last executing test programs:

8m45.451456797s ago: executing program 4 (id=3922):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shmdt(0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$nfc_llcp(r1, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffdec, &(0x7f00000002c0)=0x40000006)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0xe, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$nfc_llcp(r1, &(0x7f0000000200)={0x27, 0x0, 0x1, 0x0, 0x0, 0x0, "359e08cbaf98c031f4aff8dc907e945afbe3299322b98246ee0a4354afaf10fc68bb87f35cb663664e06f843b12cf3b3df1478366d4fbec1d8fab4abc22d37", 0x32}, 0x60)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37}, 0x28)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
setsockopt$TIPC_IMPORTANCE(r4, 0x10f, 0x7f, &(0x7f0000000040)=0xfffffff8, 0x4)
close_range(r3, r0, 0x2)
epoll_create(0x10000e9)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r6 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1000})
r7 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r7, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r7, 0xc0945662, &(0x7f0000000240)={0xffffffff, 0x0, '\x00', {0x0, @bt={0x6, 0x5, 0x1, 0x0, 0x2, 0x10000, 0x905ffd, 0xfff, 0x100007, 0x4, 0x1, 0xffffffff, 0x106ac, 0x43cb, 0x0, 0x6, {0x85a6, 0x7fffffff}, 0xb2, 0x81}}})
r8 = syz_io_uring_setup(0x2197, &(0x7f0000000480)={0x0, 0xb02, 0x80, 0x0, 0x1002f}, &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000300)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x241}})
io_uring_enter(r8, 0x47f6, 0x880e, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

8m45.253573865s ago: executing program 4 (id=3923):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a00000040000000", @ANYRES32, @ANYBLOB="fcffffff00"/15, @ANYRES32=0x0, @ANYRES32=<r0=>0xffffffffffffffff], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
pipe2(&(0x7f0000000300)={<r2=>0xffffffffffffffff}, 0x80080)
splice(r2, 0x0, r1, 0x0, 0x18, 0x7)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYRES8, @ANYRES64=r2, @ANYRESHEX, @ANYRES8=r0], 0x44}, 0x1, 0x0, 0x0, 0x10040046}, 0x24004850)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c000b8018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
ioperm(0x0, 0x8, 0x8000000000004)
r4 = gettid()
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r6 = epoll_create1(0x0)
r7 = epoll_create1(0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0xa0000001})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000400)={{}, {0x0, 0x989680}}, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r8, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0xe, &(0x7f0000002080)=ANY=[@ANYRESHEX=r8, @ANYRES64, @ANYRES8=0x0, @ANYRESHEX=r5], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, r2}, 0x94)
close(r9)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000, 0x24, 0x0, &(0x7f00000005c0)="d397846d326a41a9470a6312472cca0956f6d94655f7add48ac421c9d0d03232b1d08532"}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103642, 0x0)
r10 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r10, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f0000000200)='qnx6\x00', 0x8000, 0x0)

8m45.158629552s ago: executing program 4 (id=3924):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xf)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000a00)=@generic={0xa, "8ab77fa26849ff26650042e2dacd00005efe0000000100ad6f9fa9f3d7145e15dd9d6d2e19c211220940ad5def53b911ba5b9da13641f9826d7012a749f54b901ee80ea6132ca6e88c776553e1833052ca376304313c4b37780136a4b83857040000000000000000000000000000002000000000000000000000000070ed"}, 0x80, 0x0}, 0x4020800) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0x1000, 0x8, 0x7, 0x9, 0x0, [{0x4a, 0x73, 0x69, '\x00', 0x2}, {0x40, 0xf2, 0x40, '\x00', 0x4}, {0x1, 0xdc, 0x4, '\x00', 0x83}, {0xa2, 0x40, 0x8, '\x00', 0x92}, {0xb, 0x1, 0x0, '\x00', 0x2}, {0x1e, 0x5, 0xa0, '\x00', 0x6}, {0x6, 0xd, 0xb3, '\x00', 0x4}, {0x8, 0x5, 0xff, '\x00', 0x1}, {0x3, 0x1, 0xb, '\x00', 0x40}, {0x6, 0x9, 0x4, '\x00', 0x5}, {0xfd, 0x1, 0x9, '\x00', 0x8}, {0x2, 0x5, 0x9b, '\x00', 0xbb}, {0x2d, 0x6, 0xc7, '\x00', 0x7}, {0x7, 0x8, 0x9, '\x00', 0x1b}, {0x7, 0x3, 0x4, '\x00', 0x5}, {0x5, 0x8, 0x77, '\x00', 0x7}, {0x68, 0x9, 0xe1, '\x00', 0x1}, {0x9, 0xe5, 0x89, '\x00', 0x4}, {0x7, 0x3, 0x0, '\x00', 0x6}, {0x8, 0x9, 0x8, '\x00', 0x8}, {0x3, 0x3, 0x1, '\x00', 0x9}, {0xf, 0x2, 0xf, '\x00', 0x14}, {0x10, 0x9, 0x2, '\x00', 0x9}, {0x6, 0x8, 0xf, '\x00', 0x9}]}}) (async)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000000)={0x0, 0xfffffff6}) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0xb5, 0x40, 0x33, 0x40, 0x1a86, 0x7522, 0x3536, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe4, 0xd6, 0x24}}]}}]}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
sendmsg$NFC_CMD_FW_DOWNLOAD(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r4, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NFC_ATTR_FIRMWARE_NAME={0x9, 0x14, '!@(,,'}, @NFC_ATTR_FIRMWARE_NAME={0x9, 0x14, '\\-]&{'}, @NFC_ATTR_FIRMWARE_NAME={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x4000051)

8m43.20558826s ago: executing program 4 (id=3933):
mkdir(&(0x7f0000005740)='./file0\x00', 0x3b) (async)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={[{@dyn}]})
r0 = accept$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @null}, [@rose, @netrom, @rose, @bcast, @null, @bcast, @null, @default]}, &(0x7f0000000080)=0x48)
recvfrom(r0, &(0x7f0000000440)=""/208, 0xd0, 0x10142, &(0x7f0000000100)=@in6={0xa, 0x4e24, 0x0, @remote, 0xc}, 0x80)
chdir(&(0x7f00000000c0)='./file0\x00') (async)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])

8m42.479691504s ago: executing program 4 (id=3935):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000001f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526"], 0x0}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="900000001d001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0x4c03, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r4 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f0000000700)="53e960ffdf9b6886416dc3bc943d3488cc3b0d00000000000000000000000000881b0af29326eaa995cb017ec4c5f7dfc6985d989b08efb26eec9ef6c092e2aef7acf3b5de2561e166ad52a8802ad07ab1d2c47edf5b336e138628413a3ebdc0d5396347cf9c762da14bca24c5839c4ae5ab30408d42f597da30c70ab826fbf202c27d84c225b103e7e3824d468363048c24a5c4c1042db352178294188c19f85dd62e1e62a23cdb1bda775b247b27cdebd24aea02ab58c0e8a841f5f6cc1d0310a1ecab4dbc54b4ff122ea05455e962edf2d80d24ea8f9265ccbc6a2cb1c81d42d18cc71cf8f7a79ccfcc4e2739583a49ae0a0c73a1eee9a6be2238790570f301b9b43b619d86d3b9a3e07cc970a57e1b3daa78270998bcde395cff1b366a489887c483c070dea5fe5425487dd5b96809c3232ad4f4adb6071d621dc73f731145bd21d0b4d38791f40b1967a3c07e8798115dd60bff20412426f8853aa57a7081fb9cb44d606c5ece29f312b700881a6c00a0b3b483b525cb60ce69d0e98f3f4166bdd8b008a5f6ec6734063452104256181b7da2", 0x195, 0xfffffffffffffffd)
r5 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
r6 = add_key$user(&(0x7f0000000480), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r6, r4, r5}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}})

8m42.145716417s ago: executing program 4 (id=3938):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000000001000000", @ANYRES32=r2], 0x20}}, 0x0)

8m41.987363029s ago: executing program 32 (id=3938):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000000001000000", @ANYRES32=r2], 0x20}}, 0x0)

25.858929689s ago: executing program 5 (id=5546):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
ioctl$sock_ax25_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@default, @default, 0x7, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x23, &(0x7f000000bb80)=0x7fff, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c81, 0x7000000)
bpf$PROG_LOAD(0x5, 0x0, 0x405a51bc3e632e7c)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x2, 0x24, &(0x7f0000000080)={0x80, 0x6, 0x5, 0xffff, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x2, 0xdb, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4008550d, 0x0)
writev(r2, 0x0, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000180)={0x20000000})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r5, &(0x7f00000000c0))
socket$key(0xf, 0x3, 0x2)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)

21.722502158s ago: executing program 5 (id=5558):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0xdf}, &(0x7f0000000240), &(0x7f0000001880))
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r3, 0x104, 0x6, &(0x7f0000000440)=0x7, 0x4)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
ioctl$TCSETS(0xffffffffffffffff, 0x89f3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket(0xb, 0x1, 0x0)
r6 = syz_open_procfs$userns(0x0, &(0x7f00000000c0))
setns(r6, 0x10000000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r7)
sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x44, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}]}, 0x44}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)

19.184249552s ago: executing program 5 (id=5567):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1}) (async, rerun: 32)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="66baf80cb8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36263e660f381efc660f7c150c000000b805000000b9210000000f01c1c4e17929d8", 0x51}], 0x1, 0x11, 0x0, 0x0) (rerun: 32)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x6, @empty, 0x80040}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x80}}, 0x0) (async, rerun: 64)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0) (async, rerun: 64)
syz_emit_ethernet(0x36, &(0x7f0000000440)=ANY=[], 0x0) (async)
syz_emit_ethernet(0x3a, &(0x7f0000000040)={@local, @broadcast, @val={@void, {0x8100, 0x2, 0x0, 0x3}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x20, 0x0, 0x0, 0x1000}}}}}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94) (async, rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r4}, 0x18) (async, rerun: 64)
mkdir(0x0, 0x50) (rerun: 64)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x20, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX, @ANYRESHEX=r5, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB="34e0f8d16d46335b22e52c6cf8c30295885af4a88dc5f811e099d8920227ba4333afe5259b21bc69aa85c4e56edaf11f1588dce33d59e6f05cc71803fbf8fc36cc366718bd708f08b37fb51c7f41c9f6d533e972530c9c591e63a1408d1ad788411e5c97b5c9735738"])
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf7, 0x1c, 0xea, 0x40, 0xe41, 0x4156, 0x3b70, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0xfd, 0x0, 0x11, 0x5d, 0x74}}]}}]}}, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000080)) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0xd, 0x0, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18.379556743s ago: executing program 5 (id=5569):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1f, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r5 = syz_open_dev$ttys(0xc, 0x2, 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$TIOCSSOFTCAR(r5, 0x541a, &(0x7f00000055c0)=0x4)

17.063461258s ago: executing program 5 (id=5572):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0xffffffff00000001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x5)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x500, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x49a, &(0x7f0000000100)={0x0, 0x79af, 0x400, 0x8000, 0x400246}, 0x0, 0x0)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x100)
epoll_create1(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000040)=ANY=[@ANYBLOB="830018007bc3"], 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000080))
r2 = getpid()
r3 = getgid()
statx(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresgid(r3, 0x0, r4)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0xa)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setuid(0xee00)

15.71408178s ago: executing program 5 (id=5576):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e0000001050004000100000008000b0027"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0xffffffff00000001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x2, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x2c}}, 0x4000)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x78}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r2, 0x80045505, &(0x7f0000000000)=0x1)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x49a, &(0x7f0000000100)={0x0, 0x79af, 0x400, 0x8000, 0x400246}, 0x0, 0x0)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x100)
epoll_create1(0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r8, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)

8.95076487s ago: executing program 1 (id=5595):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040))
syz_usb_connect$uac1(0x0, 0xa4, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000180)=<r2=>0x0)
sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r6=>0x0})
bind$can_raw(r5, &(0x7f0000000000)={0x1d, r6}, 0x10)
setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r5, &(0x7f0000000080), 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x20, 0x10, 0x401, 0x0, 0x101, {0x0, 0x0, 0x0, 0x0, 0x4819, 0x824d}}, 0x20}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x56, 0x54, 0x48, 0x20, 0x5e1, 0x408, 0x2511, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x2e, 0xc2, 0x5d, 0x0, [], [{{0x9, 0x5, 0x2}}, {{0x9, 0x5, 0x3, 0x1}}]}}]}}]}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r9}, 0x8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1f, 0x10, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c000000638af8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r9, @ANYRESHEX=r8], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r10, 0x0, 0x0}, 0x10)
io_uring_setup(0xc34, &(0x7f00000000c0)={0x0, 0x4420, 0x4000, 0x1, 0x34c})
connect$netlink(r7, &(0x7f0000000000)=@unspec, 0xc)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r11, 0x84, 0x16, 0x0, 0x0)

