T30] audit: type=1400 audit(1768801904.301:2276): avc:  denied  { open } for  pid=21940 comm="syz.6.4143" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1985.699572][   T30] audit: type=1400 audit(1768801904.301:2277): avc:  denied  { ioctl } for  pid=21940 comm="syz.6.4143" path="/dev/nvram" dev="devtmpfs" ino=623 ioctlcmd=0x7040 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1985.900615][T18605] usb 5-1: new full-speed USB device number 50 using dummy_hcd
[ 1985.921080][T18605] usb 5-1: device descriptor read/8, error -71
[ 1985.949907][   T30] audit: type=1400 audit(1768801904.301:2278): avc:  denied  { create } for  pid=21939 comm="syz.5.4144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1986.564464][T18605] usb 5-1: new full-speed USB device number 51 using dummy_hcd
[ 1986.605098][T18605] usb 5-1: device descriptor read/8, error -71
[ 1986.717803][ T5826] Bluetooth: hci2: unexpected event for opcode 0x200c
[ 1986.726494][T18605] usb usb5-port1: unable to enumerate USB device
[ 1986.862531][T21958] blktrace: Concurrent blktraces are not allowed on loop8
[ 1986.966052][T21961] 9p: Bad value for 'rfdno'
[ 1987.770188][   T30] audit: type=1400 audit(1768801906.441:2279): avc:  denied  { create } for  pid=21962 comm="syz.0.4148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1988.375589][   T30] audit: type=1400 audit(1768801906.441:2280): avc:  denied  { connect } for  pid=21962 comm="syz.0.4148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1988.519266][   T30] audit: type=1400 audit(1768801907.541:2281): avc:  denied  { create } for  pid=21971 comm="syz.6.4151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1988.545713][   T30] audit: type=1400 audit(1768801907.541:2282): avc:  denied  { read } for  pid=21971 comm="syz.6.4151" name="vhost-vsock" dev="devtmpfs" ino=1275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1988.549767][T21972] 9p: Bad value for 'rfdno'
[ 1990.625950][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1990.625967][   T30] audit: type=1400 audit(1768801909.441:2285): avc:  denied  { mount } for  pid=21988 comm="syz.6.4158" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1990.829597][   T30] audit: type=1400 audit(1768801909.851:2286): avc:  denied  { append } for  pid=21998 comm="syz.5.4160" name="video4" dev="devtmpfs" ino=936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1990.867666][T22003] netlink: 'syz.5.4160': attribute type 1 has an invalid length.
[ 1990.883179][   T30] audit: type=1400 audit(1768801909.891:2287): avc:  denied  { map } for  pid=21998 comm="syz.5.4160" path="/dev/video4" dev="devtmpfs" ino=936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1990.979126][   T30] audit: type=1400 audit(1768801909.891:2288): avc:  denied  { ioctl } for  pid=21999 comm="syz.6.4161" path="socket:[69155]" dev="sockfs" ino=69155 ioctlcmd=0x943c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1991.505017][T22024] blktrace: Concurrent blktraces are not allowed on loop12
[ 1991.920256][   T30] audit: type=1400 audit(1768801910.941:2289): avc:  denied  { getopt } for  pid=22028 comm="syz.5.4168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1992.003804][T22037] block device autoloading is deprecated and will be removed.
[ 1992.962984][   T30] audit: type=1400 audit(1768801911.981:2290): avc:  denied  { append } for  pid=22043 comm="syz.5.4172" name="comedi3" dev="devtmpfs" ino=1279 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1992.987568][T22045] comedi comedi3: pcl724: I/O port conflict (0xcf7,4)
[ 1993.002333][T22046] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1993.086558][   T30] audit: type=1400 audit(1768801912.111:2291): avc:  denied  { lock } for  pid=22048 comm="syz.4.4174" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1993.115653][T22050] overlay: Unknown parameter '#-['
[ 1993.203963][T22050] blk_print_req_error: 55 callbacks suppressed
[ 1993.203974][T22050] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.219584][T22050] buffer_io_error: 54 callbacks suppressed
[ 1993.219592][T22050] Buffer I/O error on dev nbd4, logical block 0, async page read
[ 1993.233154][T22050] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.242603][T22050] Buffer I/O error on dev nbd4, logical block 1, async page read
[ 1993.250352][T22050] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.259856][T22050] Buffer I/O error on dev nbd4, logical block 2, async page read
[ 1993.267618][T22050] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.277067][T22050] Buffer I/O error on dev nbd4, logical block 3, async page read
[ 1993.286770][T22050] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.296232][T22050] Buffer I/O error on dev nbd4, logical block 0, async page read
[ 1993.304020][T22050] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.313492][T22050] Buffer I/O error on dev nbd4, logical block 1, async page read
[ 1993.321251][T22050] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.330707][T22050] Buffer I/O error on dev nbd4, logical block 2, async page read
[ 1993.338440][T22050] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.347888][T22050] Buffer I/O error on dev nbd4, logical block 3, async page read
[ 1993.355659][T22050] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.365110][T22050] Buffer I/O error on dev nbd4, logical block 0, async page read
[ 1993.372863][T22050] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1
[ 1993.382332][T22050] Buffer I/O error on dev nbd4, logical block 1, async page read
[ 1993.391556][T22050] ldm_validate_partition_table(): Disk read failed.
[ 1993.398380][T22050] Dev nbd4: unable to read RDB block 0
[ 1993.404858][T22050]  nbd4: unable to read partition table
[ 1993.410568][T22050] FAT-fs (nbd4): unable to read boot sector
[ 1993.437475][   T30] audit: type=1400 audit(1768801912.141:2292): avc:  denied  { mounton } for  pid=22048 comm="syz.4.4174" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 1993.557085][   T30] audit: type=1400 audit(1768801912.571:2293): avc:  denied  { write } for  pid=22047 comm="syz.5.4175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1994.473229][   T30] audit: type=1400 audit(1768801913.501:2294): avc:  denied  { setopt } for  pid=22063 comm="syz.6.4179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1994.672747][T22064] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1995.724032][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1995.724048][   T30] audit: type=1400 audit(1768801914.751:2297): avc:  denied  { read } for  pid=22087 comm="syz.5.4187" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1995.811118][T22088] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[ 1995.834365][   T30] audit: type=1400 audit(1768801914.751:2298): avc:  denied  { open } for  pid=22087 comm="syz.5.4187" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1995.870287][T22088] audit: out of memory in audit_log_start
[ 1996.270038][T22098] Bluetooth: MGMT ver 1.23
[ 1996.289602][   T30] audit: type=1400 audit(1768801915.311:2299): avc:  denied  { create } for  pid=22094 comm="syz.6.4188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1997.030993][   T30] audit: type=1400 audit(1768801915.341:2300): avc:  denied  { write } for  pid=22094 comm="syz.6.4188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1997.051143][   T30] audit: type=1400 audit(1768801916.061:2301): avc:  denied  { create } for  pid=22096 comm="syz.0.4189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1997.182887][   T30] audit: type=1400 audit(1768801916.161:2302): avc:  denied  { write } for  pid=22096 comm="syz.0.4189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1997.521023][T22110] FAULT_INJECTION: forcing a failure.
[ 1997.521023][T22110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1997.534314][T22110] CPU: 1 UID: 0 PID: 22110 Comm: syz.4.4191 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1997.534341][T22110] Tainted: [L]=SOFTLOCKUP
[ 1997.534347][T22110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1997.534357][T22110] Call Trace:
[ 1997.534363][T22110]  <TASK>
[ 1997.534370][T22110]  dump_stack_lvl+0x16c/0x1f0
[ 1997.534398][T22110]  should_fail_ex+0x512/0x640
[ 1997.534418][T22110]  _copy_from_user+0x2e/0xd0
[ 1997.534445][T22110]  core_sys_select+0x2c8/0xc20
[ 1997.534475][T22110]  ? tctx_task_work+0x84/0xd0
[ 1997.534492][T22110]  ? __pfx_core_sys_select+0x10/0x10
[ 1997.534514][T22110]  ? rcu_is_watching+0x12/0xc0
[ 1997.534535][T22110]  ? task_work_run+0x1e1/0x240
[ 1997.534576][T22110]  ? set_user_sigmask+0x21b/0x2b0
[ 1997.534599][T22110]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1997.534627][T22110]  do_pselect.constprop.0+0x19f/0x1e0
[ 1997.534652][T22110]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[ 1997.534676][T22110]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1997.534709][T22110]  __x64_sys_pselect6+0x182/0x240
[ 1997.534733][T22110]  ? __pfx___x64_sys_pselect6+0x10/0x10
[ 1997.534764][T22110]  do_syscall_64+0xcd/0xf80
[ 1997.534791][T22110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1997.534807][T22110] RIP: 0033:0x7f8f8a18f749
[ 1997.534821][T22110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1997.534838][T22110] RSP: 002b:00007f8f8afb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1997.534854][T22110] RAX: ffffffffffffffda RBX: 00007f8f8a3e6090 RCX: 00007f8f8a18f749
[ 1997.534865][T22110] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1997.534876][T22110] RBP: 00007f8f8afb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1997.534885][T22110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1997.534895][T22110] R13: 00007f8f8a3e6128 R14: 00007f8f8a3e6090 R15: 00007ffe74351318
[ 1997.534919][T22110]  </TASK>
[ 1998.023978][T22114] FAULT_INJECTION: forcing a failure.