6.049437867s ago: executing program 2 (id=5602):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDDELIO(r0, 0x4b34, 0x3bf)
ioctl$KDDISABIO(r0, 0x4b37)

6.025143885s ago: executing program 2 (id=5603):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = accept(0xffffffffffffffff, &(0x7f0000002240)=@phonet, &(0x7f00000001c0)=0x80)
bind$can_j1939(r3, &(0x7f00000024c0)={0x1d, 0x0, 0x1, {0x2, 0x1, 0x4}, 0xff}, 0x18)
syz_genetlink_get_family_id$batadv(&(0x7f0000002300), 0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94)
ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, &(0x7f00000000c0)={0x2, [0x1, 0x3]}, 0x8)

5.849749989s ago: executing program 0 (id=5604):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0xffffffff00000001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000100)={0x0, 0x79af, 0x400, 0x8000, 0x400246}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f00000006c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r1, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0)
utimensat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x100)
prlimit64(0x0, 0xe, 0x0, 0x0)
epoll_create1(0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

5.848097587s ago: executing program 1 (id=5605):
socket(0x10, 0x803, 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xfffffffc, 0x0, 0xb49, 0x9, 0x5, 0x6, 0x3}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000))
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000280)={{0x6}, 0x0, [0x0, 0x0, 0x40000000000, 0xffffffffffffffff, 0xffffffefffffffff, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffeffbfffffff, 0x0, 0x2, 0x0, 0x3, 0x80000000, 0x3, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x100200000, 0xb, 0x6, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000, 0x1000, 0x0, 0x3, 0x0, 0xb7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x10000, 0x7785, 0x0, 0x4, 0x4, 0x8, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1000000000, 0x0, 0x80000000000000, 0x0, 0xfffffffffffffffe, 0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x100, 0x81, 0xfffffffffffffffd, 0x20, 0x0, 0x0, 0x2, 0x100000000000, 0x0, 0x3, 0x2, 0x0, 0x7, 0xc0c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffeffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x80]})
socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x4)
r4 = socket(0x10, 0x803, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffd}}}]}, 0x38}}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a80)=@newtfilter={0x224, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x1f0, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x2, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0x4, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_ACT={0x198, 0x2, [@m_ctinfo={0x194, 0x5, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x5}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x573a}, @TCA_CTINFO_ACT={0x18, 0x3, {0xfffffff9, 0x76, 0x20000000, 0x0, 0x80000001}}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x8}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x1}, @TCA_CTINFO_ACT={0x18, 0x3, {0xf, 0x80000000, 0x2, 0x0, 0x6}}, @TCA_CTINFO_ACT={0x18, 0x3, {0x2, 0x6, 0x10000000, 0xe2780000, 0x3ff}}]}, {0xfd, 0x6, "907ff805bdee4e64be0452bade655f1714b60ef202b9112e49947ea9202f628eae3807325ef820703baa679f77615fcff5182f3774644a4465d28df31e1f81f7c57a248cb755bf6a89ec6fc93e5ce90b55bcaa40e49a4ae82738bc1bda37c5529cbe7a2e9247be7d5fa0abe9b707887b836016334739278603b922741f534ff0bccd725eb60bdbf392eb76470c8e6d320753b42d9d5ff41e1c42cc2ae9b8e76e6b87ed17b88b80de45ee6892dc5905f9f173246e540e2c8702d4e43ee8b48a34b4cd90bc65c31d4d953fe58a1403937a3486568b194aabc551ffc18a6d359acc6ca75a116531a46b997e3967d8112543b5d5e435948f41f31e"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x224}, 0x1, 0x0, 0x0, 0x10}, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

4.909040587s ago: executing program 2 (id=5606):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
r3 = socket$kcm(0x2d, 0x2, 0x0)
r4 = syz_io_uring_setup(0x37, &(0x7f0000000080)={0x0, 0x36c4, 0x10100}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r8, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000003c0)=""/218, 0xda}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r4, 0xd81, 0x0, 0x0, 0x0, 0x0)
write(r7, &(0x7f0000000780)='5', 0x1)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000100)={<r9=>r3})
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r9, 0x11d, 0xf, 0x0, &(0x7f0000000240))
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/stat\x00', 0x0, 0x0)
read$sequencer(r11, &(0x7f0000000780)=""/35, 0x23)
io_setup(0x2e, &(0x7f0000000100)=<r12=>0x0)
io_submit(r12, 0x1, &(0x7f00000000c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x8, r10, &(0x7f0000000040)='^', 0x1, 0xfffffffffffffffd, 0x0, 0x0, r10}])
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r13 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000004080)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
read$FUSE(r13, 0x0, 0x0)

4.886983363s ago: executing program 0 (id=5607):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xe58, &(0x7f0000001480)={@local, @link_local, @val={@val={0x88a8, 0x5, 0x0, 0x3}, {0x8100, 0x7, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xe42, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote}, {0x0, 0x4e1e, 0xe2e, 0x0, @opaque="0ff307d3debcf2aa9d0a18d5ec9b76c631e4a4b29f8c322be5ee4bedfcab81c9bfe5577dd7e3958836945468ec6248431b5ce179b6d35bc2800859891508f3778bc4f83ce719179af29010a94c45c0c0c601cfdc6bb01d8b31fddfb2a643f7ced855c15ae674d0419626d4b376241f24796fb7480753c4dbda5cd1da3561616ae5b87082b6ded0ef9fe5a5f4a9799d3b2b4a0e05212c586acedbaa3b98334410f7955885891beb2c73fb0400789d643004f11c75d7588ba2e499595a83d6817a04464d1a51bf4c1631e83fb59aaf93d9a4dee3f9ced5d1431bb0742280df9da871c498406c76f72911c886b878106d49776047c74b929819a413529433acc8007c69cf5905dd1868c52f02182499140ddc1b4b97fdec95232fec75fa5cdb7bc472ef53a832d5df499d81ee00c97ae5519d8fdc301d9c53d14ddcd6875e0975856ea58c92ebb4b1c439f49ee6fff1e57854701b39caf940f330f6bbb923ba81a44b3141a277fe07ecb9b4fbc8ed95407d0bcea3f99579721c765b3ef4bff0f0bc6f219d7a42b33f3cd10f967dc219427a55befcb456730fd4bce4a589664d7ff2035bf71516d571b0449d63f9cfebf39627fa262e8e31dc4295a5de32e4c11b6a6d130c4507bccc6337d27f569b0bce3dff08cb3da037ec39d559a9e569f97d5f4ae881d9c60144e939017d19d990db54765b737660bacda3879fc3e678b1bf1e402f2ea34fad6e38dcb699f3085b5268238f5b67a823328989338f7ee9ccd20b21016d83f47bb87d22941f055bb28559c22e23dfdb75b6455102139f020f140ec9092d76438c4df3a77056330fe2196a349c8c86d1aa00454b98ee121a4611f56c5b44faf6bda4ddfd48cca8559981b288efe4e02fa92aecda04a1f7736e5e0063634b7add2a02a9b0cbc42a5607340c19519a534e9d75c0452a99ac86b690ce3e4efbe4cd6d0e0265cc8ef1ce270e46f4d33862c53460a3ae24500a3cc6b9cbece8540ca35e7272686959555603e594da245b1498cc98a7bf08adb5b8fc76b3f66f8b811c71278c1f7a4e535f0634a9aa58eda2051e6b13c5e33c164d1ea1d3eacee0fc924ce7419e8b9f3b84dde2c3105ca406fcdb5053d135111cc989d656ae70aaad26f53a6472c9e9292e7da677ea04fb3c59c6bed42e97b6a0e4f85bf71d5b6e9055d39fc70ed8bb8caf70598b6e10d07909dca6f206fa0489dfd8e395d404f59264ea13c6744eb013ac2f54ed10b8f241e78be1d4ca72432983d05ef3a1db9717b60ef2c76dc8056b7259c0fc8f3f94691631fc4f8687522233cc8da2b1a5e38608ff61afb5e411999d6c2ee53e5a87c5dd0e603ff92186b1ac50cb5a773675af61cc201a57a9ec3e9f7d44c59a8fe2ea86167be9cea75e184546c054b5789f9dc7d80969b756856fcefa77cb72f224e1f52b46e370c404b5a1def93705a16d047877cfb0b129dc0c0141b5c8cd10fd6f2d6e8e7ce77dbd84fc9f4850d71ca1acc3c93e8725508cac2897c6d55f7aae4be5132f0fbe1caf5222abddf05f6bdec13d9daff8d6abb09031c04dd15290d1cf4b23762667d2be343e6f8f99bb9db42027771482a99fed0de5314106252f6b9eb596749cfa03cd9ae07e3b75ef7e3be7bd9f080368ea779fdc09292122c5ba738c6c5444ca8167087a86688a05bdb6d8f56424a4bfdcba62054c37c13e3d2bb5300945ad47a3f72ce0af619b4083547d8382ec5e88c5c9db4b2d0254495c17a5598cb8fb1ff9a160adfe7da729e50ac01488c02cb492d1b4207952d9a550cced3a3d994e9450020c255fc9b5196dd6f24f042eabb0ffb6d3dcaf24ee0b3d043339d81a7ed4013319d2bb0da1b1221da1cda0e1f7e640d21487e233237432303a785b70fe8fd30544a99e4bbc44eafbcabc0c9f4e8a0c6f0e59575587494d0ee4e0a9b175db13c1feaed29338a0338d641c326515b2060d421121339ff660a4b1fb77cbe5b7babcb696bb88ef77cfdd9294effbe766e32dfb1787f6257aeaba94ad7b73369a1f8b5c983701477c915610462c34631c850e1778d412d69ad637bfb49c572b9ec4669a3be8e20bc534d090a043d0b9fbf7b7a35c349d725333c43b086457b7d0cbef4daca921a42fe173cdb44c5426c4246413b96dfa0de7bd4f20f111d746b307b50581ad1c047e89d6d5ed9cec4e32a6eaa07854440810a133b400b04327cc36b16223a8099c2480ed66ff5af37227c13fd3971781a730940ca3b74989af9e4459185a4836e99b13cff81381c528551543d43f206abeaf69cbf1f603ef10128ec111ed528f5a29b751865bb059629fb81fc33f649b61489da3bad2aaaf4c93708b0ae25a710abb980c677a39fff0364466e44e5d91e76a251ac2a5c3ffb90315354fa7f477559158acf8325d734ae14bb0bc1ce50954d74e61a133bc529b35dbb94c86076dce744ff65e37c91f00cb8bd14bcb7cef073b31d3862614e0cabdc991972297aa8cf18f1b82db1167bfa1486bcb57d6cb446ae954003a08911ea82b2cdf9a21f700cb9e95448515b597226e69ba52b86f5b42aa3f07de324933f129d2ca50daef858b641fb737ed0ecbed9612fc9026fc53f93b2647f2b855126bc822edd114bfaa8d3a54212c78753e4270f97a92ad21dc3a68010a35acd05a785821693308d6842c865b1bf524ae9f0fc8619ec011419a972eea8a5f762e2e64d2d2f27e4c054d83663f715bb3a1958d658413ec167de53cecd385c3eb388ec43b880f839a1ad6d166efd7ce441189c573248fa7fc7bc1a29f3c8da1e4d34f5da34a5f8fb01daa8764b27dd498d204a2421ecb6dbaa7642e1800f1d502afd7ba87426707546c66d618c4677621fc46adeac4a91e18bd2477ac24c9fd4f4702df2ca40303581d47d5c1fa9b2c6e6caea4b643a5b3adf892d6025d4ae1dd41535b8909a4a335c4358f123adf4aaeeb452ba9cc2efeed4c43b850a0271b8ea4de97dce3bfa6b1cb2c356c09da9347df1936d0dcdc5acc22a768dc5b453203be2945f8767a28aeb2a066103deea721fb020062f89abd7710e625603b5ccb394c7bd6c02b8546caae661b8495e9e552e856efa4a5690900f435e19009f6bae56340dae77ddf5b23ff19f90ce4e60788138da40710c730ee58ca3f9d57e5dabe552318868411e23756a578f425973efb4772087c6689c32b1166482b1f852783e565742d4d0025dec463fc3b807b2bd4f3e51b206c91c5983bd68cf1db692b75daff5be33a6b9d966d4e7d24a457267199294e8fe8c1e80dacf49636622d577f0aa1895e03caad217b6de2cc61951300dd0cdf2dd4d420933c0067639861f42a79a90ebd40efc6a97a3ed2d4d27b38834e452702a83a9571f635168a6d43e32565874563b076fe52cced45fe21e15be89be198afb3c9339709f44aa6181b20f155ed2cd32c4974adfd9b4b44177249da043a11e9bdbbac431da7a241cb88a23a64541e1291777ec9aa817035b2356e3023a6b1d3610f8d7c003981fb171a93d7e28ce5c67043cf067285509bb84d0a895e64ec7a25452223d1edd3627f850e6d29ab45da6ee5d6c87894cc879c7a39c91973cbf9403a16a2c4014fcfc043666463b821a330f02bdf6e0d3c7cc8a9ae3cffa0737f72e167195810eeb9b2453bfac1f6cc98ee787106b7345949b336c62a84ade4a72a70845485a986e2be3798c3d898942294dc298cfa13182bcb0f82f0712793d2665f0784cef1eaf79dd0ca80852d72cc05ab92b2b9cbf710259ab24fd30a3e88086423f6e4a3f0a34802be9c3cf76aa15357fef7cd9907858562ca0c368096f9022b36c1f0b6eceb6c3201edb89c16f4a8636d77705314ab1b5fcf81549b25faeeeb44a070135dcc7be5392d5a699e284e89be3f1c674abfe9be3b8fd9e2eede602ebbe0ed97e58cf784865704352517ff6b0fd089ed72684c64d7f7c3194fea4378e5cafe5a25d67d56609d0af35a48d89c5d15bcbe0e34b6c7cc7af208bf316a60de84a9aeaa9362a36803601827f8905419bebfd0051451f041836cc9733322b1a3836cff5f78cedbbaac8ff9da31a74f4f49b782e4065eea0c8ba9f3b901b35a7564638605f495f6855df0cc0ace3e03f675d34b168e4ec44264a9d4bd5b8deeb83fa74f02593d7d19bdf05c694253b5859f64c67051385c039ba91c243f7674ea3bf734fca0e67a8d44b6453dd7e8c8d5b0ffc38abe67a5b64f33e09ebf2f3ed563ad86de81effe84340999fed571ec3d108eb5117eadd6cdd50ff21851f18121c733670d62db0aaf917c06b51b27d5dbb87c38dcfcfe415e8b91151ee2d3abaf2d782c2e3ef0ef9f3c4be12be162c141904b6f8fd70bec878443bcc7bb5865185d4f3db9254e4a9eae06d7cf30753a675009fa4963e16c2cc6684c924c3db378eaab923384995f5d6a2eb1a4e119f87a1b173986fbf308a5d31f5af21b6bbef2144a0751a54ac54e6f43ca97e9f1de3ae4719f03cd9d433284fe634c7db0a51d4e85c105c8d48abe035a766cacd3fff46f740198b69004a79e6ad40493b3d70a0b49eaa92f88d020db333d3eb91c9f01e44f105fc7af696bfe6b4a18a436ef4da3a2e9ba278e32253c7da5aca46ac2f18e2ea496031ca24d583f4822073a94e322b47f595a816c7309cc79946ca9ef79ee603aec92c5a517e61212ffb8475e96cb6e6824482f002e1727a80ac74540231f818cd74a9dbf71f3d771dc19cda662b2a3a93b0bbc451ae1ede2e4154517a435c59afda3e48ad97891f5b6305e301a54e8ef8641e867c430fb8d6492b84d8401d81efb80e9705721837e9ce85affc378753d0f045253a5b0c779a3cab7c9d4aed2593b086d163f407803fc014ad063e4921c3365700647939d255bddd1c963dc1e8bd556b8150d2bcdceaa8f5e7682616fd37967914bb037974506abe20220c28d2ef10719945cc9cfed3ff1139104646b5404f4be34c65bcb751856a82c6420eeb87808ecd196cf103b013992230198dd31fed481355f3eb4a88a75bdc03447e824d091b784081c25f0b90ae1932a70235ddad20d53e9cd2b50eae7801c0f958ef9278beee54f62f7c66739051aa3d0a65f0dc74822f47b8cd6474d050bb7f067b427e9e18a1b29"}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000ff7f00000000ff00000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'vlan1\x00', &(0x7f0000000000)=@ethtool_rxfh={0x1}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x400}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610418000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)
r6 = open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r6, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x400000000001, 0x180, 0x20ff, 0x6, 0x89, 0xd615, 0x9, 0x0, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x5, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r6, r6, &(0x7f0000000080), 0x7f03)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r6, 0x40505331, &(0x7f0000000080)={{0x6, 0x28}, {0x0, 0x4}, 0x9})