[ 1998.023978][T22114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1998.065793][T22114] CPU: 1 UID: 0 PID: 22114 Comm: syz.1.4193 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1998.065823][T22114] Tainted: [L]=SOFTLOCKUP
[ 1998.065829][T22114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1998.065839][T22114] Call Trace:
[ 1998.065845][T22114]  <TASK>
[ 1998.065854][T22114]  dump_stack_lvl+0x16c/0x1f0
[ 1998.065882][T22114]  should_fail_ex+0x512/0x640
[ 1998.065903][T22114]  _copy_from_iter+0x2a4/0x16c0
[ 1998.065933][T22114]  ? __alloc_skb+0x220/0x410
[ 1998.065949][T22114]  ? __alloc_skb+0x35d/0x410
[ 1998.065964][T22114]  ? __pfx__copy_from_iter+0x10/0x10
[ 1998.066002][T22114]  netlink_sendmsg+0x820/0xdd0
[ 1998.066031][T22114]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1998.066062][T22114]  ____sys_sendmsg+0xa5d/0xc30
[ 1998.066087][T22114]  ? copy_msghdr_from_user+0x10a/0x160
[ 1998.066107][T22114]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1998.066146][T22114]  ___sys_sendmsg+0x134/0x1d0
[ 1998.066168][T22114]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1998.066219][T22114]  __sys_sendmsg+0x16d/0x220
[ 1998.066239][T22114]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1998.066275][T22114]  do_syscall_64+0xcd/0xf80
[ 1998.066302][T22114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1998.066319][T22114] RIP: 0033:0x7f0dce78f749
[ 1998.066334][T22114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1998.066350][T22114] RSP: 002b:00007f0dcf545038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1998.066367][T22114] RAX: ffffffffffffffda RBX: 00007f0dce9e5fa0 RCX: 00007f0dce78f749
[ 1998.066379][T22114] RDX: 0000000000004080 RSI: 0000200000000040 RDI: 0000000000000003
[ 1998.066389][T22114] RBP: 00007f0dcf545090 R08: 0000000000000000 R09: 0000000000000000
[ 1998.066399][T22114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1998.066409][T22114] R13: 00007f0dce9e6038 R14: 00007f0dce9e5fa0 R15: 00007ffed6153878
[ 1998.066434][T22114]  </TASK>
[ 1998.721329][   T30] audit: type=1400 audit(1768801917.751:2303): avc:  denied  { read write } for  pid=22123 comm="syz.4.4199" name="rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 1998.749514][   T30] audit: type=1400 audit(1768801917.771:2304): avc:  denied  { open } for  pid=22123 comm="syz.4.4199" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 1999.270895][ T6249] usb 2-1: new full-speed USB device number 41 using dummy_hcd
[ 1999.432074][ T6249] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1999.520782][ T6249] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1999.580557][ T6249] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1999.587194][ T6249] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 1999.625423][ T6249] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1999.676359][ T6249] usb 2-1: config 0 descriptor??
[ 1999.726240][T22141] input: syz1 as /devices/virtual/input/input125
[ 1999.790650][ T6427] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 1999.950655][ T6427] usb 1-1: device descriptor read/64, error -71
[ 2000.109405][ T6249] hid-steam 0003:28DE:1102.0025: unknown main item tag 0x0
[ 2000.129653][ T6249] hid-steam 0003:28DE:1102.0025: unknown main item tag 0x0
[ 2000.155121][ T6249] hid-steam 0003:28DE:1102.0025: item fetching failed at offset 2/5
[ 2000.175104][ T6249] hid-steam 0003:28DE:1102.0025: steam_probe:parse of hid interface failed
[ 2000.190576][ T6427] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[ 2000.198318][ T6249] hid-steam 0003:28DE:1102.0025: probe with driver hid-steam failed with error -22
[ 2000.350569][ T6427] usb 1-1: device descriptor read/64, error -71
[ 2000.474739][ T6427] usb usb1-port1: attempt power cycle
[ 2000.821573][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 2000.821603][   T30] audit: type=1400 audit(1768801919.781:2314): avc:  denied  { map } for  pid=22150 comm="syz.5.4206" path="/dev/comedi4" dev="devtmpfs" ino=1280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2001.133404][   T30] audit: type=1400 audit(1768801919.781:2315): avc:  denied  { execute } for  pid=22150 comm="syz.5.4206" path="/dev/comedi4" dev="devtmpfs" ino=1280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2001.160897][ T6427] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[ 2001.240963][ T6427] usb 1-1: device descriptor read/8, error -71
[ 2001.452880][ T9713] usb 2-1: USB disconnect, device number 41
[ 2001.545864][ T6427] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[ 2001.601012][ T6427] usb 1-1: device descriptor read/8, error -71
[ 2001.646008][T22163] netlink: 1020 bytes leftover after parsing attributes in process `syz.5.4210'.
[ 2001.751058][ T6427] usb usb1-port1: unable to enumerate USB device
[ 2001.896725][T22166] FAULT_INJECTION: forcing a failure.
[ 2001.896725][T22166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2001.911292][T22166] CPU: 0 UID: 0 PID: 22166 Comm: syz.4.4211 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2001.911321][T22166] Tainted: [L]=SOFTLOCKUP
[ 2001.911327][T22166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2001.911336][T22166] Call Trace:
[ 2001.911342][T22166]  <TASK>
[ 2001.911349][T22166]  dump_stack_lvl+0x16c/0x1f0
[ 2001.911377][T22166]  should_fail_ex+0x512/0x640
[ 2001.911397][T22166]  _copy_from_user+0x2e/0xd0
[ 2001.911424][T22166]  video_usercopy+0xee2/0x16c0
[ 2001.911448][T22166]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2001.911468][T22166]  ? selinux_kernel_read_file+0x60/0x120
[ 2001.911492][T22166]  ? __pfx_video_usercopy+0x10/0x10
[ 2001.911530][T22166]  v4l2_ioctl+0x1bd/0x250
[ 2001.911549][T22166]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 2001.911571][T22166]  __x64_sys_ioctl+0x18e/0x210
[ 2001.911594][T22166]  do_syscall_64+0xcd/0xf80
[ 2001.911619][T22166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2001.911636][T22166] RIP: 0033:0x7f8f8a18f749
[ 2001.911650][T22166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2001.911665][T22166] RSP: 002b:00007f8f8afd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2001.911681][T22166] RAX: ffffffffffffffda RBX: 00007f8f8a3e5fa0 RCX: 00007f8f8a18f749
[ 2001.911691][T22166] RDX: 0000200000000480 RSI: 00000000c100565c RDI: 0000000000000003
[ 2001.911702][T22166] RBP: 00007f8f8afd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2001.911711][T22166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2001.911720][T22166] R13: 00007f8f8a3e6038 R14: 00007f8f8a3e5fa0 R15: 00007ffe74351318
[ 2001.911745][T22166]  </TASK>
[ 2002.126592][   T30] audit: type=1400 audit(1768801921.151:2316): avc:  denied  { ioctl } for  pid=22167 comm="syz.5.4212" path="socket:[68326]" dev="sockfs" ino=68326 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2002.230633][ T6249] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 2002.390986][ T6249] usb 7-1: Using ep0 maxpacket: 32
[ 2002.405709][ T6249] usb 7-1: config 0 has an invalid interface number: 132 but max is 0
[ 2002.424687][ T6249] usb 7-1: config 0 has no interface number 0
[ 2002.443644][ T6249] usb 7-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2002.472486][ T6249] usb 7-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 2002.504481][ T6249] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2002.542566][ T6249] usb 7-1: Product: syz
[ 2002.554920][   T30] audit: type=1400 audit(1768801921.561:2317): avc:  denied  { unlink } for  pid=22175 comm="syz.5.4215" name="#60" dev="tmpfs" ino=521 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 2002.596798][ T6249] usb 7-1: Manufacturer: syz
[ 2002.664064][ T6249] usb 7-1: SerialNumber: syz
[ 2002.785207][ T6249] usb 7-1: config 0 descriptor??
[ 2002.795433][   T30] audit: type=1400 audit(1768801921.581:2318): avc:  denied  { mount } for  pid=22175 comm="syz.5.4215" name="/" dev="overlay" ino=516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 2002.904417][ T6249] em28xx 7-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 2003.034041][ T6249] em28xx 7-1:0.132: Video interface 132 found:
[ 2003.675946][T22191] FAULT_INJECTION: forcing a failure.
[ 2003.675946][T22191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2003.704693][T22191] CPU: 0 UID: 0 PID: 22191 Comm: syz.1.4220 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2003.704711][T22191] Tainted: [L]=SOFTLOCKUP
[ 2003.704716][T22191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2003.704722][T22191] Call Trace:
[ 2003.704726][T22191]  <TASK>
[ 2003.704730][T22191]  dump_stack_lvl+0x16c/0x1f0
[ 2003.704749][T22191]  should_fail_ex+0x512/0x640
[ 2003.704761][T22191]  _copy_from_user+0x2e/0xd0
[ 2003.704778][T22191]  do_procmap_query+0x202/0x1080
[ 2003.704795][T22191]  ? __pfx_do_procmap_query+0x10/0x10
[ 2003.704809][T22191]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2003.704823][T22191]  ? do_vfs_ioctl+0x128/0x14f0
[ 2003.704837][T22191]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2003.704861][T22191]  ? selinux_file_ioctl+0x180/0x270
[ 2003.704875][T22191]  ? selinux_file_ioctl+0xb4/0x270
[ 2003.704890][T22191]  procfs_procmap_ioctl+0x9d/0xe0
[ 2003.704902][T22191]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[ 2003.704915][T22191]  __x64_sys_ioctl+0x18e/0x210
[ 2003.704928][T22191]  do_syscall_64+0xcd/0xf80
[ 2003.704944][T22191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2003.704954][T22191] RIP: 0033:0x7f0dce78f749
[ 2003.704963][T22191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2003.704973][T22191] RSP: 002b:00007f0dcf545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2003.704984][T22191] RAX: ffffffffffffffda RBX: 00007f0dce9e5fa0 RCX: 00007f0dce78f749
[ 2003.704990][T22191] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000004
[ 2003.704996][T22191] RBP: 00007f0dcf545090 R08: 0000000000000000 R09: 0000000000000000
[ 2003.705002][T22191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2003.705007][T22191] R13: 00007f0dce9e6038 R14: 00007f0dce9e5fa0 R15: 00007ffed6153878
[ 2003.705022][T22191]  </TASK>
[ 2003.912091][   T30] audit: type=1400 audit(1768801922.931:2319): avc:  denied  { unmount } for  pid=20485 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 2004.083714][T17767] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[ 2004.614019][T22201] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4224'.
[ 2004.614164][T22201] openvswitch: netlink: Message has 264 unknown bytes.
[ 2004.960878][ T6249] em28xx 7-1:0.132: unknown em28xx chip ID (0)
[ 2004.970721][T17767] usb 1-1: Using ep0 maxpacket: 8
[ 2004.972382][T17767] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2004.972425][T17767] usb 1-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[ 2004.972447][T17767] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2004.974418][T17767] usb 1-1: config 0 descriptor??