4.265643994s ago: executing program 3 (id=5609):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0xdf}, &(0x7f0000000240), &(0x7f0000001880))
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r3, 0x104, 0x6, &(0x7f0000000440)=0x7, 0x4)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
ioctl$TCSETS(0xffffffffffffffff, 0x89f3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket(0xb, 0x1, 0x0)
r6 = syz_open_procfs$userns(0x0, &(0x7f00000000c0))
setns(r6, 0x10000000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r7)
sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x44, r8, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}]}, 0x44}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)

4.154373861s ago: executing program 1 (id=5610):
socket(0x28, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xfff}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffed1, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088018000c8014000b80080009000000fa00"], 0x44}}, 0x20000810)
r3 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r3, 0x701, 0x70bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x80800)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000880)=@delchain={0x160, 0x65, 0x2, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xd, 0xb}, {0xd, 0x4}, {0xfff1, 0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x130, 0x2, [@TCA_FLOWER_KEY_IP_TOS={0x5, 0x49, 0x8}, @TCA_FLOWER_KEY_ENC_IP_TOS_MASK={0x5, 0x51, 0x7}, @TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @local}, @TCA_FLOWER_ACT={0x110, 0x3, [@m_connmark={0x10c, 0xd, 0x0, 0x0, {{0xd}, {0xc8, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x2, 0x7, 0x8, 0xfff}, 0x98bd}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0x1, 0x6, 0x3ff, 0x1}, 0xd}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x244caa7b, 0xfffffffe, 0x1, 0x10001, 0x6}, 0x6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7ff, 0x101, 0x6, 0x7fff, 0x80000000}, 0x1}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x10001, 0x9, 0x8, 0x10000, 0x800}, 0xfff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x392, 0x2, 0x7ff, 0xff}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x4, 0x7, 0x3, 0x9}, 0x4}}]}, {0x16, 0x6, "29a533ee066e9dbb8ad155e38d3d081ed0ae"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}]}, 0x160}, 0x1, 0x0, 0x0, 0x4000}, 0x2004c0d4)
recvmsg$can_raw(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x40)
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000008c0)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4800}, 0x24000000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$DRM_IOCTL_AUTH_MAGIC(0xffffffffffffffff, 0x40046411, &(0x7f0000000080)=0xfff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000040000000000000e04000000000000000000000000000000000000000004000000000000005100000000000000000000000000000000000000000000000000000000009262dea7186d2d69ddd823d95251755d92a94483f6974e3910b535a763e0890e34d42c1039fe7f72ed6b325d3bbe27147391e0e3c81810ff3bbdd309b15a74530c25a645d0c6056a90c303b93d70bcc77e1462a74684e51f0b7c94913fd3c6f32e8aaa7262c3996daff132b056d5e4630af044a725fcbdd02bc6b9dcfe6107f051a70bc6782fe5e1b780da4c9af9c267bd99d584d4062accfd7c9d1497fe162a1014ae5b111775884567ffe03b8094482f0446bcc6e387f6bae6633516740e3e32e0454632fbd03df9055c93b03ea6e424210fc9abe6dce9ca6ac3ca6f57b74309e4698cd4155d6566b250de08b29bfed43d1337faee76"], 0x0, 0x52}, 0x20)
mount$9p_rdma(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x10, &(0x7f0000000700)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@rq={'rq', 0x3d, 0x4}}]}})
ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000000300))

3.924458569s ago: executing program 2 (id=5611):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x0, 0x2}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005000000fd0900008400000005010000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r5, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffff7fc, 0x0, 0x0, 0x3a, 0xffff, [0x4, 0x80]}})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8880}, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, 0x0, 0x40)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fddbdf257900000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990200000000000000ff0f000000000000000400f4000400f4000400f40053693af5167371dda27e9b1c62e59c2ee533ff1641f4ce6803e140ef2895ac1464ec0c655a0220deddd4376c1606f41a327a576fbc27d01d163780cfbdfd75fb9b5b1975ccba9fb5f7474f3c83012c0f6bef879d9fd9b98998989a4c168b6c364d51415ba292f9626a8319fc8f8730222a77594127bfe06ca767ca4e0acafc6ab8b3f021ad89df60063e09a555643b5fbf2087d6b9bae5ee3b61a4a26a81a5c53b4bad6e4a0afa2e45935bbd947ea88f3c0f7a91a28ddb6a3f7e5b806e19d2aa9f97ab476683"], 0x3c}}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
recvmmsg(r6, &(0x7f0000000500)=[{{&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0xbf, 0x0}}], 0x73d, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r8, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}, 0x76e0})
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r9, &(0x7f0000000000), 0x0)

3.385436646s ago: executing program 0 (id=5612):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xfff3}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000007c0)={0x84, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYRES32, @ANYBLOB="0303ffffffffffffffff0000000000000000", @ANYRESDEC=r7, @ANYBLOB], 0x1c}}, 0x4)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000900)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r8, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104340000df000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

2.818620362s ago: executing program 3 (id=5613):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r4 = socket$tipc(0x1e, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x60)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bind$tipc(r4, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10)
r5 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9, 0x0, 0xfffffffe}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x8, 0x0, 0x0, 0x9, &(0x7f00000001c0)={0x77359400}, 0x1, 0x1})
io_uring_enter(r5, 0xdb4, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000cc0)={&(0x7f00000008c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x8, [@datasec={0x6, 0x1, 0x0, 0xf, 0x3, [{0x4, 0x2, 0x2}], "8f54b7"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], '@'}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x48}, 0x28)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000000)={0x6, 0xffffffffffffffff, 0x21, {0x4, 0x1}, 0x6}, 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, &(0x7f0000000100))
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
socket(0x1d, 0x2, 0x6)

2.142210765s ago: executing program 1 (id=5614):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$watch_queue(0x0, 0x80)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d030100000000009500000000000000bc26080000000000bf67003fffffff00070300000fff070067020000030000001606000080ffffffbf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pipe2$watch_queue(&(0x7f0000000040), 0x80)

2.007748953s ago: executing program 2 (id=5615):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000640)='./binderfs2/custom0\x00', 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x100300, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
socket(0x29, 0x6, 0xff)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
setrlimit(0xc, &(0x7f0000000140)={0x7f, 0x3})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001b700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x6, 0x1, 0x0, 0x0, {}, {}, {0x0, 0x0, 0x1}, {}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a050000"], 0x118}}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000feffffff3d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf050000000000002d356000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc83df03395287fd51a700ea6553f304000000815dcf00c3eebc52267b042d196bde7c382d21ff79a8583a7482c5994747e19325b1ee980cbd800d845dacbcf5ad8cdbc7abf9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)

1.256774005s ago: executing program 0 (id=5616):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="85000000a0000000c3ff00000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x4, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xffe0}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x400}]}}]}, 0x3c}}, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r7 = openat$cgroup_ro(r3, &(0x7f0000000580)='cpuacct.usage_all\x00', 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_RESET(r7, 0x4141, 0x0) (async)
r8 = dup(0xffffffffffffffff) (async, rerun: 64)
r9 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/card1/oss_mixer\x00', 0x3, 0x0) (rerun: 64)
getsockopt$inet_sctp_SCTP_RTOINFO(r8, 0x84, 0x0, &(0x7f0000000440)={<r10=>0x0, 0x1, 0x8e, 0x46}, &(0x7f0000000480)=0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x1f, &(0x7f00000004c0)={r10, @in6={{0xa, 0x4e24, 0x8b, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}}, 0x36d9, 0x646}, 0x90) (async, rerun: 64)
write$proc_mixer(r9, &(0x7f0000000440), 0x0) (async, rerun: 64)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r6, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) (async)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) (async, rerun: 64)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x5}}, 0x20) (async, rerun: 64)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x3, 0x3, 0xf06, 0x1, 0x94, 0xffffffff, 0x5}, 0x9c)

1.256163502s ago: executing program 3 (id=5617):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0x4c03, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f0000000700)="53e960ffdf9b6886416dc3bc943d3488cc3b0d00000000000000000000000000881b0af29326eaa995cb017ec4c5f7dfc6985d989b08efb26eec9ef6c092e2aef7acf3b5de2561e166ad52a8802ad07ab1d2c47edf5b336e138628413a3ebdc0d5396347cf9c762da14bca24c5839c4ae5ab30408d42f597da30c70ab826fbf202c27d84c225b103e7e3824d468363048c24a5c4c1042db352178294188c19f85dd62e1e62a23cdb1bda775b247b27cdebd24aea02ab58c0e8a841f5f6cc1d0310a1ecab4dbc54b4ff122ea05455e962edf2d80d24ea8f9265ccbc6a2cb1c81d42d18cc71cf8f7a79ccfcc4e2739583a49ae0a0c73a1eee9a6be2238790570f301b9b43b619d86d3b9a3e07cc970a57e1b3daa78270998bcde395cff1b366a489887c483c070dea5fe5425487dd5b96809c3232ad4f4adb6071d621dc73f731145bd21d0b4d38791f40b1967a3c07e8798115dd60bff20412426f8853aa57a7081fb9cb44d606c5ece29f312b700881a6c00a0b3b483b525cb", 0x179, 0xfffffffffffffffd)
r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000480), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r5, r3, r4}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}}) (fail_nth: 4)

1.161476674s ago: executing program 1 (id=5618):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = accept(0xffffffffffffffff, &(0x7f0000002240)=@phonet, &(0x7f00000001c0)=0x80)
bind$can_j1939(r2, &(0x7f00000024c0)={0x1d, 0x0, 0x1, {0x2, 0x1, 0x4}, 0xff}, 0x18)
syz_genetlink_get_family_id$batadv(&(0x7f0000002300), 0xffffffffffffffff)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94)
ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f00000000c0)={0x2, [0x1, 0x3]}, 0x8)

537.436118ms ago: executing program 3 (id=5619):
setxattr$incfs_metadata(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)="2b6c461fae66", 0x6, 0x2)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000100)={<r1=>0x0, 0x3, 0x2, [0x80, 0x47]}, &(0x7f0000000140)=0xc)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000180)={0xd58, 0x0, 0x200, 0x5, 0x9, 0x2, 0x2, 0x4, <r2=>r1}, &(0x7f00000001c0)=0x20)
llistxattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/255, 0xff)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={<r3=>r1, @in6={{0xa, 0x4e24, 0x0, @mcast1, 0x8}}, 0x2, 0x1, 0x4, 0x1, 0x58, 0x30, 0xe}, &(0x7f0000000400)=0x9c)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000440)={r3, @in6={{0xa, 0x4e23, 0x8001, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8dc9}}, 0xd700, 0x8}, &(0x7f0000000500)=0x90)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000000540)=0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000005c0)={<r5=>r2, 0x2c, &(0x7f0000000580)=[@in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e24, 0x8, @loopback, 0x2}]}, &(0x7f0000000600)=0x10)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000640)={0x73622a85, 0x101, 0x3})
ioctl$SIOCX25SENDCALLACCPT(r0, 0x89e9)
ioctl$BTRFS_IOC_START_SYNC(r4, 0x80089418, &(0x7f0000000680))
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r6 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000006c0), 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f0000000700)={0x7, 0x0, 0x4, 0x80}, 0x8)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r7, 0x84, 0x22, &(0x7f0000000740)={0x8, 0xd, 0x86, 0x8001, r5}, &(0x7f0000000780)=0x10)
writev(r0, &(0x7f0000001900)=[{&(0x7f00000007c0)="ef13feb6d7d16445343d5347418ea8a7e168524fff12551d40e9b173c3a1a94b3aa71fd981e72b69ff7026869947714ba0cc2267bdc4448c757b8e619da682b99a6536d7eadad7f267e92b9cd6126a20c77318d72235a8764f810d2c619da898041903d537d4cd1ae9e295f0e97cb5a770fb8e4d3c13fe0e26e66d8a53f900576c68db2aa4ca1da2c69f8c4ec84d73459cf7e8c7b1f596169925c6feb144ee93801cef2e1d5d27e3a3b5b6449333b9df2084fc23c63119c7d987f50f3ffb4a7b94c689f87494f0f7eb888a6a75dd57426f73ff98cb69447831f315ab5208e7d90846a514dd6a3151349b64d18e6cf0ab3431fb603d6966242f71849cfe1675adf7db99ed87aca050dfe3f0d4d7110e380e32fcba7d397ff8a8cdacfba81ce6eda5fddaf5f1e99b8ba46b19b9b6380e1352e8ef58d95d0cfaa2af808a7d1446a9611705459d1eee6772d2679e87318cc23a3d7dab0d4ad853e8bf172ec559f679df493e74e6dd5e3845d45013884654d8472acf333ccacbe85d20d607f605cc6435251a1486bb41c23a7f7eabbb9c199ff5eb977c88bf8816155657738bda919dc9afd7e16fd3ec03a64abfeb33a1da886e95f8425be65dff2b26313213f20c2844ae2889aab31bb941d930c6f452c32cea90dfc16c935c1d2ff7f1a1adbebd5227b31c43e968a7e83995c29741c0915ec20cf7bc1b12a7cff305bb040894adf349e3766d075ed435658d8fcab0d6ad4dcebf303c3db02910026e32050587a60739ae8d80a0f9dae8f51b90063420ca468ed4b9311c204801c91527572e12134f0a279bcfc25391cb116b6d258b99bbf78e4d4339d72b87d211096fb376212e7cd538f4547c72900d913c0658bc6e00d7e232993d863bfa9e21f64814b432928f7f6703501b6834cb5884a76f4f67506d31588dd7d9ca48b73dc8e01c513d56b4052bc2825660b1ef0040f32d85f5fa5911e186f916174a3c85b3762189db39dfa1726b2f16280046e1c1161bafc89a7d24d2fc649da8c2429faf6383bff4aa2f95c5bb848c893622bdbc45b9ee21045949107ace38807e400eff9474dc3054117ab23a151942f54a84a94a4f38c274ce7845063d9f2025aebc5b9ccec5fb51421457b7a5d02da814988cd9a7e25cca167b394658eae4710cdb0ac6e30f1cf9d38d33e8969c4e727c9c2de6b5c31ebe47810588d9392877c13d96086c3b0046b2d2283bcae6787b67b502de47c5845a3caed1f3718efc6a39db3d37af75a25ca6d5bc278a2722c79f0a3bb0fe4cc345e4776fbfddae2863d67ad80e24849511b284369e2af6c732ba89a567684ede0090f183d7d0cd2fb39aaf176fb9877c6fdaa24f556dd6754f8f11d6c7ff68deb4810a70a5a7fae2105e67b7c80d207b2cd0a33ee78320df6bfcc11e5a1f20d8949f1a2c42444314a04b79142fd19480becd0921f2eaa22584258acdebc716b7b8c2a772f596fc77412070b6dc5d4245ebb97da0cfb1f1bada6787ed21912088283cd3f41924382c4bd70c8a2e8666a0aff2c9987c30c191cdaaa19ea107a4a07abcdf84ef04a8431d66815832ef4a7011072af8738f370d5edd4fcd60b943e84e15720264787a0f887dd6e707e3cf6b8c93ea3b52936a69e55f546b446ccf40e9ea7a8eed44ab6f2390b53192df116012500b133e813140f37442e8fe99bd3f8da000c87075567d9944c4f959dd897c5ad5c8e5d854425d3c45d6b5702c278754510c3c8cdca8d114718659ea7c31fa6d33e90ec1c1102ead68e20e27177471e85e283016c04e6896a9c5a23aab5c768c9acbdcaf98a4f504a08c6c42b5c68ed9d0ae901b0802ec6209d901ef75a350965a3512a20cbefdbd23e187d18c25dcc20f8b79056c5ab4fc7916eb70e186cab8bd028e78a6ad6f4e089352431da76afaf9024466b5b040d2dbaa35137e38f8b2f46e1a9909479e8da210cca76ab1bf3e894d313512b05cbc1a38eb9b25b4942b626d2aa835a62324200aaf8fea40998107cc31943c78db75c06a1a4f5388c913761d632589931eecc0be9ce756fdcfa8935594ec77aaa901310a4a54399904f25fc83b9256edd1e54f46a2401e62e4b909a7bc576650ac9617830d64e5ce832e290e34c6b4fe70701eac3758373f77dee5a2a9eb6fe973052741f033acad86236d95c65b0c8880231f4e2c0a88895d067e1da2ad7cc8588fb3b7fc26c93236697c1f04fdf27e527b73dfa000575357d1a1cadbba9deece5b25daaa94f10852ac654e72fc254bc6b0bd97710a90ba1b6ad2ea44d2bcba4ebbc81dc323d79d6638031af42e08da34655da995fd2935f0bb596763b0968089bffd58ed29e9b09c78bc2a1ce327cd8ac443085a7dbcaeddd0fe56864ee161f2fa30ab3936f68aef8b4ba0496155ce4585175f0c22f3f40386f3fa0d68cecdb1846e18f08b32c70fd7d38bc8242485088750fe6b039722e71965622db40d66754fbb374d860f8aef77a344f94fc1d0350ceb83c77a3425b76ea9b7fc797223220025503f16699751c7eaf8e12a1dafdde8470f3f89f0eb3a262436053bb18a21c4e719a70a9405e433cf64f5f6efda049d656827284d51878775b8ace1a6c392c302ccca1c3151c18bbaaf8c9ccacc9c363d3402c10962f1b0d59664334a8ee16f765fd21c660647b535af99dd76b1beee47355f79ea667636e69335fd30f43c3e3e5e980ba179cc4bf06c0a6f6e933eaca0852a794fc573ac04352f883edbc904da2e783c0387669ad28dce2dfc50b0fb8e83ee56dd6084e88e8f06fe1195a0202f4d728a5beba6f8f40e9417af6c5a53943abf5b3df106992405c1dbd4814223c03c9a90b82c4d4a868f0a625b308b965a6bc638c7a80bf744d5d836c79d46f67606d21b03fe392e8c0ddd860c900fe2bec23895133940e51c7ee559d5c6b10ef392647823f4de99ef5fc85c28836f710b8a59c66d78beedda8bbb5c479c711c2073cd0df7d17fb096a97f60e01634b0703924015ba82fa62d649afb853ed1c4782e67ae6e8f865e469bf171bbcbb101bda3695ba6c40dc6d3d85c16a5cf4172a6435b29ac20cff255eb91277c8270af1edf5eef5ef94b6d16cb27a85e3dee63874b191c81a272d8fa763255d4048c879c4b3809f71ff2398417608be74a0b781852a6c6f44498880283be0fd946fbfec9c54b9bbf4ba7006058be2b98382b58ac8164a90bda6ac2c340e9e9a85f45852b1aba573f95fd4ca00ddeebc44d2bbc4193a1bcc2b63457978d362e040c225d558229c50f06842c289a75ab53bd147dfbaf4d6a5d23111370e5a20adfde4d020d5e96fc9a0b0e44fc1c13d6c39ed32ba8591169505df06232d4da7d2c7ca85c9fe8ed0233af3f28689222f18302175a01af4f8e98ad701a9f0f8eb7ab622619d3b7b7579aa9b6ab944bd7a3fbdd90991b65aefe608af7dc2bc8cf4cf0aa6ca7dacd6ca87b33a845ab02cc38eb0e46727ce8fb90411f84061ca267f274fa742c97890c227f7253476f5faa7de3b67302e76e689f103fd427e81df4d73ca63853ad78cb902d6a7b7f1c3881ee0315843a5c61d1ec158b97976d6ac82dbed7e4ccddd6fab36f7e866ef7f3c927c4726320b4a457bedea530d0d96e3ada3b7548b93f30ea7f1d479fc3e69e8b47c4a52d52abc80c84b1b6ff793bbdb12417ad11a9b8ba0a8b5c63bc351832c1778b21010d3fa8ef4f28e85594d4067f6f074e342d966e91d8125c5434370b0ba21a73731f627204f0006cddcb3545192f8293e5d51c394563c7d9928d988469647e5d7119ac3830db4c7943a50a5da800276b4e9b23742c1b761e78d167e62516e861c68d1aa8db6379fbe43eee2a62ac4e1fbfb6aca0e9573971c6b26ab79eed3046beec5aff387bb205d199e360d1654895b831a551c90f631d05a700453499a67e18de9709a278b1fd5dd16aad60fd7074c5a219bb5130e660f8ad639413266bad3a6b17f6f27c55e15781e52a499e2c51f9ff6bedae4fddd0deb4e739f9222547ee610ce6f7dec3b6cfa246a4ad648ec0a3f718f663ccd058b65fd1f9e84a5d4306bd2a1c641665c6258076011b6ad6d1a72d28f9ff2ee52634f6a1b2f244bc320a75c1372b548f46b3ecc26d390faf3dd1c8a28b3814f784990565abf16ced9711e18469a3a287d8ec02723b8f4842cb5f7e774235cbe75abd3fc21e346b9efa96f6f434de7c796681aaa64264529391be667608aa0e12b9234dd1111ce6af6679c066fc2e8204a98b65c1f96e494f576092a41256d22468b066e4bb04cd43d92ed397534f2a9a5bfa3070cf9125431225f3ac03b11dab594209d337e54b0bb7e7428b144b92506a66144fcb878721dfd9d2f5241971efa829c6e18fa72d54a054e06ed48dbe8eb1f8c7d2db1036c85d9a9bd9d77724493f36ebdbc793b17a12fa0058e9e3785867f023ca9927a721420fe39425cfd394eb341d744029e0dc3af15bd180b7ded315f60e65dc8d2db905ec4aa5abb6499b2e09998a4eb5feb4dc8f7c90af0feacaf6fdd4c317d0081afe40c99c8ff5ff06440e053534b31b6944d99f2766925db43def9246428d3bb9d3282c65850cf0d8cd9bb8b5b1e57ec506b120d87af8aa7bef855993ea419f79953b95faac60f65b963623ea2a5deda7c0700ccbd5eea34c680ebbc48cbc2b3891745248c36fc549122d621795e67a870aa03f9b88662b189098313435e4346aca6d94e2746b8503161dd0cbedb8b8cee0cb33d12d9fcb77c1420d27b2f5f0c20dd1fa3138e3f1dc9359f90c0674b6b4e13c32a57b502821a610a1993bc5042540b513bcaa1ac9d8501454b8ddc092545cae27da86a225b4ec6d1947bdde5531d63a5c4980cf95aeb2c9dd475efeb275a766f8309c897aff6bd1503e37b243be58d3a872f47bdf438156cfceac612d4b21bc6be600a55ac62bc48407509e89ec1171019826957784e833914438864a6ec449e96391d99c378cb95d26efc194bb96cf53ac118ff02f15f5ea0584572e368b76c0ff9d4fe7cf4899a95f7973a0b9073fe84f00a0d5fe0aa7d0daf9f85b25ce8868862640e82ccabdd3a47be8790b45701647469779e53cdd6942511b949ae48bd49011f7702e8f7bdfc93a37070f2e7370452800c434282726c82b7f38c9f1e1694e81627d4cd7c4cac89e2bb8c9dad5e9355699fb8164b0e3d87e86d0bb0d824028083d6a343f65631f3f65e2722d2fa34bf4f891cedeb34ea9efea33f686b6a831d63e5d47a77a9bb85895c710104340d0a7c1d2b93656ac18d1e82d55b8582c92556dd34633a42069f65382705b045091b6d33a46fb4939c430317ac4dd6c43815004698c7af6986dd266404f5b0eee941ada75ca412644abdbed75714b126002bbfb59e62ceab902d58c712c7755124ff49d552bdd4dcedd1294dde492a6664ee25e5413ed9ced126734b12e4efbeeee931719b6c783728589faad7fbc66499140f112686a96705483f09529d6798580f008520665b2660a2628dec87f3b3e4534cc4c2c42e3ecb38456b8c93d43292dbd46ab907939db60ae18b2c2691971719c82b18b1995e419bdb3f19b28a165b5948d4180510f3151d7f733c23e6100d1eac06f5210ebda019edfad40c880e8e015c71bf1a0a086a22d0e4aa84c42e8bb20cfe379cad7f0e7ddd50e6e0bcc14d7ac1f46245b885dfd2989a8df1e82dfd633db8826b31491f6a2866350fe3ab6c351e5b31b56573ef76b85dbe7b6543e8b1e95dae09c91647b5e1eabce45f485547e9b3eda3cfbb8656403d892e8e33b13f54f6481f062541f", 0x1000}, {&(0x7f00000017c0)="ee56943f8de459e23d477fe12599b2a37677375f7fc82f4ea57025a962461eb6444f10125a203020285e559bf4abb22720a0977923cfd8d89b9f0e12df7dc6e1e507688b3ee60aca56d313bee5ace07c8652a6ca506da673764d4dde57482823f8327f61b7081667ee6983d83534514ed527fd3177ac04bbd0fc30d86c88df07", 0x80}, {&(0x7f0000001840)="a729d1aff4987a37b30681d6a99e2231ce69429314f2b56b6924cde5d8247d35773f551c514829aeb06f6dae911bf04cf51c151653858abea79d630cfbd50ec1ced4cec5aa66d902be80e1d67ce907a66b8c02ae2c5b95f210968d3295eb2bf624e54df04f103748aa36648c7464277286dbc252e2727f5d64afb9e67334973974f1e62f955fcb2a268550f6605e5b99168f924de65c34e0ecb38bd902fe8466cc795a3dfa8fcbb4d1844fbc8f02", 0xae}], 0x3)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000001940)={r3, 0x9, 0x8, 0x10001}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f00000019c0)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{}, 0x0, @in6=@mcast1}}, &(0x7f0000001ac0)=0xe8)
read$FUSE(r0, &(0x7f0000001b00)={0x2020, 0x0, 0x0, 0x0, <r9=>0x0}, 0x2020)
lchown(&(0x7f0000001980)='./file0\x00', r8, r9)
syz_genetlink_get_family_id$l2tp(&(0x7f0000003b40), r0)
r10 = signalfd(r7, &(0x7f0000003b80)={[0x7]}, 0x8)
setsockopt$inet6_tcp_TCP_CONGESTION(r10, 0x6, 0xd, &(0x7f0000003bc0)='dctcp\x00', 0x6)
symlinkat(&(0x7f0000003c00)='./file0\x00', r6, &(0x7f0000003c40)='./file0\x00')
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x21)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000003d40)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000003e80)={0x18, 0x8, &(0x7f0000003c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, [@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x5b}, @call, @ldst={0x3, 0x3, 0x4, 0x9, 0x7, 0x40}, @func={0x85, 0x0, 0x1, 0x0, 0x5}]}, &(0x7f0000003cc0)='syzkaller\x00', 0x6, 0x2f, &(0x7f0000003d00)=""/47, 0x41100, 0x11, '\x00', 0x0, @fallback=0x23, r11, 0x8, &(0x7f0000003d80)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000003dc0)={0x4, 0x5, 0x6, 0xbf}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000003e40)=[0xffffffffffffffff], 0x0, 0x10, 0xf}, 0x94)