[ 2004.977146][T17767] uvcvideo 1-1:0.0: Found UVC 0.00 device <unnamed> (2833:0201)
[ 2004.977173][T17767] uvcvideo 1-1:0.0: No valid video chain found.
[ 2005.034507][ T6249] em28xx 7-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[ 2005.034590][ T6249] em28xx 7-1:0.132: board has no eeprom
[ 2005.090801][ T6249] em28xx 7-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 2005.090820][ T6249] em28xx 7-1:0.132: analog set to bulk mode.
[ 2005.090999][T17767] em28xx 7-1:0.132: Registering V4L2 extension
[ 2005.122305][T17593] usb 7-1: USB disconnect, device number 13
[ 2005.123270][T17593] em28xx 7-1:0.132: Disconnecting em28xx
[ 2005.659899][   T30] audit: type=1400 audit(1768801924.691:2320): avc:  denied  { setopt } for  pid=22189 comm="syz.0.4221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2005.660377][   T30] audit: type=1400 audit(1768801924.691:2321): avc:  denied  { shutdown } for  pid=22189 comm="syz.0.4221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2005.661807][   T30] audit: type=1400 audit(1768801924.691:2322): avc:  denied  { setopt } for  pid=22189 comm="syz.0.4221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 2005.828892][T22213] 9p: Bad value for 'rfdno'
[ 2005.935460][   T30] audit: type=1400 audit(1768801924.881:2323): avc:  denied  { connect } for  pid=22189 comm="syz.0.4221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2006.002557][T17767] em28xx 7-1:0.132: Config register raw data: 0xffffffed
[ 2006.002606][T17767] em28xx 7-1:0.132: AC97 chip type couldn't be determined
[ 2006.002619][T17767] em28xx 7-1:0.132: No AC97 audio processor
[ 2006.007098][T17767] usb 7-1: Decoder not found
[ 2006.007113][T17767] em28xx 7-1:0.132: failed to create media graph
[ 2006.007137][T17767] em28xx 7-1:0.132: V4L2 device video103 deregistered
[ 2006.012741][T17767] em28xx 7-1:0.132: Remote control support is not available for this card.
[ 2006.012875][T17593] em28xx 7-1:0.132: Closing input extension
[ 2006.023920][T17593] em28xx 7-1:0.132: Freeing device
[ 2006.167624][T22217] overlayfs: missing 'workdir'
[ 2006.378777][   T30] audit: type=1400 audit(1768801925.401:2324): avc:  denied  { bind } for  pid=22218 comm="syz.6.4228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 2007.223436][T17767] usb 1-1: USB disconnect, device number 49
[ 2007.231174][   T30] audit: type=1400 audit(1768801925.421:2325): avc:  denied  { connect } for  pid=22218 comm="syz.6.4228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 2007.273325][   T30] audit: type=1400 audit(1768801925.421:2326): avc:  denied  { write } for  pid=22218 comm="syz.6.4228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 2007.764830][   T30] audit: type=1400 audit(1768801926.791:2327): avc:  denied  { write } for  pid=22239 comm="syz.0.4234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2008.085483][   T30] audit: type=1400 audit(1768801926.911:2328): avc:  denied  { map } for  pid=22239 comm="syz.0.4234" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 2008.210574][   T30] audit: type=1400 audit(1768801926.911:2329): avc:  denied  { execute } for  pid=22239 comm="syz.0.4234" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 2008.288381][   T30] audit: type=1400 audit(1768801927.221:2330): avc:  denied  { create } for  pid=22231 comm="syz.6.4232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[ 2008.390345][   T30] audit: type=1400 audit(1768801927.391:2331): avc:  denied  { write } for  pid=22244 comm="syz.0.4235" name="001" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2008.472695][T22248] Invalid source name
[ 2008.477542][T22248] UBIFS error (pid: 22248): cannot open "/dev/sg0", error -22
[ 2009.339635][T17767] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 2009.470575][ T9713] usb 2-1: new full-speed USB device number 42 using dummy_hcd
[ 2009.526764][   T30] audit: type=1400 audit(1768801928.551:2332): avc:  denied  { nlmsg_write } for  pid=22254 comm="syz.5.4238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2009.526798][T22255] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4238'.
[ 2009.550601][T17767] usb 7-1: Using ep0 maxpacket: 16
[ 2009.618995][T17767] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2009.643141][T22257] blktrace: Concurrent blktraces are not allowed on loop8
[ 2009.663427][T17767] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2009.677396][ T9713] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2009.703497][ T9713] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 2009.720150][T17767] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 2009.737273][ T9713] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 13155, setting to 64
[ 2009.755329][ T9713] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 2009.761221][T17767] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 2010.006568][T17767] usb 7-1: Product: syz
[ 2010.018503][ T9713] usb 2-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[ 2010.034934][T17767] usb 7-1: SerialNumber: syz
[ 2010.056256][ T9713] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2010.135921][T17767] usb 7-1: config 0 descriptor??
[ 2010.162183][ T9713] usb 2-1: Product: syz
[ 2010.187876][ T9713] usb 2-1: Manufacturer: syz
[ 2010.194624][T22261] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 2010.222104][ T9713] usb 2-1: SerialNumber: syz
[ 2010.241902][T22261] block device autoloading is deprecated and will be removed.
[ 2010.252640][ T9713] usb 2-1: config 0 descriptor??
[ 2010.258081][T22247] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 2010.384252][ T9713] rc_core: IR keymap rc-imon-rsc not found
[ 2010.419715][ T9713] Registered IR keymap rc-empty
[ 2010.441634][ T9713] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 2010.490708][ T9713] input: iMON Station as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input127
[ 2010.533087][ T9713] usb 2-1: USB disconnect, device number 42
[ 2010.683451][T22270] FAULT_INJECTION: forcing a failure.
[ 2010.683451][T22270] name failslab, interval 1, probability 0, space 0, times 0
[ 2010.697842][T22270] CPU: 1 UID: 0 PID: 22270 Comm: syz.4.4241 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2010.697868][T22270] Tainted: [L]=SOFTLOCKUP
[ 2010.697874][T22270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2010.697884][T22270] Call Trace:
[ 2010.697890][T22270]  <TASK>
[ 2010.697896][T22270]  dump_stack_lvl+0x16c/0x1f0
[ 2010.697925][T22270]  should_fail_ex+0x512/0x640
[ 2010.697940][T22270]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 2010.697960][T22270]  should_failslab+0xc2/0x120
[ 2010.697984][T22270]  __kmalloc_cache_noprof+0x80/0x800
[ 2010.698007][T22270]  ? snd_mixer_oss_get_volume1_vol.constprop.0.isra.0+0xdc/0x6b0
[ 2010.698039][T22270]  ? snd_mixer_oss_get_volume1_vol.constprop.0.isra.0+0xdc/0x6b0
[ 2010.698064][T22270]  snd_mixer_oss_get_volume1_vol.constprop.0.isra.0+0xdc/0x6b0
[ 2010.698089][T22270]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2010.698115][T22270]  snd_mixer_oss_get_volume1+0x236/0x610
[ 2010.698142][T22270]  snd_mixer_oss_ioctl1+0x28b/0x1e40
[ 2010.698161][T22270]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2010.698180][T22270]  ? __pfx_snd_mixer_oss_get_volume1+0x10/0x10
[ 2010.698206][T22270]  ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10
[ 2010.698225][T22270]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2010.698255][T22270]  ? hook_file_ioctl_common+0x144/0x410
[ 2010.698280][T22270]  ? selinux_file_ioctl+0x180/0x270
[ 2010.698308][T22270]  snd_mixer_oss_ioctl+0x3e/0x50
[ 2010.698327][T22270]  ? __pfx_snd_mixer_oss_ioctl+0x10/0x10
[ 2010.698348][T22270]  __x64_sys_ioctl+0x18e/0x210
[ 2010.698370][T22270]  do_syscall_64+0xcd/0xf80
[ 2010.698395][T22270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2010.698413][T22270] RIP: 0033:0x7f8f8a18f749
[ 2010.698427][T22270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2010.698443][T22270] RSP: 002b:00007f8f8afd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2010.698462][T22270] RAX: ffffffffffffffda RBX: 00007f8f8a3e5fa0 RCX: 00007f8f8a18f749
[ 2010.698472][T22270] RDX: 0000200000000000 RSI: 0000000080086303 RDI: 0000000000000003
[ 2010.698482][T22270] RBP: 00007f8f8afd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2010.698491][T22270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2010.698501][T22270] R13: 00007f8f8a3e6038 R14: 00007f8f8a3e5fa0 R15: 00007ffe74351318
[ 2010.698526][T22270]  </TASK>
[ 2011.187004][T22278] FAULT_INJECTION: forcing a failure.