520.324769ms ago: executing program 33 (id=5576):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e0000001050004000100000008000b0027"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0xffffffff00000001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x2, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x2c}}, 0x4000)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x78}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r2, 0x80045505, &(0x7f0000000000)=0x1)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x49a, &(0x7f0000000100)={0x0, 0x79af, 0x400, 0x8000, 0x400246}, 0x0, 0x0)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x100)
epoll_create1(0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r8, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)

445.658315ms ago: executing program 2 (id=5621):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}, 0x1c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0xc, 0x1)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000000c0)={0x2, 0x0, 0x4, r3, 0x3})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f0000000100)={0xeeef0000, 0x1000})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x2, 0x5, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2], 0x8080000, 0x1144})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)

293.791895ms ago: executing program 3 (id=5622):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000010000000000000044000500"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

293.311759ms ago: executing program 0 (id=5623):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x49a, &(0x7f0000000100)={0x0, 0x79af, 0x400, 0x8000, 0x400246}, 0x0, &(0x7f00000006c0))
epoll_create1(0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

248.59823ms ago: executing program 3 (id=5624):
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, 0x0, &(0x7f0000001080))
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000ac0)={0x0, 0xd0}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x8, @empty, 0x5}}, 0x0, 0x0, 0x7fffffff, 0x5, 0x8}, &(0x7f0000000040)=0x98)
getsockopt$netlink(r4, 0x10e, 0x6, &(0x7f00000001c0)=""/223, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
link(&(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)='./file0\x00')
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x4000}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8})
ioctl$EVIOCSFF(r0, 0x40304580, 0x0)
rt_sigtimedwait(&(0x7f0000000300)={[0x800]}, 0x0, 0x0, 0xfffffde2)
gettid()

147.136669ms ago: executing program 0 (id=5625):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
socket(0x8, 0x80000, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x80000)
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000140), 0xd, 0x0)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, 0x0)
r5 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r5, 0xc100565c, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000001280), 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x6000, 0x0)
ioctl$TUNGETFEATURES(r6, 0x800454cf, &(0x7f00000000c0))
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3ff, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r7, 0xc0d05640, &(0x7f0000000040)={0x2, @vbi={0xbd, 0x8, 0x47425247, 0x41495043, [0x3fe], [0x7fff], 0x1}})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040), 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x8, 0x20}, 0xc)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r8, 0x2284, &(0x7f0000000080))
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x121001)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r9, 0x6, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)

0s ago: executing program 1 (id=5626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002900)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x2, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x6}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @multicast2}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @broadcast}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000000c0), 0x80002, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x2408c004}, 0x7000000)
ioctl$SNDCTL_SEQ_SYNC(0xffffffffffffffff, 0x5101)
ioctl$SNDCTL_SEQ_SYNC(0xffffffffffffffff, 0x5101)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000060a4fdd99a98e6dfb2d0000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0x60}}, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x147182, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
r7 = dup2(r2, r1)
readv(r7, &(0x7f0000000480)=[{&(0x7f0000000040)=""/81, 0x51}], 0x1)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x13, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x20000081, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0xfca804a0, 0x8, 0xe, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000100)=""/14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

kernel console output (not intermixed with test programs):