[ 2011.187004][T22278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2011.233519][T22278] CPU: 0 UID: 0 PID: 22278 Comm: syz.1.4245 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2011.233547][T22278] Tainted: [L]=SOFTLOCKUP
[ 2011.233553][T22278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2011.233563][T22278] Call Trace:
[ 2011.233569][T22278]  <TASK>
[ 2011.233576][T22278]  dump_stack_lvl+0x16c/0x1f0
[ 2011.233604][T22278]  should_fail_ex+0x512/0x640
[ 2011.233624][T22278]  _copy_to_user+0x32/0xd0
[ 2011.233653][T22278]  simple_read_from_buffer+0xcb/0x170
[ 2011.233678][T22278]  proc_fail_nth_read+0x197/0x240
[ 2011.233698][T22278]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2011.233718][T22278]  ? rw_verify_area+0xcf/0x6c0
[ 2011.233742][T22278]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2011.233760][T22278]  vfs_read+0x1e4/0xcf0
[ 2011.233782][T22278]  ? __pfx___mutex_lock+0x10/0x10
[ 2011.233807][T22278]  ? __pfx_vfs_read+0x10/0x10
[ 2011.233835][T22278]  ? __fget_files+0x20e/0x3c0
[ 2011.233864][T22278]  ksys_read+0x12a/0x250
[ 2011.233880][T22278]  ? __pfx_ksys_read+0x10/0x10
[ 2011.233901][T22278]  do_syscall_64+0xcd/0xf80
[ 2011.233919][T22278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2011.233932][T22278] RIP: 0033:0x7f0dce78e15c
[ 2011.233944][T22278] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2011.233956][T22278] RSP: 002b:00007f0dcf545030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2011.233968][T22278] RAX: ffffffffffffffda RBX: 00007f0dce9e5fa0 RCX: 00007f0dce78e15c
[ 2011.233976][T22278] RDX: 000000000000000f RSI: 00007f0dcf5450a0 RDI: 0000000000000004
[ 2011.233985][T22278] RBP: 00007f0dcf545090 R08: 0000000000000000 R09: 0000000000000000
[ 2011.233992][T22278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2011.233999][T22278] R13: 00007f0dce9e6038 R14: 00007f0dce9e5fa0 R15: 00007ffed6153878
[ 2011.234017][T22278]  </TASK>
[ 2011.446135][T22280] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[ 2011.453010][T22280] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 2011.461530][T22280] vhci_hcd vhci_hcd.0: Device attached
[ 2011.472483][T22280] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(10)
[ 2011.479086][T22280] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 2011.486684][T22280] vhci_hcd vhci_hcd.0: Device attached
[ 2011.493895][T22280] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(12)
[ 2011.500490][T22280] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 2011.512990][T22280] vhci_hcd vhci_hcd.0: Device attached
[ 2011.520193][T22280] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(14)
[ 2011.526791][T22280] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 2011.540902][T17767] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 2011.550848][T22280] vhci_hcd vhci_hcd.0: Device attached
[ 2011.570225][T22283] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(17)
[ 2011.576799][T22283] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 2011.594970][T22283] vhci_hcd vhci_hcd.0: Device attached
[ 2011.615930][T22280] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 2011.641304][T22280] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 2011.670193][T22280] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 2011.718064][T17767] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 2011.720578][T16878] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[ 2011.727243][T17767] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2011.751315][T17767] usb 5-1: Product: syz
[ 2011.755704][T17767] usb 5-1: Manufacturer: syz
[ 2011.760343][T17767] usb 5-1: SerialNumber: syz
[ 2011.776432][T17767] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 2011.806678][T22292] vhci_hcd: connection closed
[ 2011.807105][T22281] vhci_hcd: connection reset by peer
[ 2011.808063][T22284] vhci_hcd: connection closed
[ 2011.823097][T22288] vhci_hcd: connection closed
[ 2011.827861][T22286] vhci_hcd: connection closed
[ 2011.842077][   T73] vhci_hcd vhci_hcd.5: stop threads
[ 2011.852790][   T73] vhci_hcd vhci_hcd.5: release socket
[ 2011.861277][   T30] audit: type=1400 audit(1768801930.891:2333): avc:  denied  { firmware_load } for  pid=18605 comm="kworker/0:20" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[ 2011.896401][T18605] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 2011.913328][   T73] vhci_hcd vhci_hcd.5: disconnect device
[ 2011.930735][   T73] vhci_hcd vhci_hcd.5: stop threads
[ 2012.057920][   T73] vhci_hcd vhci_hcd.5: release socket
[ 2012.063465][   T73] vhci_hcd vhci_hcd.5: disconnect device
[ 2012.069344][   T73] vhci_hcd vhci_hcd.5: stop threads
[ 2012.074873][   T73] vhci_hcd vhci_hcd.5: release socket
[ 2012.080350][   T73] vhci_hcd vhci_hcd.5: disconnect device
[ 2012.095471][   T73] vhci_hcd vhci_hcd.5: stop threads
[ 2012.240812][   T73] vhci_hcd vhci_hcd.5: release socket
[ 2012.251941][   T73] vhci_hcd vhci_hcd.5: disconnect device
[ 2012.446504][   T30] audit: type=1400 audit(1768801931.471:2334): avc:  denied  { read write } for  pid=22290 comm="syz.1.4247" name="sg0" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 2012.508407][   T73] vhci_hcd vhci_hcd.5: stop threads
[ 2012.537811][   T73] vhci_hcd vhci_hcd.5: release socket
[ 2012.568098][   T30] audit: type=1400 audit(1768801931.471:2335): avc:  denied  { open } for  pid=22290 comm="syz.1.4247" path="/dev/sg0" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 2012.620342][   T73] vhci_hcd vhci_hcd.5: disconnect device
[ 2012.662411][T18229] usb 7-1: USB disconnect, device number 14
[ 2012.689367][   T30] audit: type=1400 audit(1768801931.511:2336): avc:  denied  { ioctl } for  pid=22290 comm="syz.1.4247" path="/dev/sg0" dev="devtmpfs" ino=740 ioctlcmd=0x2284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 2013.232633][T18171] usb 5-1: USB disconnect, device number 52
[ 2013.670581][T18605] usb 5-1: Service connection timeout for: 256
[ 2013.679526][T18605] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 2013.698538][T18605] ath9k_htc: Failed to initialize the device
[ 2013.722720][T18171] usb 5-1: ath9k_htc: USB layer deinitialized
[ 2014.867606][T22327] dummy0: entered promiscuous mode
[ 2014.878531][T22327] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[ 2014.894866][T22327] hsr1: entered allmulticast mode
[ 2014.899935][T22327] dummy0: entered allmulticast mode
[ 2014.905218][T22327] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[ 2015.164376][   T30] audit: type=1400 audit(1768801933.821:2337): avc:  denied  { mount } for  pid=22324 comm="syz.6.4255" name="/" dev="hugetlbfs" ino=69666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[ 2015.430360][   T30] audit: type=1400 audit(1768801934.451:2338): avc:  denied  { setattr } for  pid=22330 comm="syz.5.4257" path="/dev/video36" dev="devtmpfs" ino=1044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 2015.484397][T22336] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 2015.521959][   T30] audit: type=1400 audit(1768801934.501:2339): avc:  denied  { create } for  pid=22330 comm="syz.5.4257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 2016.492449][T22353] FAULT_INJECTION: forcing a failure.
[ 2016.492449][T22353] name failslab, interval 1, probability 0, space 0, times 0
[ 2016.529428][T22353] CPU: 1 UID: 0 PID: 22353 Comm: syz.5.4264 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2016.529457][T22353] Tainted: [L]=SOFTLOCKUP
[ 2016.529463][T22353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2016.529473][T22353] Call Trace:
[ 2016.529480][T22353]  <TASK>
[ 2016.529487][T22353]  dump_stack_lvl+0x16c/0x1f0
[ 2016.529514][T22353]  should_fail_ex+0x512/0x640
[ 2016.529530][T22353]  ? __kvmalloc_node_noprof+0x129/0xa40
[ 2016.529554][T22353]  should_failslab+0xc2/0x120
[ 2016.529577][T22353]  __kvmalloc_node_noprof+0x14a/0xa40
[ 2016.529596][T22353]  ? bpf_lsm_capable+0x9/0x10
[ 2016.529614][T22353]  ? security_capable+0x7e/0x260
[ 2016.529633][T22353]  ? proc_sys_call_handler+0x2d6/0x5b0
[ 2016.529656][T22353]  ? ns_capable_noaudit+0xda/0x110
[ 2016.529683][T22353]  ? proc_sys_call_handler+0x2d6/0x5b0
[ 2016.529705][T22353]  proc_sys_call_handler+0x2d6/0x5b0
[ 2016.529730][T22353]  ? __pfx_proc_sys_call_handler+0x10/0x10
[ 2016.529761][T22353]  vfs_write+0x7d3/0x11d0
[ 2016.529785][T22353]  ? __pfx_proc_sys_write+0x10/0x10
[ 2016.529811][T22353]  ? __pfx_vfs_write+0x10/0x10
[ 2016.529847][T22353]  ksys_write+0x12a/0x250
[ 2016.529868][T22353]  ? __pfx_ksys_write+0x10/0x10
[ 2016.529897][T22353]  do_syscall_64+0xcd/0xf80
[ 2016.529929][T22353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2016.529946][T22353] RIP: 0033:0x7f19f858f749
[ 2016.529959][T22353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2016.529975][T22353] RSP: 002b:00007f19f9406038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2016.529991][T22353] RAX: ffffffffffffffda RBX: 00007f19f87e5fa0 RCX: 00007f19f858f749
[ 2016.530002][T22353] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000003
[ 2016.530012][T22353] RBP: 00007f19f9406090 R08: 0000000000000000 R09: 0000000000000000
[ 2016.530022][T22353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2016.530031][T22353] R13: 00007f19f87e6038 R14: 00007f19f87e5fa0 R15: 00007ffcdad9ba68
[ 2016.530056][T22353]  </TASK>
[ 2016.736460][   T30] audit: type=1400 audit(1768801935.761:2340): avc:  denied  { connect } for  pid=22355 comm="syz.0.4265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2016.960644][T16878] vhci_hcd vhci_hcd.5: vhci_device speed not set
[ 2017.026002][T22365] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4265'.
[ 2017.882391][   T30] audit: type=1400 audit(1768801936.751:2341): avc:  denied  { setopt } for  pid=22362 comm="syz.4.4267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 2018.121541][T18229] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[ 2018.735528][T18229] usb 1-1: config 0 has an invalid interface number: 253 but max is 0
[ 2018.871721][T18229] usb 1-1: config 0 has no interface number 0
[ 2018.888376][T18229] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0018, bcdDevice=e4.3c
[ 2018.898120][T18229] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2018.914377][T18229] usb 1-1: Product: syz
[ 2018.924751][T18229] usb 1-1: Manufacturer: syz
[ 2018.938555][T18229] usb 1-1: SerialNumber: syz
[ 2019.014261][T18229] usb 1-1: config 0 descriptor??
[ 2019.030007][T18229] kvaser_usb 1-1:0.253: error -ENODEV: Cannot get usb endpoint(s)
[ 2019.102636][T22385] loop8: detected capacity change from 0 to 8
[ 2019.174499][   T30] audit: type=1400 audit(1768801938.131:2342): avc:  denied  { ioctl } for  pid=22383 comm="syz.6.4272" path="/dev/loop8" dev="devtmpfs" ino=3386 ioctlcmd=0x4c0a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 2019.206622][T22385] Dev loop8: unable to read RDB block 8
[ 2019.215841][   T30] audit: type=1400 audit(1768801938.241:2343): avc:  denied  { map } for  pid=22381 comm="syz.5.4271" path="/dev/bus/usb/007/001" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2019.734141][T22369] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4269'.
[ 2019.753670][T22385]  loop8: unable to read partition table
[ 2019.765808][T22385] loop8: partition table beyond EOD, truncated
[ 2019.784402][ T6427] usb 1-1: USB disconnect, device number 50
[ 2019.802107][T22385] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[ 2019.816241][   T30] audit: type=1400 audit(1768801938.751:2344): avc:  denied  { ioctl } for  pid=22367 comm="syz.0.4269" path="socket:[69785]" dev="sockfs" ino=69785 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 2020.030954][T22395] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=22395 comm=syz.6.4272
[ 2020.117651][T22400] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4272'.
[ 2020.377949][T22402] input: syz0 as /devices/virtual/input/input129
[ 2020.644013][   T30] audit: type=1400 audit(1768801939.471:2345): avc:  denied  { mount } for  pid=22396 comm="syz.5.4274" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 2020.836486][T22404] netlink: 'syz.5.4274': attribute type 1 has an invalid length.
[ 2020.886400][T22407] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 2021.041300][T22395] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4272'.
[ 2022.239646][   T30] audit: type=1400 audit(1768801941.261:2346): avc:  denied  { unmount } for  pid=20485 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 2023.281166][   T30] audit: type=1326 audit(1768801942.311:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22419 comm="syz.4.4281" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f8a18f749 code=0x0
[ 2023.381798][T22418] netlink: 76 bytes leftover after parsing attributes in process `syz.6.4280'.
[ 2024.090847][ T5814] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 2024.256046][ T5814] usb 2-1: Using ep0 maxpacket: 16
[ 2024.272342][ T5814] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2024.283776][ T5814] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2024.300863][ T5814] usb 2-1: config 0 interface 0 has no altsetting 0
[ 2024.348781][ T5814] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 2024.368538][ T5814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2024.388941][ T5814] usb 2-1: config 0 descriptor??
[ 2025.017317][   T30] audit: type=1400 audit(1768801944.041:2348): avc:  denied  { connect } for  pid=22445 comm="syz.1.4284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2025.040618][ T5814] usbhid 2-1:0.0: can't add hid device: -71
[ 2025.053140][ T5814] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2025.072670][ T5814] usb 2-1: USB disconnect, device number 43
[ 2025.624103][   T30] audit: type=1400 audit(1768801944.651:2349): avc:  denied  { ioctl } for  pid=22460 comm="syz.1.4289" path="socket:[70174]" dev="sockfs" ino=70174 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2025.705082][T22462] FAULT_INJECTION: forcing a failure.
[ 2025.705082][T22462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2025.719486][T22462] CPU: 0 UID: 0 PID: 22462 Comm: syz.1.4289 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2025.719514][T22462] Tainted: [L]=SOFTLOCKUP
[ 2025.719519][T22462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2025.719528][T22462] Call Trace:
[ 2025.719533][T22462]  <TASK>
[ 2025.719540][T22462]  dump_stack_lvl+0x16c/0x1f0
[ 2025.719570][T22462]  should_fail_ex+0x512/0x640
[ 2025.719588][T22462]  _copy_from_iter+0x2a4/0x16c0
[ 2025.719616][T22462]  ? __alloc_skb+0x220/0x410
[ 2025.719629][T22462]  ? __alloc_skb+0x35d/0x410
[ 2025.719643][T22462]  ? __pfx__copy_from_iter+0x10/0x10
[ 2025.719667][T22462]  ? netlink_autobind.isra.0+0x158/0x370
[ 2025.719697][T22462]  netlink_sendmsg+0x820/0xdd0
[ 2025.719722][T22462]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2025.719751][T22462]  ____sys_sendmsg+0xa5d/0xc30
[ 2025.719773][T22462]  ? copy_msghdr_from_user+0x10a/0x160
[ 2025.719790][T22462]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2025.719821][T22462]  ___sys_sendmsg+0x134/0x1d0
[ 2025.719839][T22462]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2025.719884][T22462]  __sys_sendmsg+0x16d/0x220
[ 2025.719901][T22462]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2025.719934][T22462]  do_syscall_64+0xcd/0xf80
[ 2025.719957][T22462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2025.719972][T22462] RIP: 0033:0x7f0dce78f749
[ 2025.719984][T22462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2025.719998][T22462] RSP: 002b:00007f0dcc9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2025.720013][T22462] RAX: ffffffffffffffda RBX: 00007f0dce9e6090 RCX: 00007f0dce78f749
[ 2025.720022][T22462] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000005
[ 2025.720031][T22462] RBP: 00007f0dcc9f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2025.720040][T22462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2025.720048][T22462] R13: 00007f0dce9e6128 R14: 00007f0dce9e6090 R15: 00007ffed6153878
[ 2025.720069][T22462]  </TASK>
[ 2025.720379][   T30] audit: type=1400 audit(1768801944.751:2350): avc:  denied  { map } for  pid=22460 comm="syz.1.4289" path="socket:[70173]" dev="sockfs" ino=70173 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2025.945673][   T30] audit: type=1400 audit(1768801944.901:2351): avc:  denied  { read } for  pid=22460 comm="syz.1.4289" path="socket:[70173]" dev="sockfs" ino=70173 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2026.867807][T22444] FAULT_INJECTION: forcing a failure.
[ 2026.867807][T22444] name failslab, interval 1, probability 0, space 0, times 0
[ 2026.881744][T22444] CPU: 0 UID: 0 PID: 22444 Comm: syz.4.4285 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2026.881771][T22444] Tainted: [L]=SOFTLOCKUP
[ 2026.881777][T22444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2026.881786][T22444] Call Trace:
[ 2026.881792][T22444]  <TASK>
[ 2026.881798][T22444]  dump_stack_lvl+0x16c/0x1f0
[ 2026.881826][T22444]  should_fail_ex+0x512/0x640
[ 2026.881839][T22444]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 2026.881859][T22444]  should_failslab+0xc2/0x120
[ 2026.881879][T22444]  kmem_cache_alloc_noprof+0x83/0x770
[ 2026.881894][T22444]  ? __pfx_acct_collect+0x10/0x10
[ 2026.881909][T22444]  ? taskstats_exit+0x654/0xbe0
[ 2026.881930][T22444]  ? taskstats_exit+0x654/0xbe0
[ 2026.881945][T22444]  taskstats_exit+0x654/0xbe0
[ 2026.881963][T22444]  ? __pfx_taskstats_exit+0x10/0x10
[ 2026.881982][T22444]  ? exit_signals+0x388/0xb00
[ 2026.882006][T22444]  do_exit+0x5e4/0x2bd0
[ 2026.882026][T22444]  ? __pfx_do_exit+0x10/0x10
[ 2026.882041][T22444]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2026.882061][T22444]  ? find_held_lock+0x2b/0x80
[ 2026.882087][T22444]  do_group_exit+0xd3/0x2a0
[ 2026.882104][T22444]  get_signal+0x2671/0x26d0
[ 2026.882133][T22444]  ? __pfx_get_signal+0x10/0x10
[ 2026.882156][T22444]  ? selinux_kernel_read_file+0x60/0x120
[ 2026.882180][T22444]  arch_do_signal_or_restart+0x8f/0x7e0
[ 2026.882203][T22444]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2026.882237][T22444]  exit_to_user_mode_loop+0x8c/0x540
[ 2026.882261][T22444]  do_syscall_64+0x4ee/0xf80
[ 2026.882283][T22444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2026.882298][T22444] RIP: 0033:0x7f8f8a18f749
[ 2026.882311][T22444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2026.882326][T22444] RSP: 002b:00007f8f8afd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2026.882345][T22444] RAX: fffffffffffffe00 RBX: 00007f8f8a3e5fa0 RCX: 00007f8f8a18f749
[ 2026.882355][T22444] RDX: 0000200000000200 RSI: 00000000c0585611 RDI: 0000000000000005
[ 2026.882365][T22444] RBP: 00007f8f8afd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2026.882374][T22444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2026.882383][T22444] R13: 00007f8f8a3e6038 R14: 00007f8f8a3e5fa0 R15: 00007ffe74351318
[ 2026.882407][T22444]  </TASK>
[ 2027.228875][T22474] vivid-000: =================  START STATUS  =================
[ 2027.237834][T22474] vivid-000: Generate PTS: true
[ 2027.242971][T22474] vivid-000: Generate SCR: true
[ 2027.247910][T22474] tpg source WxH: 1280x720 (R'G'B)
[ 2027.253068][T22474] tpg field: 1
[ 2027.256448][T22474] tpg crop: (0,0)/776x720
[ 2027.260830][T22474] tpg compose: (0,0)/194x720
[ 2027.265430][T22474] tpg colorspace: 3
[ 2027.269250][T22474] tpg transfer function: 0/1
[ 2027.273906][T22474] tpg quantization: 0/1
[ 2027.278070][T22474] tpg RGB range: 0/1
[ 2027.289144][T22474] vivid-000: ==================  END STATUS  ==================
[ 2027.546047][   T30] audit: type=1400 audit(1768801946.241:2352): avc:  denied  { create } for  pid=22467 comm="syz.6.4292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 2030.804461][T22510] overlay: Unknown parameter '#-['
[ 2031.101115][T22511] atomic_op ffff888026d67998 conn xmit_atomic 0000000000000000
[ 2032.531030][T17767] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 2032.870717][ T5826] Bluetooth: hci0: command 0x0406 tx timeout
[ 2032.878136][ T6427] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 2032.922077][T17767] usb 2-1: Using ep0 maxpacket: 8
[ 2032.928489][T22523] FAULT_INJECTION: forcing a failure.