ep0 maxpacket: 32
[ 1727.297150][   T10] usb 2-1: config 0 has an invalid interface number: 231 but max is 0
[ 1727.305555][   T10] usb 2-1: config 0 has no interface number 0
[ 1727.311881][   T10] usb 2-1: config 0 interface 231 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1727.322694][   T10] usb 2-1: config 0 interface 231 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1727.335422][   T10] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[ 1727.344642][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1727.352897][   T10] usb 2-1: Product: syz
[ 1727.357500][   T10] usb 2-1: Manufacturer: syz
[ 1727.406352][   T10] usb 2-1: SerialNumber: syz
[ 1727.438745][   T10] usb 2-1: config 0 descriptor??
[ 1727.446815][T32275] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1727.454116][T32275] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1727.472672][   T10] plusb 2-1:0.231 usb0: register 'plusb' at usb-dummy_hcd.1-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1, 0a:fb:3d:c3:19:2c
[ 1728.772197][   T10] usb 2-1: USB disconnect, device number 126
[ 1728.778929][   T10] plusb 2-1:0.231 usb0: unregister 'plusb' usb-dummy_hcd.1-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1
[ 1729.051560][T32338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1729.062932][T32351] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5074'.
[ 1729.077253][T32338] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1729.160261][T13520] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[ 1729.314250][   T10] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[ 1729.332875][T13520] usb 6-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[ 1729.341880][T13520] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1729.367032][T13520] usb 6-1: config 220 has 0 interfaces, different from the descriptor's value: 184
[ 1729.400949][T13520] usb 6-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[ 1729.420612][T13520] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1729.440618][T12900] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1729.480271][   T10] usb 2-1: Using ep0 maxpacket: 8
[ 1729.492770][   T10] usb 2-1: config index 0 descriptor too short (expected 9, got 0)
[ 1729.500999][   T10] usb 2-1: can't read configurations, error -22
[ 1729.622968][T12900] usb 1-1: Using ep0 maxpacket: 8
[ 1729.646655][T12900] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1729.656232][T12900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1729.746458][   T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1729.764906][T12900] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1729.777305][T12900] pvrusb2: **********
[ 1729.781313][T12900] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1729.793907][T12900] pvrusb2: Important functionality might not be entirely working.
[ 1729.803443][T12900] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1729.862269][T32383] RDS: rds_bind could not find a transport for fe88::6, load rds_tcp or rds_rdma?
[ 1730.250730][T12900] pvrusb2: **********
[ 1730.290471][   T10] usb 2-1: Using ep0 maxpacket: 8
[ 1730.521262][   T10] usb 2-1: config index 0 descriptor too short (expected 9, got 0)
[ 1730.535279][ T2336] pvrusb2: Invalid write control endpoint
[ 1730.539300][   T10] usb 2-1: can't read configurations, error -22
[ 1730.550528][   T10] usb usb2-port1: attempt power cycle
[ 1730.664980][ T2336] pvrusb2: Invalid write control endpoint
[ 1730.673591][ T2336] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1730.686824][ T2336] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1730.698932][ T2336] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1730.710008][ T2336] pvrusb2: Device being rendered inoperable
[ 1730.726778][ T2336] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[ 1730.795171][T32396] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144
[ 1730.810319][T32351] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=32351 comm=syz.0.5074
[ 1730.827512][ T2336] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1730.857969][ T2336] pvrusb2: Attached sub-driver cx25840
[ 1730.865190][ T2336] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1730.875763][ T2336] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1730.890286][   T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1730.910697][   T10] usb 2-1: Using ep0 maxpacket: 8
[ 1730.917610][   T10] usb 2-1: config index 0 descriptor too short (expected 9, got 0)
[ 1731.068522][   T10] usb 2-1: can't read configurations, error -22
[ 1731.254622][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1731.287808][T32408] binder_alloc: 32403: binder_alloc_buf, no vma
[ 1731.519422][   T10] usb 2-1: Using ep0 maxpacket: 8
[ 1731.536017][   T10] usb 2-1: config index 0 descriptor too short (expected 9, got 0)
[ 1731.544173][   T10] usb 2-1: can't read configurations, error -22
[ 1731.574742][   T10] usb usb2-port1: unable to enumerate USB device
[ 1732.344278][ T5958] usb 6-1: USB disconnect, device number 26
[ 1733.956687][   T30] kauditd_printk_skb: 53 callbacks suppressed
[ 1733.956702][   T30] audit: type=1400 audit(1754757161.485:2968): avc:  denied  { create } for  pid=32454 comm="syz.0.5086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1734.041229][T32455] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[ 1734.081840][   T30] audit: type=1400 audit(1754757161.535:2969): avc:  denied  { name_bind } for  pid=32435 comm="syz.3.5081" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1734.104318][   T30] audit: type=1400 audit(1754757161.575:2970): avc:  denied  { setopt } for  pid=32454 comm="syz.0.5086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1734.125247][T32458] vivid-000: disconnect
[ 1734.134783][   T30] audit: type=1400 audit(1754757161.585:2971): avc:  denied  { bind } for  pid=32454 comm="syz.0.5086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1734.216558][   T30] audit: type=1400 audit(1754757161.745:2972): avc:  denied  { getopt } for  pid=32454 comm="syz.0.5086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1734.238473][T32465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5085'.
[ 1734.392324][T15020] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1734.897977][T32455] vivid-000: reconnect
[ 1734.909235][T32475] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5087'.
[ 1734.909554][   T30] audit: type=1400 audit(1754757162.425:2973): avc:  denied  { create } for  pid=32466 comm="syz.3.5087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1735.044193][   T30] audit: type=1400 audit(1754757162.425:2974): avc:  denied  { write } for  pid=32466 comm="syz.3.5087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1735.262813][T32484] veth1_to_bond: entered allmulticast mode
[ 1735.321090][T32484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5091'.
[ 1735.425852][   T30] audit: type=1400 audit(1754757162.955:2975): avc:  denied  { accept } for  pid=32483 comm="syz.1.5091" lport=33573 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1735.449590][   T30] audit: type=1400 audit(1754757162.955:2976): avc:  denied  { write } for  pid=32483 comm="syz.1.5091" path="socket:[100220]" dev="sockfs" ino=100220 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1735.501419][T32484] block nbd0: server does not support multiple connections per device.
[ 1735.616649][T32484] block nbd0: shutting down sockets
[ 1735.945813][   T30] audit: type=1400 audit(1754757163.315:2977): avc:  denied  { open } for  pid=32486 comm="syz.0.5092" path="/dev/ptyq5" dev="devtmpfs" ino=124 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1736.036182][T32483] veth1_to_bond: left allmulticast mode
[ 1737.520441][T14493] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 1737.540236][T20583] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1737.760250][T20583] usb 2-1: Using ep0 maxpacket: 8
[ 1737.812121][T20583] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1737.840447][T20583] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1737.850970][T14493] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[ 1737.859057][T14493] usb 4-1: config 0 has no interface number 0
[ 1737.923304][T32536] overlayfs: missing 'lowerdir'
[ 1738.347551][T20583] usb 2-1: config 0 descriptor??
[ 1738.362715][T14493] usb 4-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1738.389621][T14493] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[ 1738.403897][T14493] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1738.425723][T14493] usb 4-1: Product: syz
[ 1738.434382][T14493] usb 4-1: Manufacturer: syz
[ 1738.443892][T14493] usb 4-1: SerialNumber: syz
[ 1738.465289][T14493] usb 4-1: config 0 descriptor??
[ 1738.620489][T14493] yurex 4-1:0.50: USB YUREX device now attached to Yurex #0
[ 1738.979839][T12900] usb 4-1: USB disconnect, device number 119
[ 1739.009533][T32557] netlink: 'syz.5.5106': attribute type 2 has an invalid length.
[ 1739.012531][T12900] yurex 4-1:0.50: USB YUREX #0 now disconnected
[ 1739.026852][T32557] netlink: 'syz.5.5106': attribute type 1 has an invalid length.
[ 1739.309706][T32586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5110'.
[ 1739.373383][T32586] netlink: 'syz.2.5110': attribute type 15 has an invalid length.
[ 1739.500296][T12900] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1740.146533][   T30] kauditd_printk_skb: 52 callbacks suppressed
[ 1740.146549][   T30] audit: type=1400 audit(1754757167.675:3030): avc:  denied  { read } for  pid=32582 comm="syz.0.5109" path="socket:[99197]" dev="sockfs" ino=99197 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1740.163324][T12900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1740.202242][T12900] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[ 1740.217627][T12900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1740.228707][T12900] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[ 1740.268118][T12900] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[ 1740.282827][T12900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1740.300764][T12900] usb 4-1: Product: syz
[ 1740.306850][T12900] usb 4-1: Manufacturer: syz
[ 1740.312357][T12900] usb 4-1: SerialNumber: syz
[ 1740.322311][T12900] usb 4-1: config 0 descriptor??
[ 1740.331138][T12900] ums-isd200 4-1:0.0: USB Mass Storage device detected
[ 1740.451613][T32605] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1740.551505][T32572] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5107'.
[ 1740.578312][T12900] scsi host1: usb-storage 4-1:0.0
[ 1740.598031][T12900] usb 4-1: USB disconnect, device number 120
[ 1741.240121][T20583] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1741.453168][T20583] asix 2-1:0.0: probe with driver asix failed with error -71
[ 1741.596421][T20583] usb 2-1: USB disconnect, device number 5
[ 1741.728374][   T30] audit: type=1400 audit(1754757169.255:3031): avc:  denied  { setattr } for  pid=32628 comm="syz.3.5114" name="ttyS3" dev="devtmpfs" ino=619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[ 1742.220547][T32650] random: crng reseeded on system resumption
[ 1742.226723][   T30] audit: type=1400 audit(1754757169.755:3032): avc:  denied  { append } for  pid=32648 comm="syz.3.5119" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1742.295867][T32654] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1742.645307][T32663] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5121'.
[ 1743.517504][T32689] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1743.680228][ T5958] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1743.699498][T32691] tmpfs: Bad value for 'mpol'
[ 1743.860237][ T5958] usb 4-1: Using ep0 maxpacket: 8
[ 1743.886047][ T5958] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1743.895229][ T5958] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1744.048689][ T5958] usb 4-1: config 0 descriptor??
[ 1746.314059][   T30] audit: type=1326 audit(1754757173.075:3033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.341166][   T30] audit: type=1326 audit(1754757173.075:3034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.402403][   T30] audit: type=1326 audit(1754757173.075:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.431591][   T30] audit: type=1326 audit(1754757173.075:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.477241][ T5958] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1746.488482][   T30] audit: type=1326 audit(1754757173.075:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.536392][ T5958] asix 4-1:0.0: probe with driver asix failed with error -71
[ 1746.577027][ T5958] usb 4-1: USB disconnect, device number 121
[ 1746.696601][   T30] audit: type=1326 audit(1754757173.075:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.726370][   T30] audit: type=1326 audit(1754757173.075:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.751799][T32725] 9pnet_fd: Insufficient options for proto=fd
[ 1746.790270][   T30] audit: type=1326 audit(1754757173.075:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1746.901315][   T30] audit: type=1326 audit(1754757173.075:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1747.018156][   T30] audit: type=1326 audit(1754757173.075:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32705 comm="syz.2.5130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1747.169022][T32737] lo speed is unknown, defaulting to 1000
[ 1750.564771][T32761] lo speed is unknown, defaulting to 1000
[ 1750.809987][  T327] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[ 1750.826891][  T327] netlink: 'syz.3.5142': attribute type 10 has an invalid length.
[ 1751.120668][  T353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1751.187736][  T353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1751.500715][T20583] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1751.660273][T20583] usb 4-1: Using ep0 maxpacket: 32
[ 1751.686023][T20583] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[ 1751.708339][T20583] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1751.723671][T20583] usb 4-1: config 0 has no interface number 0
[ 1751.739981][T20583] usb 4-1: config 0 interface 184 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1751.763637][T20583] usb 4-1: New USB device found, idVendor=0bda, idProduct=c812, bcdDevice=8a.3a
[ 1751.773563][T20583] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1751.781762][T20583] usb 4-1: Product: syz
[ 1751.785907][T20583] usb 4-1: Manufacturer: syz
[ 1751.791314][T20583] usb 4-1: SerialNumber: syz
[ 1751.799698][T20583] usb 4-1: config 0 descriptor??
[ 1751.920218][T27090] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1751.970429][ T5958] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1751.996377][  T399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1752.005257][  T399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1752.017664][  T399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1752.027849][  T399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1752.032164][T20583] usb 4-1: USB disconnect, device number 122
[ 1752.080755][T27090] usb 6-1: Using ep0 maxpacket: 16
[ 1752.087317][T27090] usb 6-1: config 8 has an invalid interface number: 206 but max is 0
[ 1752.096243][T27090] usb 6-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 1752.106613][T27090] usb 6-1: config 8 has no interface number 0
[ 1752.112784][T27090] usb 6-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87
[ 1752.124596][T27090] usb 6-1: config 8 interface 206 altsetting 1 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1752.135742][T27090] usb 6-1: config 8 interface 206 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1752.148808][T27090] usb 6-1: config 8 interface 206 has no altsetting 0
[ 1752.157728][T27090] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[ 1752.167039][T27090] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1752.175687][T27090] usb 6-1: Product: syz
[ 1752.180014][T27090] usb 6-1: Manufacturer: syz
[ 1752.184682][T27090] usb 6-1: SerialNumber: syz
[ 1752.190271][ T5958] usb 2-1: New USB device found, idVendor=1740, idProduct=9707, bcdDevice=34.de
[ 1752.199309][ T5958] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1752.209208][ T5958] usb 2-1: Product: syz
[ 1752.213699][ T5958] usb 2-1: Manufacturer: syz
[ 1752.218293][ T5958] usb 2-1: SerialNumber: syz
[ 1752.225107][ T5958] usb 2-1: config 0 descriptor??