[ 2032.928489][T22523] name failslab, interval 1, probability 0, space 0, times 0
[ 2032.958153][T22523] CPU: 0 UID: 0 PID: 22523 Comm: syz.4.4304 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2032.958185][T22523] Tainted: [L]=SOFTLOCKUP
[ 2032.958191][T22523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2032.958199][T22523] Call Trace:
[ 2032.958204][T22523]  <TASK>
[ 2032.958208][T22523]  dump_stack_lvl+0x16c/0x1f0
[ 2032.958227][T22523]  should_fail_ex+0x512/0x640
[ 2032.958238][T22523]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 2032.958249][T22523]  should_failslab+0xc2/0x120
[ 2032.958264][T22523]  kmem_cache_alloc_noprof+0x83/0x770
[ 2032.958275][T22523]  ? skb_clone+0x190/0x3f0
[ 2032.958290][T22523]  ? skb_clone+0x190/0x3f0
[ 2032.958301][T22523]  skb_clone+0x190/0x3f0
[ 2032.958313][T22523]  netlink_deliver_tap+0xabd/0xd30
[ 2032.958330][T22523]  netlink_unicast+0x64c/0x870
[ 2032.958360][T22523]  ? __pfx_netlink_unicast+0x10/0x10
[ 2032.958380][T22523]  netlink_sendmsg+0x8c8/0xdd0
[ 2032.958396][T22523]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2032.958415][T22523]  ____sys_sendmsg+0xa5d/0xc30
[ 2032.958431][T22523]  ? copy_msghdr_from_user+0x10a/0x160
[ 2032.958443][T22523]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2032.958464][T22523]  ___sys_sendmsg+0x134/0x1d0
[ 2032.958476][T22523]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2032.958505][T22523]  __sys_sendmsg+0x16d/0x220
[ 2032.958516][T22523]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2032.958537][T22523]  do_syscall_64+0xcd/0xf80
[ 2032.958553][T22523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2032.958565][T22523] RIP: 0033:0x7f8f8a18f749
[ 2032.958575][T22523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2032.958585][T22523] RSP: 002b:00007f8f8afd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2032.958595][T22523] RAX: ffffffffffffffda RBX: 00007f8f8a3e5fa0 RCX: 00007f8f8a18f749
[ 2032.958601][T22523] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000004
[ 2032.958607][T22523] RBP: 00007f8f8afd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2032.958613][T22523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2032.958619][T22523] R13: 00007f8f8a3e6038 R14: 00007f8f8a3e5fa0 R15: 00007ffe74351318
[ 2032.958633][T22523]  </TASK>
[ 2033.183601][T17767] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 2033.192783][T17767] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2033.200889][T17767] usb 2-1: Product: syz
[ 2033.205122][T17767] usb 2-1: Manufacturer: syz
[ 2033.209720][T17767] usb 2-1: SerialNumber: syz
[ 2033.235834][T18171] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[ 2033.294092][T17767] usb 2-1: config 0 descriptor??
[ 2033.562332][T22525] FAULT_INJECTION: forcing a failure.
[ 2033.562332][T22525] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2033.563857][T22525] 
[ 2033.563865][T22525] ======================================================
[ 2033.563871][T22525] WARNING: possible circular locking dependency detected
[ 2033.563881][T22525] syzkaller #0 Tainted: G             L     
[ 2033.563890][T22525] ------------------------------------------------------
[ 2033.563896][T22525] syz.4.4305/22525 is trying to acquire lock:
[ 2033.563905][T22525] ffffffff8e2d6bc0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80
[ 2033.563954][T22525] 
[ 2033.563954][T22525] but task is already holding lock:
[ 2033.563959][T22525] ffff8880b843ac98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 2033.564003][T22525] 
[ 2033.564003][T22525] which lock already depends on the new lock.
[ 2033.564003][T22525] 
[ 2033.564009][T22525] 
[ 2033.564009][T22525] the existing dependency chain (in reverse order) is:
[ 2033.564014][T22525] 
[ 2033.564014][T22525] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 2033.564035][T22525]        _raw_spin_lock_nested+0x31/0x40
[ 2033.564055][T22525]        raw_spin_rq_lock_nested+0x29/0x130
[ 2033.564079][T22525]        task_rq_lock+0xcf/0x490
[ 2033.564092][T22525]        cgroup_move_task+0x81/0x2a0
[ 2033.564107][T22525]        css_set_move_task+0x288/0x5f0
[ 2033.564124][T22525]        cgroup_post_fork+0x201/0x9e0
[ 2033.564142][T22525]        copy_process+0x56b6/0x7430
[ 2033.564156][T22525]        kernel_clone+0xfc/0x910
[ 2033.564170][T22525]        user_mode_thread+0xc8/0x110
[ 2033.564183][T22525]        rest_init+0x23/0x2b0
[ 2033.564198][T22525]        start_kernel+0x3ef/0x4d0
[ 2033.564214][T22525]        x86_64_start_reservations+0x18/0x30
[ 2033.564232][T22525]        x86_64_start_kernel+0x130/0x190
[ 2033.564248][T22525]        common_startup_64+0x13e/0x148
[ 2033.564267][T22525] 
[ 2033.564267][T22525] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 2033.564288][T22525]        _raw_spin_lock_irqsave+0x3a/0x60
[ 2033.564308][T22525]        try_to_wake_up+0xb7/0x1860
[ 2033.564331][T22525]        __wake_up_common+0x135/0x1f0
[ 2033.564349][T22525]        __wake_up+0x31/0x60
[ 2033.564364][T22525]        tty_port_default_wakeup+0x4d/0x60
[ 2033.564386][T22525]        serial8250_tx_chars+0x68e/0x860
[ 2033.564406][T22525]        serial8250_handle_irq+0x761/0xcb0
[ 2033.564427][T22525]        serial8250_default_handle_irq+0x9e/0x270
[ 2033.564449][T22525]        serial8250_interrupt+0xf8/0x1d0
[ 2033.564472][T22525]        __handle_irq_event_percpu+0x236/0x890
[ 2033.564497][T22525]        handle_irq_event+0xab/0x1e0
[ 2033.564520][T22525]        handle_edge_irq+0x3ca/0x9e0
[ 2033.564542][T22525]        __common_interrupt+0xd0/0x2f0
[ 2033.564564][T22525]        common_interrupt+0xba/0xe0
[ 2033.564580][T22525]        asm_common_interrupt+0x26/0x40
[ 2033.564596][T22525]        console_flush_one_record+0x995/0xc60
[ 2033.564619][T22525]        console_unlock+0xef/0x240
[ 2033.564642][T22525]        vprintk_emit+0x407/0x6b0
[ 2033.564655][T22525]        _printk+0xc7/0x100
[ 2033.564674][T22525]        kauditd_hold_skb+0x205/0x250
[ 2033.564696][T22525]        kauditd_send_queue+0x239/0x290
[ 2033.564718][T22525]        kauditd_thread+0x621/0xb30
[ 2033.564740][T22525]        kthread+0x3c5/0x780
[ 2033.564757][T22525]        ret_from_fork+0x983/0xb10
[ 2033.564774][T22525]        ret_from_fork_asm+0x1a/0x30
[ 2033.564797][T22525] 
[ 2033.564797][T22525] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[ 2033.564825][T22525]        _raw_spin_lock_irqsave+0x3a/0x60
[ 2033.564844][T22525]        __wake_up+0x1c/0x60
[ 2033.564858][T22525]        tty_port_default_wakeup+0x4d/0x60
[ 2033.564878][T22525]        serial8250_tx_chars+0x68e/0x860
[ 2033.564897][T22525]        serial8250_handle_irq+0x761/0xcb0
[ 2033.564918][T22525]        serial8250_default_handle_irq+0x9e/0x270
[ 2033.564940][T22525]        serial8250_interrupt+0xf8/0x1d0
[ 2033.564963][T22525]        __handle_irq_event_percpu+0x236/0x890
[ 2033.564987][T22525]        handle_irq_event+0xab/0x1e0
[ 2033.565010][T22525]        handle_edge_irq+0x3ca/0x9e0
[ 2033.565031][T22525]        __common_interrupt+0xd0/0x2f0
[ 2033.565054][T22525]        common_interrupt+0xba/0xe0
[ 2033.565069][T22525]        asm_common_interrupt+0x26/0x40
[ 2033.565084][T22525]        pv_native_safe_halt+0xf/0x20
[ 2033.565104][T22525]        default_idle+0x13/0x20
[ 2033.565116][T22525]        default_idle_call+0x6c/0xb0
[ 2033.565129][T22525]        do_idle+0x38d/0x510
[ 2033.565151][T22525]        cpu_startup_entry+0x4f/0x60
[ 2033.565174][T22525]        start_secondary+0x21d/0x2d0
[ 2033.565189][T22525]        common_startup_64+0x13e/0x148
[ 2033.565207][T22525] 
[ 2033.565207][T22525] -> #1 (&port_lock_key){-.-.}-{3:3}:
[ 2033.565228][T22525]        _raw_spin_lock_irqsave+0x3a/0x60
[ 2033.565248][T22525]        serial8250_console_write+0x181/0x1890
[ 2033.565270][T22525]        console_flush_one_record+0x796/0xc60
[ 2033.565294][T22525]        console_unlock+0xef/0x240
[ 2033.565316][T22525]        vprintk_emit+0x407/0x6b0
[ 2033.565330][T22525]        _printk+0xc7/0x100
[ 2033.565348][T22525]        register_console+0x823/0x1210
[ 2033.565362][T22525]        univ8250_console_init+0x5f/0x90
[ 2033.565383][T22525]        console_init+0x152/0x600
[ 2033.565401][T22525]        start_kernel+0x298/0x4d0
[ 2033.565417][T22525]        x86_64_start_reservations+0x18/0x30
[ 2033.565434][T22525]        x86_64_start_kernel+0x130/0x190
[ 2033.565451][T22525]        common_startup_64+0x13e/0x148
[ 2033.565469][T22525] 
[ 2033.565469][T22525] -> #0 (console_owner){-.-.}-{0:0}:
[ 2033.565490][T22525]        __lock_acquire+0x1669/0x2890