[ 1752.410325][T13520] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[ 1752.424975][T27090] garmin_gps 6-1:8.206: Garmin GPS usb/tty converter detected
[ 1752.434417][T27090] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[ 1752.437153][T20583] usb 2-1: USB disconnect, device number 6
[ 1752.445443][T27090] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[ 1752.468129][T27090] usb 6-1: USB disconnect, device number 27
[ 1752.475929][T27090] garmin_gps 6-1:8.206: device disconnected
[ 1752.561866][T13520] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1752.572092][T13520] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1752.589190][T13520] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1752.598523][T13520] usb 3-1: Product: syz
[ 1752.603085][T13520] usb 3-1: Manufacturer: syz
[ 1752.607675][T13520] usb 3-1: SerialNumber: syz
[ 1752.612415][   T30] kauditd_printk_skb: 39 callbacks suppressed
[ 1752.612429][   T30] audit: type=1400 audit(1754757180.135:3082): avc:  denied  { name_bind } for  pid=437 comm="syz.0.5150" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 1752.890938][T20583] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1753.227908][T13520] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[ 1753.250479][T20583] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1753.268282][T20583] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1753.281396][T20583] usb 2-1: can't read configurations, error -71
[ 1753.459887][   T30] audit: type=1400 audit(1754757180.985:3083): avc:  denied  { read write } for  pid=395 comm="syz.2.5148" name="lp0" dev="devtmpfs" ino=4656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1753.840982][   T30] audit: type=1400 audit(1754757180.985:3084): avc:  denied  { open } for  pid=395 comm="syz.2.5148" path="/dev/usb/lp0" dev="devtmpfs" ino=4656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1754.749336][  T476] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4118 sclass=netlink_xfrm_socket pid=476 comm=syz.0.5154
[ 1755.539884][    C0] usblp0: nonzero write bulk status received: -71
[ 1755.548280][T13520] usb 3-1: USB disconnect, device number 10
[ 1755.586246][  T395] usblp0: removed
[ 1756.060933][   T30] audit: type=1400 audit(1754757183.585:3085): avc:  denied  { accept } for  pid=502 comm="syz.5.5159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1756.466324][ T5958] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1756.516846][  T508] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1756.690316][ T5958] usb 2-1: Using ep0 maxpacket: 8
[ 1756.698595][ T5958] usb 2-1: New USB device found, idVendor=0fe9, idProduct=db59, bcdDevice=e9.9b
[ 1756.707889][ T5958] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1756.717777][ T5958] usb 2-1: Product: syz
[ 1756.723827][ T5958] usb 2-1: Manufacturer: syz
[ 1757.222377][ T5958] usb 2-1: SerialNumber: syz
[ 1757.243524][ T5958] usb 2-1: config 0 descriptor??
[ 1757.251314][ T5958] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual Digital 2' in warm state.
[ 1757.262183][ T5958] dvb-usb: bulk message failed: -22 (2/0)
[ 1757.278453][ T5958] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1757.298166][ T5958] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T Dual Digital 2)
[ 1757.324827][ T5958] usb 2-1: media controller created
[ 1757.353842][ T5958] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1757.543249][ T5958] cxusb: set interface failed
[ 1757.667211][ T5958] dvb-usb: bulk message failed: -22 (1/0)
[ 1757.761653][T15020] Bluetooth: hci0: connection err: -111
[ 1758.187511][ T5958] DVB: Unable to find symbol mt352_attach()
[ 1758.209834][  T538] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[ 1758.217282][ T5958] dvb-usb: bulk message failed: -22 (5/0)
[ 1758.220787][  T538] netlink: 'syz.1.5166': attribute type 10 has an invalid length.
[ 1758.240589][ T5958] zl10353_read_register: readreg error (reg=127, ret==-121)
[ 1758.247973][ T5958] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T Dual Digital 2'
[ 1758.370394][T20583] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1758.394279][ T5958] rc_core: IR keymap rc-dvico-mce not found
[ 1758.458879][ T5958] Registered IR keymap rc-empty
[ 1758.470190][ T5958] rc rc0: DViCO FusionHDTV DVB-T Dual Digital 2 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[ 1758.509133][ T5958] input: DViCO FusionHDTV DVB-T Dual Digital 2 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input55
[ 1758.523157][  T558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1758.538281][ T5958] dvb-usb: schedule remote query interval to 100 msecs.
[ 1758.547526][ T5958] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 2 successfully initialized and connected.
[ 1758.561836][T13520] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1758.564804][ T5958] usb 2-1: USB disconnect, device number 9
[ 1758.575538][  T558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1758.578329][   T30] audit: type=1400 audit(1754757186.085:3086): avc:  denied  { mount } for  pid=554 comm="syz.5.5169" name="/" dev="ramfs" ino=101732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1758.590236][T20583] usb 3-1: Using ep0 maxpacket: 8
[ 1758.684330][T20583] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1758.697991][T20583] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1758.749858][T20583] usb 3-1: config 0 descriptor??
[ 1758.763435][T13520] usb 4-1: too many configurations: 13, using maximum allowed: 8
[ 1758.774094][T13520] usb 4-1: config 0 has no interfaces?
[ 1758.774249][ T5958] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 2 successfully deinitialized and disconnected.
[ 1758.783560][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.358603][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.365910][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.382412][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.389292][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.396844][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.404608][T13520] usb 4-1: config 0 has no interfaces?
[ 1759.412621][T13520] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1759.422034][T13520] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1759.430024][T13520] usb 4-1: Product: syz
[ 1759.434206][T13520] usb 4-1: Manufacturer: syz
[ 1759.438810][T13520] usb 4-1: SerialNumber: syz
[ 1759.445566][T13520] usb 4-1: config 0 descriptor??
[ 1759.479472][   T30] audit: type=1400 audit(1754757187.005:3087): avc:  denied  { unmount } for  pid=23612 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1759.690233][ T5958] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1759.722046][T14493] usb 4-1: USB disconnect, device number 123
[ 1759.842084][ T5958] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1759.851029][ T5958] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1759.861387][ T5958] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1759.870437][ T5958] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1759.882952][ T5958] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1759.892902][ T5958] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1759.900971][ T5958] usb 2-1: Product: syz
[ 1759.905204][ T5958] usb 2-1: Manufacturer: syz
[ 1759.917242][ T5958] cdc_wdm 2-1:1.0: skipping garbage
[ 1759.922776][ T5958] cdc_wdm 2-1:1.0: skipping garbage
[ 1759.929193][ T5958] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1759.935223][ T5958] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1760.162562][T14493] usb 2-1: USB disconnect, device number 10
[ 1760.380848][ T5958] usb 4-1: new full-speed USB device number 124 using dummy_hcd
[ 1760.531948][ T5958] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1760.541157][ T5958] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1760.551173][ T5958] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1760.559199][ T5958] usb 4-1: Product: syz
[ 1760.565182][ T5958] usb 4-1: Manufacturer: syz
[ 1760.569815][ T5958] usb 4-1: SerialNumber: syz
[ 1760.596547][  T621] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1760.610567][T13520] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1760.794843][T13520] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1760.803625][T13520] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1760.820862][T13520] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1760.831630][T13520] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1760.844867][T13520] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1760.855710][T13520] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1760.864609][T13520] usb 2-1: Product: syz
[ 1760.868932][T13520] usb 2-1: Manufacturer: syz
[ 1760.892251][T13520] cdc_wdm 2-1:1.0: skipping garbage
[ 1760.902995][T13520] cdc_wdm 2-1:1.0: skipping garbage
[ 1760.914011][T13520] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1760.920005][T13520] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1760.991484][ T5958] usblp 4-1:1.0: usblp1: USB Unidirectional printer dev 124 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[ 1761.345292][   T30] audit: type=1400 audit(1754757188.875:3088): avc:  denied  { read write } for  pid=540 comm="syz.3.5167" name="cdc-wdm0" dev="devtmpfs" ino=4679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[ 1761.383165][   T30] audit: type=1400 audit(1754757188.875:3089): avc:  denied  { open } for  pid=540 comm="syz.3.5167" path="/dev/cdc-wdm0" dev="devtmpfs" ino=4679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[ 1761.457166][    C1] wdm_int_callback: 692 callbacks suppressed
[ 1761.457187][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 1761.457537][T13520] usb 2-1: USB disconnect, device number 11
[ 1761.463183][    C1] wdm_int_callback: 692 callbacks suppressed
[ 1761.463201][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 1761.463218][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[ 1761.627261][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1761.655884][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading RX_CTL register: ffffffc3
[ 1761.682549][  T646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1761.692185][  T646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1761.858994][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1761.925174][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading Medium Status register: ffffffe0
[ 1762.265921][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1762.342258][  T657] bridge1: entered promiscuous mode
[ 1762.347536][  T657] bridge1: entered allmulticast mode
[ 1762.423370][T13520] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1762.678798][T13520] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1762.799866][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0002: -71
[ 1762.809882][T13520] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1762.834938][T13520] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1762.860454][T20583] asix 3-1:0.0 (unnamed net_device) (uninitialized): Could not register MDIO bus (err -5)
[ 1762.870997][T13520] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1762.883728][T20583] asix 3-1:0.0: probe with driver asix failed with error -5
[ 1762.893091][T13520] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1762.905224][T20583] usb 3-1: USB disconnect, device number 11
[ 1762.917704][T13520] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1762.967421][   T10] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1763.078003][T13520] usb 2-1: Product: syz
[ 1763.083970][T13520] usb 2-1: Manufacturer: syz
[ 1763.101250][T13520] cdc_wdm 2-1:1.0: skipping garbage
[ 1763.106481][T13520] cdc_wdm 2-1:1.0: skipping garbage
[ 1763.130893][T13520] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1763.146066][T13520] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1763.179527][T13520] usb 2-1: USB disconnect, device number 12
[ 1763.222037][   T10] usb 6-1: Using ep0 maxpacket: 32
[ 1763.228818][   T10] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1763.239781][   T10] usb 6-1: config 0 has no interface number 0
[ 1763.256004][  T696] tmpfs: Bad value for 'mpol'
[ 1763.261150][   T10] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1763.276572][T27090] usb 4-1: USB disconnect, device number 124
[ 1763.289603][   T10] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1763.291262][T27090] usblp1: removed
[ 1763.303560][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1763.324326][   T10] usb 6-1: Product: syz
[ 1763.343943][   T10] usb 6-1: Manufacturer: syz
[ 1763.364138][   T10] usb 6-1: SerialNumber: syz
[ 1763.390054][   T10] usb 6-1: config 0 descriptor??
[ 1763.409415][   T10] smsc75xx v1.0.0
[ 1763.419023][   T10] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1763.445427][   T10] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -22
[ 1763.605997][  T717] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1763.793002][ T5958] usb 6-1: USB disconnect, device number 28
[ 1764.990042][  T733] lo speed is unknown, defaulting to 1000
[ 1766.692851][   T30] audit: type=1326 audit(1754757194.185:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1766.716166][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1767.109105][   T30] audit: type=1326 audit(1754757194.185:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.132435][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1767.164961][   T30] audit: type=1326 audit(1754757194.185:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.225879][   T30] audit: type=1326 audit(1754757194.185:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.249213][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1767.360526][   T30] audit: type=1326 audit(1754757194.185:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.374766][  T798] FAULT_INJECTION: forcing a failure.
[ 1767.374766][  T798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1767.383846][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1767.387240][   T30] audit: type=1326 audit(1754757194.185:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.429936][   T30] audit: type=1326 audit(1754757194.185:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.453249][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1767.459551][   T30] audit: type=1326 audit(1754757194.195:3097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.482828][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1767.815016][   T30] audit: type=1326 audit(1754757194.195:3098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1767.859867][  T798] CPU: 0 UID: 0 PID: 798 Comm: syz.0.5188 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 1767.859884][  T798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1767.859891][  T798] Call Trace:
[ 1767.859895][  T798]  <TASK>
[ 1767.859900][  T798]  dump_stack_lvl+0x16c/0x1f0
[ 1767.859916][  T798]  should_fail_ex+0x512/0x640
[ 1767.859931][  T798]  _copy_from_user+0x2e/0xd0
[ 1767.859945][  T798]  copy_msghdr_from_user+0x98/0x160
[ 1767.859957][  T798]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1767.859974][  T798]  ___sys_sendmsg+0xfe/0x1d0
[ 1767.859985][  T798]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1767.860007][  T798]  ? __mutex_unlock_slowpath+0x100/0x800
[ 1767.860023][  T798]  __sys_sendmsg+0x16d/0x220
[ 1767.860035][  T798]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1767.860054][  T798]  do_syscall_64+0xcd/0x4c0
[ 1767.860066][  T798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1767.860078][  T798] RIP: 0033:0x7f7503b8ebe9
[ 1767.860087][  T798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1767.860098][  T798] RSP: 002b:00007f7504a8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1767.860108][  T798] RAX: ffffffffffffffda RBX: 00007f7503db5fa0 RCX: 00007f7503b8ebe9
[ 1767.860115][  T798] RDX: 000000002008c014 RSI: 0000200000000580 RDI: 0000000000000004
[ 1767.860122][  T798] RBP: 00007f7504a8c090 R08: 0000000000000000 R09: 0000000000000000
[ 1767.860128][  T798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1767.860134][  T798] R13: 00007f7503db6038 R14: 00007f7503db5fa0 R15: 00007fff97f50538
[ 1767.860160][  T798]  </TASK>
[ 1767.920382][   T30] audit: type=1326 audit(1754757194.195:3099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=785 comm="syz.1.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1768.000291][   T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1768.053798][  T807] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[ 1768.104990][  T807] netlink: 'syz.1.5189': attribute type 10 has an invalid length.