[ 2033.565508][T22525]        lock_acquire+0x179/0x330
[ 2033.565525][T22525]        console_lock_spinning_enable+0x72/0x80
[ 2033.565549][T22525]        console_flush_one_record+0x73f/0xc60
[ 2033.565571][T22525]        console_unlock+0xef/0x240
[ 2033.565594][T22525]        vprintk_emit+0x407/0x6b0
[ 2033.565607][T22525]        _printk+0xc7/0x100
[ 2033.565625][T22525]        should_fail_ex+0x4e7/0x640
[ 2033.565640][T22525]        strncpy_from_user+0x3b/0x2e0
[ 2033.565662][T22525]        strncpy_from_user_nofault+0x7f/0x180
[ 2033.565679][T22525]        bpf_bprintf_prepare+0xe90/0x13f0
[ 2033.565695][T22525]        bpf_trace_printk+0xda/0x190
[ 2033.565710][T22525]        bpf_prog_930ede9872f2967c+0x3e/0x44
[ 2033.565723][T22525]        bpf_trace_run2+0x239/0x5c0
[ 2033.565741][T22525]        __bpf_trace_contention_begin+0xc9/0x110
[ 2033.565760][T22525]        trace_contention_begin.constprop.0+0xd6/0x140
[ 2033.565783][T22525]        __pv_queued_spin_lock_slowpath+0x109/0xcf0
[ 2033.565810][T22525]        do_raw_spin_lock+0x20e/0x2b0
[ 2033.565831][T22525]        raw_spin_rq_lock_nested+0x7e/0x130
[ 2033.565855][T22525]        __schedule+0x331/0x5ee0
[ 2033.565873][T22525]        preempt_schedule_irq+0x51/0x90
[ 2033.565893][T22525]        irqentry_exit+0x1d8/0x8c0
[ 2033.565914][T22525]        asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2033.565931][T22525]        __sanitizer_cov_trace_pc+0x3b/0x70
[ 2033.565948][T22525]        kmalloc_reserve+0x1f/0x2c0
[ 2033.565968][T22525]        __alloc_skb+0x186/0x410
[ 2033.565983][T22525]        netlink_alloc_large_skb+0x69/0x140
[ 2033.566004][T22525]        netlink_sendmsg+0x698/0xdd0
[ 2033.566024][T22525]        ____sys_sendmsg+0xa5d/0xc30
[ 2033.566045][T22525]        ___sys_sendmsg+0x134/0x1d0
[ 2033.566061][T22525]        __sys_sendmsg+0x16d/0x220
[ 2033.566077][T22525]        do_syscall_64+0xcd/0xf80
[ 2033.566098][T22525]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2033.566112][T22525] 
[ 2033.566112][T22525] other info that might help us debug this:
[ 2033.566112][T22525] 
[ 2033.566117][T22525] Chain exists of:
[ 2033.566117][T22525]   console_owner --> &p->pi_lock --> &rq->__lock
[ 2033.566117][T22525] 
[ 2033.566140][T22525]  Possible unsafe locking scenario:
[ 2033.566140][T22525] 
[ 2033.566145][T22525]        CPU0                    CPU1
[ 2033.566150][T22525]        ----                    ----
[ 2033.566154][T22525]   lock(&rq->__lock);
[ 2033.566164][T22525]                                lock(&p->pi_lock);
[ 2033.566176][T22525]                                lock(&rq->__lock);
[ 2033.566187][T22525]   lock(console_owner);
[ 2033.566197][T22525] 
[ 2033.566197][T22525]  *** DEADLOCK ***
[ 2033.566197][T22525] 
[ 2033.566201][T22525] 4 locks held by syz.4.4305/22525:
[ 2033.566211][T22525]  #0: ffff8880b843ac98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 2033.566256][T22525]  #1: ffffffff8e3c9620 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1bc/0x5c0
[ 2033.566295][T22525]  #2: ffffffff8e3b7000 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[ 2033.566336][T22525]  #3: ffffffff8e3b7078 (console_srcu){....}-{0:0}, at: console_flush_one_record+0x103/0xc60
[ 2033.566381][T22525] 
[ 2033.566381][T22525] stack backtrace:
[ 2033.566391][T22525] CPU: 0 UID: 0 PID: 22525 Comm: syz.4.4305 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2033.566414][T22525] Tainted: [L]=SOFTLOCKUP
[ 2033.566420][T22525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2033.566431][T22525] Call Trace:
[ 2033.566436][T22525]  <TASK>
[ 2033.566443][T22525]  dump_stack_lvl+0x116/0x1f0
[ 2033.566467][T22525]  print_circular_bug+0x275/0x340
[ 2033.566487][T22525]  check_noncircular+0x146/0x160
[ 2033.566509][T22525]  __lock_acquire+0x1669/0x2890
[ 2033.566533][T22525]  lock_acquire+0x179/0x330
[ 2033.566552][T22525]  ? console_lock_spinning_enable+0x61/0x80
[ 2033.566576][T22525]  ? console_lock_spinning_enable+0x4a/0x80
[ 2033.566603][T22525]  console_lock_spinning_enable+0x72/0x80
[ 2033.566626][T22525]  ? console_lock_spinning_enable+0x61/0x80
[ 2033.566650][T22525]  console_flush_one_record+0x73f/0xc60
[ 2033.566678][T22525]  ? __pfx_console_flush_one_record+0x10/0x10
[ 2033.566703][T22525]  ? __lock_acquire+0x436/0x2890
[ 2033.566724][T22525]  ? is_printk_cpu_sync_owner+0x32/0x40
[ 2033.566742][T22525]  console_unlock+0xef/0x240
[ 2033.566765][T22525]  ? __pfx_console_unlock+0x10/0x10
[ 2033.566790][T22525]  ? do_raw_spin_unlock+0x130/0x230
[ 2033.566818][T22525]  ? _printk+0xc7/0x100
[ 2033.566838][T22525]  ? __down_trylock_console_sem+0xb0/0x140
[ 2033.566861][T22525]  vprintk_emit+0x407/0x6b0
[ 2033.566876][T22525]  ? __pfx_vprintk_emit+0x10/0x10
[ 2033.566892][T22525]  ? rcu_is_watching+0x12/0xc0
[ 2033.566910][T22525]  _printk+0xc7/0x100
[ 2033.566929][T22525]  ? __pfx__printk+0x10/0x10
[ 2033.566951][T22525]  ? __pfx____ratelimit+0x10/0x10
[ 2033.566973][T22525]  should_fail_ex+0x4e7/0x640
[ 2033.566990][T22525]  strncpy_from_user+0x3b/0x2e0
[ 2033.567014][T22525]  strncpy_from_user_nofault+0x7f/0x180
[ 2033.567032][T22525]  bpf_bprintf_prepare+0xe90/0x13f0
[ 2033.567051][T22525]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[ 2033.567069][T22525]  ? rcu_is_watching+0x12/0xc0
[ 2033.567087][T22525]  ? bpf_trace_run2+0x3f9/0x5c0
[ 2033.567105][T22525]  bpf_trace_printk+0xda/0x190
[ 2033.567120][T22525]  ? __pfx_bpf_trace_printk+0x10/0x10
[ 2033.567135][T22525]  ? bpf_trace_run2+0x3f9/0x5c0
[ 2033.567155][T22525]  ? bpf_trace_run2+0x3f9/0x5c0
[ 2033.567177][T22525]  bpf_prog_930ede9872f2967c+0x3e/0x44
[ 2033.567191][T22525]  bpf_trace_run2+0x239/0x5c0
[ 2033.567210][T22525]  ? __pfx_bpf_trace_run2+0x10/0x10
[ 2033.567231][T22525]  ? __lock_acquire+0x436/0x2890
[ 2033.567250][T22525]  __bpf_trace_contention_begin+0xc9/0x110
[ 2033.567271][T22525]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[ 2033.567295][T22525]  ? find_held_lock+0x2b/0x80
[ 2033.567319][T22525]  trace_contention_begin.constprop.0+0xd6/0x140
[ 2033.567342][T22525]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[ 2033.567367][T22525]  ? __lock_acquire+0x436/0x2890
[ 2033.567386][T22525]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[ 2033.567410][T22525]  ? arch_stack_walk+0xa6/0x100
[ 2033.567434][T22525]  do_raw_spin_lock+0x20e/0x2b0
[ 2033.567456][T22525]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2033.567478][T22525]  ? rcu_qs+0x2b/0xe0
[ 2033.567492][T22525]  ? rcu_note_context_switch+0x191/0x1de0
[ 2033.567519][T22525]  raw_spin_rq_lock_nested+0x7e/0x130
[ 2033.567544][T22525]  ? preempt_schedule_irq+0x51/0x90
[ 2033.567565][T22525]  __schedule+0x331/0x5ee0
[ 2033.567583][T22525]  ? __alloc_skb+0x156/0x410
[ 2033.567598][T22525]  ? netlink_alloc_large_skb+0x69/0x140
[ 2033.567618][T22525]  ? netlink_sendmsg+0x698/0xdd0
[ 2033.567639][T22525]  ? ____sys_sendmsg+0xa5d/0xc30
[ 2033.567660][T22525]  ? ___sys_sendmsg+0x134/0x1d0
[ 2033.567683][T22525]  ? __pfx___schedule+0x10/0x10
[ 2033.567706][T22525]  preempt_schedule_irq+0x51/0x90
[ 2033.567728][T22525]  irqentry_exit+0x1d8/0x8c0
[ 2033.567749][T22525]  ? rcu_is_watching+0x12/0xc0
[ 2033.567766][T22525]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2033.567783][T22525] RIP: 0010:__sanitizer_cov_trace_pc+0x3b/0x70
[ 2033.567807][T22525] Code: 8b 05 89 f0 f3 11 a9 00 01 ff 00 74 1d f6 c4 01 74 43 a9 00 00 0f 00 75 3c a9 00 00 f0 00 75 35 8b 82 6c 16 00 00 85 c0 74 2b <8b> 82 48 16 00 00 83 f8 02 75 20 48 8b 8a 50 16 00 00 8b 92 4c 16
[ 2033.567824][T22525] RSP: 0018:ffffc90004aaf8c8 EFLAGS: 00000246
[ 2033.567837][T22525] RAX: 0000000080000000 RBX: ffff88807b5cf140 RCX: ffffc90004aaf948
[ 2033.567848][T22525] RDX: ffff888032940000 RSI: ffffffff893eefbf RDI: ffffc90004aaf958
[ 2033.567859][T22525] RBP: ffffc90004aaf958 R08: 00000000ffffffff R09: 0000000000000000
[ 2033.567869][T22525] R10: ffffc90004aaf910 R11: ffff888032940b30 R12: ffffc90004aaf948
[ 2033.567880][T22525] R13: 0000000000000cc0 R14: 00000000ffffffff R15: ffff8881412ffa00
[ 2033.567894][T22525]  ? kmalloc_reserve+0x1f/0x2c0
[ 2033.567917][T22525]  kmalloc_reserve+0x1f/0x2c0
[ 2033.567939][T22525]  __alloc_skb+0x186/0x410
[ 2033.567954][T22525]  ? __alloc_skb+0x35d/0x410
[ 2033.567968][T22525]  ? __pfx___alloc_skb+0x10/0x10
[ 2033.567984][T22525]  ? netlink_autobind.isra.0+0x158/0x370
[ 2033.568008][T22525]  netlink_alloc_large_skb+0x69/0x140
[ 2033.568030][T22525]  netlink_sendmsg+0x698/0xdd0
[ 2033.568054][T22525]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2033.568080][T22525]  ____sys_sendmsg+0xa5d/0xc30