[ 1768.345480][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1768.376468][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1768.463635][   T10] usb 3-1: config 0 descriptor??
[ 1768.826322][   T10] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1769.198635][T14493] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1769.538129][T14493] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1769.549198][T14493] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1769.562343][T14493] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1769.573128][T14493] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1769.592048][  T824] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1770.016990][T14493] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1770.896495][   T10] usb 3-1: USB disconnect, device number 12
[ 1771.400326][   T10] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 1771.802990][   T10] usb 6-1: Using ep0 maxpacket: 8
[ 1772.318875][T20583] usb 2-1: USB disconnect, device number 13
[ 1772.362136][   T10] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1772.432763][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1772.560421][   T10] usb 6-1: config 0 descriptor??
[ 1773.550843][T15020] Bluetooth: hci4: connection err: -111
[ 1775.037793][  T937] binder: BINDER_SET_CONTEXT_MGR already set
[ 1775.043852][  T937] binder: 936:937 ioctl 4018620d 200000004a80 returned -16
[ 1775.688322][  T948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1775.729656][  T948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1775.740065][   T30] kauditd_printk_skb: 70 callbacks suppressed
[ 1775.740080][   T30] audit: type=1400 audit(1754757203.265:3170): avc:  denied  { read } for  pid=946 comm="syz.0.5208" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1775.796781][   T30] audit: type=1400 audit(1754757203.295:3171): avc:  denied  { open } for  pid=946 comm="syz.0.5208" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1775.820790][   T30] audit: type=1400 audit(1754757203.295:3172): avc:  denied  { ioctl } for  pid=946 comm="syz.0.5208" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1776.060273][T15020] Bluetooth: hci2: command 0x0406 tx timeout
[ 1776.087582][T15020] Bluetooth: hci5: connection err: -111
[ 1776.932419][   T10] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1776.955951][   T10] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1776.977682][  T966] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5212'.
[ 1777.000104][   T10] asix 6-1:0.0: probe with driver asix failed with error -71
[ 1777.043560][   T10] usb 6-1: USB disconnect, device number 29
[ 1777.390325][ T5958] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 1778.300218][ T5958] usb 4-1: Using ep0 maxpacket: 16
[ 1778.390560][ T5958] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1778.490904][ T5958] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1778.501228][ T5958] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1778.535077][ T5958] usb 4-1: config 0 descriptor??
[ 1779.109805][ T5976] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1779.275685][ T5976] usb 6-1: Using ep0 maxpacket: 16
[ 1779.284326][ T5976] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[ 1779.328431][ T5976] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1779.399104][ T5976] usb 6-1: Product: syz
[ 1779.426392][ T5976] usb 6-1: Manufacturer: syz
[ 1779.438267][ T5976] usb 6-1: SerialNumber: syz
[ 1779.457402][ T5976] usb 6-1: config 0 descriptor??
[ 1779.564162][  T972] netlink: 31 bytes leftover after parsing attributes in process `syz.3.5213'.
[ 1779.604362][ T5958] usbhid 4-1:0.0: can't add hid device: -71
[ 1779.630575][ T5958] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1779.668305][ T5958] usb 4-1: USB disconnect, device number 125
[ 1779.673175][ T5976] speedtch 6-1:0.0: speedtch_bind: wrong device class 68
[ 1779.714801][ T5976] speedtch 6-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1779.745316][ T5976] usb 6-1: USB disconnect, device number 30
[ 1779.876955][   T30] audit: type=1400 audit(1754757207.405:3173): avc:  denied  { validate_trans } for  pid=1042 comm="syz.0.5221" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1780.400266][T13520] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1780.562688][T13520] usb 2-1: Using ep0 maxpacket: 32
[ 1781.483662][T13520] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1781.516702][T13520] usb 2-1: config 0 has no interface number 0
[ 1781.523183][T13520] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1781.523265][ T1075] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5224'.
[ 1781.578554][T13520] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1781.587634][T13520] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1781.595630][T13520] usb 2-1: Product: syz
[ 1781.599763][T13520] usb 2-1: Manufacturer: syz
[ 1781.604360][T13520] usb 2-1: SerialNumber: syz
[ 1781.635682][T13520] usb 2-1: config 0 descriptor??
[ 1781.654017][T13520] smsc75xx v1.0.0
[ 1782.303650][T13520] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1782.388606][ T1086] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5227'.
[ 1782.414493][T13520] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -22
[ 1782.904057][ T1095] loop6: detected capacity change from 0 to 1
[ 1783.357129][ T1095] Dev loop6: unable to read RDB block 1
[ 1783.612880][ T1095]  loop6: unable to read partition table
[ 1783.618609][ T1095] loop6: partition table beyond EOD, truncated
[ 1783.643772][T13520] usb 2-1: USB disconnect, device number 14
[ 1783.659201][ T1095] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1783.954707][ T1114] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5232'.
[ 1784.401218][ T1145] FAULT_INJECTION: forcing a failure.
[ 1784.401218][ T1145] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1784.416515][ T1145] CPU: 0 UID: 0 PID: 1145 Comm: syz.1.5239 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 1784.416542][ T1145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1784.416553][ T1145] Call Trace:
[ 1784.416560][ T1145]  <TASK>
[ 1784.416567][ T1145]  dump_stack_lvl+0x16c/0x1f0
[ 1784.416590][ T1145]  should_fail_ex+0x512/0x640
[ 1784.416614][ T1145]  should_fail_alloc_page+0xe7/0x130
[ 1784.416637][ T1145]  prepare_alloc_pages+0x3c2/0x610
[ 1784.416662][ T1145]  ? register_lock_class+0x41/0x4c0
[ 1784.416683][ T1145]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1784.416706][ T1145]  ? __lock_acquire+0xb97/0x1ce0
[ 1784.416737][ T1145]  ? register_lock_class+0x41/0x4c0
[ 1784.416757][ T1145]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1784.416787][ T1145]  ? __lock_acquire+0x62e/0x1ce0
[ 1784.416824][ T1145]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1784.416847][ T1145]  ? policy_nodemask+0xea/0x4e0
[ 1784.416872][ T1145]  alloc_pages_mpol+0x1fb/0x550
[ 1784.416895][ T1145]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1784.416917][ T1145]  ? tls_sk_poll+0x271/0x830
[ 1784.416945][ T1145]  ? __pfx___pollwait+0x10/0x10
[ 1784.416962][ T1145]  alloc_pages_noprof+0x131/0x390
[ 1784.416984][ T1145]  get_free_pages_noprof+0x10/0xb0
[ 1784.417005][ T1145]  __pollwait+0x295/0x490
[ 1784.417025][ T1145]  ? __pfx___pollwait+0x10/0x10
[ 1784.417041][ T1145]  datagram_poll+0x80/0x4f0
[ 1784.417068][ T1145]  ? __pfx_datagram_poll+0x10/0x10
[ 1784.417091][ T1145]  sock_poll+0x15d/0x510
[ 1784.417115][ T1145]  ? __pfx_sock_poll+0x10/0x10
[ 1784.417135][ T1145]  do_select+0xd3a/0x17e0
[ 1784.417173][ T1145]  ? __pfx_do_select+0x10/0x10
[ 1784.417193][ T1145]  ? __pfx___pollwait+0x10/0x10
[ 1784.417214][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417234][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417254][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417273][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417293][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417313][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417333][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417353][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417373][ T1145]  ? __pfx_pollwake+0x10/0x10
[ 1784.417393][ T1145]  ? find_held_lock+0x2b/0x80
[ 1784.417414][ T1145]  ? __might_fault+0xe3/0x190
[ 1784.417431][ T1145]  ? __might_fault+0xe3/0x190
[ 1784.417447][ T1145]  ? __might_fault+0x13b/0x190
[ 1784.417474][ T1145]  ? core_sys_select+0x453/0xc10
[ 1784.417492][ T1145]  core_sys_select+0x453/0xc10
[ 1784.417516][ T1145]  ? __pfx_core_sys_select+0x10/0x10
[ 1784.417559][ T1145]  ? set_user_sigmask+0x21b/0x2b0
[ 1784.417580][ T1145]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1784.417607][ T1145]  do_pselect.constprop.0+0x19f/0x1e0
[ 1784.417628][ T1145]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[ 1784.417659][ T1145]  __x64_sys_pselect6+0x182/0x240
[ 1784.417679][ T1145]  ? __pfx___x64_sys_pselect6+0x10/0x10
[ 1784.417707][ T1145]  do_syscall_64+0xcd/0x4c0
[ 1784.417727][ T1145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1784.417746][ T1145] RIP: 0033:0x7f026cd8ebe9
[ 1784.417762][ T1145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1784.417778][ T1145] RSP: 002b:00007f026dc4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1784.417796][ T1145] RAX: ffffffffffffffda RBX: 00007f026cfb6090 RCX: 00007f026cd8ebe9
[ 1784.417813][ T1145] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1784.417824][ T1145] RBP: 00007f026dc4f090 R08: 0000000000000000 R09: 0000000000000000
[ 1784.417835][ T1145] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[ 1784.417846][ T1145] R13: 00007f026cfb6128 R14: 00007f026cfb6090 R15: 00007ffcb977c658
[ 1784.417870][ T1145]  </TASK>
[ 1784.480233][ T5958] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1784.487779][   T10] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1784.965725][T13520] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[ 1785.330208][ T5958] usb 3-1: Using ep0 maxpacket: 8
[ 1785.490073][ T5958] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1785.500271][T13520] usb 4-1: Using ep0 maxpacket: 16
[ 1785.508318][ T5958] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1785.508764][T13520] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[ 1785.518866][ T5958] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1785.532106][T13520] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1785.537846][ T5958] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1785.561128][ T5958] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1785.571597][ T5958] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1785.573982][T13520] usb 4-1: Product: syz
[ 1785.587173][T13520] usb 4-1: Manufacturer: syz
[ 1785.640223][   T10] usb 6-1: Using ep0 maxpacket: 8
[ 1785.645320][T13520] usb 4-1: SerialNumber: syz
[ 1785.652348][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1785.662391][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1785.681394][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1785.693072][T13520] usb 4-1: config 0 descriptor??
[ 1785.724586][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1785.759797][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1785.785970][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1785.790420][ T5958] usb 3-1: GET_CAPABILITIES returned 0
[ 1785.799443][ T5958] usbtmc 3-1:16.0: can't read capabilities
[ 1786.668230][T13520] speedtch 4-1:0.0: speedtch_bind: wrong device class 68
[ 1786.738715][T13520] speedtch 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1786.757319][   T10] usb 6-1: GET_CAPABILITIES returned 0
[ 1786.773477][   T10] usbtmc 6-1:16.0: can't read capabilities
[ 1786.781113][T13520] usb 4-1: USB disconnect, device number 126
[ 1787.159331][ T1181] bridge1: entered promiscuous mode
[ 1787.164657][ T1181] bridge1: entered allmulticast mode
[ 1787.823327][ T1192] bridge2: entered promiscuous mode
[ 1787.828618][ T1192] bridge2: entered allmulticast mode
[ 1788.469756][T15020] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1788.518267][ T1204] FAULT_INJECTION: forcing a failure.
[ 1788.518267][ T1204] name failslab, interval 1, probability 0, space 0, times 0
[ 1788.531456][ T1204] CPU: 1 UID: 0 PID: 1204 Comm: syz.1.5245 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 1788.531482][ T1204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1788.531493][ T1204] Call Trace:
[ 1788.531499][ T1204]  <TASK>
[ 1788.531506][ T1204]  dump_stack_lvl+0x16c/0x1f0
[ 1788.531530][ T1204]  should_fail_ex+0x512/0x640
[ 1788.531549][ T1204]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1788.531572][ T1204]  should_failslab+0xc2/0x120
[ 1788.531592][ T1204]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1788.531611][ T1204]  ? getname_flags.part.0+0x4c/0x550
[ 1788.531642][ T1204]  getname_flags.part.0+0x4c/0x550
[ 1788.531669][ T1204]  getname_flags+0x93/0xf0
[ 1788.531688][ T1204]  do_sys_openat2+0xb8/0x1d0
[ 1788.531711][ T1204]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1788.531737][ T1204]  ? __fget_files+0x20e/0x3c0
[ 1788.531761][ T1204]  __x64_sys_open+0x153/0x1e0
[ 1788.531790][ T1204]  ? __pfx___x64_sys_open+0x10/0x10
[ 1788.531818][ T1204]  ? rcu_is_watching+0x12/0xc0
[ 1788.531843][ T1204]  do_syscall_64+0xcd/0x4c0
[ 1788.531864][ T1204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1788.531882][ T1204] RIP: 0033:0x7f026cd8ebe9
[ 1788.531896][ T1204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1788.531913][ T1204] RSP: 002b:00007f026dc70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1788.531931][ T1204] RAX: ffffffffffffffda RBX: 00007f026cfb5fa0 RCX: 00007f026cd8ebe9
[ 1788.531942][ T1204] RDX: 0000000000000001 RSI: 0000000000101042 RDI: 00002000000005c0
[ 1788.531953][ T1204] RBP: 00007f026dc70090 R08: 0000000000000000 R09: 0000000000000000
[ 1788.531963][ T1204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1788.531974][ T1204] R13: 00007f026cfb6038 R14: 00007f026cfb5fa0 R15: 00007ffcb977c658
[ 1788.531997][ T1204]  </TASK>
[ 1788.538453][   T30] audit: type=1400 audit(1754757216.065:3174): avc:  denied  { bind } for  pid=1205 comm="syz.3.5246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1788.752323][   T30] audit: type=1400 audit(1754757216.085:3175): avc:  denied  { listen } for  pid=1205 comm="syz.3.5246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1789.515041][T14493] usb 3-1: USB disconnect, device number 13
[ 1789.521052][ T5958] usb 6-1: USB disconnect, device number 31
[ 1789.577308][   T30] audit: type=1400 audit(1754757216.425:3176): avc:  denied  { shutdown } for  pid=1205 comm="syz.3.5246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1789.769563][ T1243] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144
[ 1789.980773][ T1245] syz.3.5251 (1245): drop_caches: 2
[ 1790.740585][ T1263] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5254'.
[ 1791.343356][ T1278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5258'.
[ 1791.395687][ T1278] netlink: 'syz.3.5258': attribute type 1 has an invalid length.
[ 1791.410236][   T30] audit: type=1400 audit(1754757218.925:3177): avc:  denied  { map } for  pid=1277 comm="syz.3.5258" path="socket:[102418]" dev="sockfs" ino=102418 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 1791.440640][ T1278] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1791.448491][ T1278] IPv6: NLM_F_CREATE should be set when creating new route
[ 1791.455739][ T1278] IPv6: NLM_F_CREATE should be set when creating new route
[ 1791.608742][T14493] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1791.620242][   T30] audit: type=1400 audit(1754757218.925:3178): avc:  denied  { accept } for  pid=1277 comm="syz.3.5258" path="socket:[102418]" dev="sockfs" ino=102418 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 1791.644562][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1791.840589][ T1288] netlink: 'syz.2.5255': attribute type 1 has an invalid length.
[ 1791.855964][ T1288] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5255'.
[ 1791.897339][T14493] usb 6-1: Using ep0 maxpacket: 8
[ 1791.954283][T14493] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1791.969136][T14493] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1792.103677][T14493] usb 6-1: config 0 descriptor??
[ 1792.425640][ T1305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1792.446874][ T1305] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