[ 2033.568102][T22525]  ? copy_msghdr_from_user+0x10a/0x160
[ 2033.568119][T22525]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2033.568146][T22525]  ___sys_sendmsg+0x134/0x1d0
[ 2033.568165][T22525]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2033.568196][T22525]  __sys_sendmsg+0x16d/0x220
[ 2033.568214][T22525]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2033.568239][T22525]  do_syscall_64+0xcd/0xf80
[ 2033.568263][T22525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2033.568279][T22525] RIP: 0033:0x7f8f8a18f749
[ 2033.568291][T22525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2033.568306][T22525] RSP: 002b:00007f8f8afd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2033.568321][T22525] RAX: ffffffffffffffda RBX: 00007f8f8a3e5fa0 RCX: 00007f8f8a18f749
[ 2033.568332][T22525] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 2033.568342][T22525] RBP: 00007f8f8afd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2033.568352][T22525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2033.568361][T22525] R13: 00007f8f8a3e6038 R14: 00007f8f8a3e5fa0 R15: 00007ffe74351318
[ 2033.568378][T22525]  </TASK>
[ 2033.844613][ T6427] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[ 2033.845182][T22525] CPU: 0 UID: 0 PID: 22525 Comm: syz.4.4305 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2033.845202][T22525] Tainted: [L]=SOFTLOCKUP
[ 2033.845207][T22525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2033.845216][T22525] Call Trace:
[ 2033.845221][T22525]  <TASK>
[ 2033.845226][T22525]  dump_stack_lvl+0x116/0x1f0
[ 2033.845249][T22525]  should_fail_ex+0x512/0x640
[ 2033.845264][T22525]  strncpy_from_user+0x3b/0x2e0
[ 2033.845285][T22525]  strncpy_from_user_nofault+0x7f/0x180
[ 2033.845301][T22525]  bpf_bprintf_prepare+0xe90/0x13f0
[ 2033.845318][T22525]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[ 2033.845333][T22525]  ? rcu_is_watching+0x12/0xc0
[ 2033.845349][T22525]  ? bpf_trace_run2+0x3f9/0x5c0
[ 2033.845363][T22525]  bpf_trace_printk+0xda/0x190
[ 2033.845377][T22525]  ? __pfx_bpf_trace_printk+0x10/0x10
[ 2033.845390][T22525]  ? bpf_trace_run2+0x3f9/0x5c0
[ 2033.845406][T22525]  ? bpf_trace_run2+0x3f9/0x5c0
[ 2033.845423][T22525]  bpf_prog_930ede9872f2967c+0x3e/0x44
[ 2033.845435][T22525]  bpf_trace_run2+0x239/0x5c0
[ 2033.845451][T22525]  ? __pfx_bpf_trace_run2+0x10/0x10
[ 2033.845468][T22525]  ? __lock_acquire+0x436/0x2890
[ 2033.845485][T22525]  __bpf_trace_contention_begin+0xc9/0x110
[ 2033.845503][T22525]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[ 2033.845522][T22525]  ? find_held_lock+0x2b/0x80
[ 2033.845542][T22525]  trace_contention_begin.constprop.0+0xd6/0x140
[ 2033.845562][T22525]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[ 2033.845583][T22525]  ? __lock_acquire+0x436/0x2890
[ 2033.845598][T22525]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[ 2033.845617][T22525]  ? arch_stack_walk+0xa6/0x100
[ 2033.845638][T22525]  do_raw_spin_lock+0x20e/0x2b0
[ 2033.845655][T22525]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2033.845673][T22525]  ? rcu_qs+0x2b/0xe0
[ 2033.845684][T22525]  ? rcu_note_context_switch+0x191/0x1de0
[ 2033.845707][T22525]  raw_spin_rq_lock_nested+0x7e/0x130
[ 2033.845728][T22525]  ? preempt_schedule_irq+0x51/0x90
[ 2033.845745][T22525]  __schedule+0x331/0x5ee0
[ 2033.845761][T22525]  ? __alloc_skb+0x156/0x410
[ 2033.845774][T22525]  ? netlink_alloc_large_skb+0x69/0x140
[ 2033.845791][T22525]  ? netlink_sendmsg+0x698/0xdd0
[ 2033.845812][T22525]  ? ____sys_sendmsg+0xa5d/0xc30
[ 2033.845830][T22525]  ? ___sys_sendmsg+0x134/0x1d0
[ 2033.845849][T22525]  ? __pfx___schedule+0x10/0x10
[ 2033.845868][T22525]  preempt_schedule_irq+0x51/0x90
[ 2033.845885][T22525]  irqentry_exit+0x1d8/0x8c0
[ 2033.845903][T22525]  ? rcu_is_watching+0x12/0xc0
[ 2033.845917][T22525]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2033.845931][T22525] RIP: 0010:__sanitizer_cov_trace_pc+0x3b/0x70
[ 2033.845948][T22525] Code: 8b 05 89 f0 f3 11 a9 00 01 ff 00 74 1d f6 c4 01 74 43 a9 00 00 0f 00 75 3c a9 00 00 f0 00 75 35 8b 82 6c 16 00 00 85 c0 74 2b <8b> 82 48 16 00 00 83 f8 02 75 20 48 8b 8a 50 16 00 00 8b 92 4c 16
[ 2033.845961][T22525] RSP: 0018:ffffc90004aaf8c8 EFLAGS: 00000246
[ 2033.845973][T22525] RAX: 0000000080000000 RBX: ffff88807b5cf140 RCX: ffffc90004aaf948
[ 2033.845982][T22525] RDX: ffff888032940000 RSI: ffffffff893eefbf RDI: ffffc90004aaf958
[ 2033.845991][T22525] RBP: ffffc90004aaf958 R08: 00000000ffffffff R09: 0000000000000000
[ 2033.845999][T22525] R10: ffffc90004aaf910 R11: ffff888032940b30 R12: ffffc90004aaf948
[ 2033.846008][T22525] R13: 0000000000000cc0 R14: 00000000ffffffff R15: ffff8881412ffa00
[ 2033.846020][T22525]  ? kmalloc_reserve+0x1f/0x2c0
[ 2033.846040][T22525]  kmalloc_reserve+0x1f/0x2c0
[ 2033.846058][T22525]  __alloc_skb+0x186/0x410
[ 2033.846070][T22525]  ? __alloc_skb+0x35d/0x410
[ 2033.846082][T22525]  ? __pfx___alloc_skb+0x10/0x10
[ 2033.846095][T22525]  ? netlink_autobind.isra.0+0x158/0x370
[ 2033.846115][T22525]  netlink_alloc_large_skb+0x69/0x140
[ 2033.846133][T22525]  netlink_sendmsg+0x698/0xdd0
[ 2033.846152][T22525]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2033.846173][T22525]  ____sys_sendmsg+0xa5d/0xc30
[ 2033.846192][T22525]  ? copy_msghdr_from_user+0x10a/0x160
[ 2033.846207][T22525]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2033.846229][T22525]  ___sys_sendmsg+0x134/0x1d0
[ 2033.846245][T22525]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2033.846271][T22525]  __sys_sendmsg+0x16d/0x220
[ 2033.846286][T22525]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2033.846307][T22525]  do_syscall_64+0xcd/0xf80
[ 2033.846325][T22525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2033.846339][T22525] RIP: 0033:0x7f8f8a18f749
[ 2033.846349][T22525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2033.846362][T22525] RSP: 002b:00007f8f8afd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2033.846374][T22525] RAX: ffffffffffffffda RBX: 00007f8f8a3e5fa0 RCX: 00007f8f8a18f749
[ 2033.846383][T22525] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 2033.846392][T22525] RBP: 00007f8f8afd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2033.846401][T22525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2033.846409][T22525] R13: 00007f8f8a3e6038 R14: 00007f8f8a3e5fa0 R15: 00007ffe74351318
[ 2033.846423][T22525]  </TASK>
[ 2035.702344][T17767] usb read operation failed. (-71)
[ 2035.707718][T17767] usb write operation failed. (-71)
[ 2035.720691][T17767] usb write operation failed. (-71)
[ 2035.727274][T17767] usb write operation failed. (-71)
[ 2035.737513][T17767] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in cold state
[ 2035.745630][T17767] usb 2-1: Direct firmware load for dvb-usb-terratec-h7-az6007.fw failed with error -2
[ 2035.756247][T17767] usb 2-1: Falling back to sysfs fallback for: dvb-usb-terratec-h7-az6007.fw
[ 2035.756258][   T30] audit: type=1400 audit(1768801954.781:2353): avc:  denied  { firmware_load } for  pid=17767 comm="kworker/0:7" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 2035.765501][T22525] netlink: 'syz.4.4305': attribute type 27 has an invalid length.
[ 2035.805476][T22525] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2035.812577][T22525] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2035.841579][T22525] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2035.850651][T22525] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2035.892558][T18079] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2035.901582][T18079] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2035.912696][T17392] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2035.923297][T17392] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2036.953073][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 2036.959332][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.760548][ T6427] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[ 2037.760577][ T5826] Bluetooth: hci3: command 0x0406 tx timeout
[ 2037.766681][ T6427] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[ 2039.830542][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[ 2039.836562][ T6427] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[ 2039.843120][ T6427] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[ 2041.910560][ T6427] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[ 2041.916639][ T6427] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[ 2041.920508][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout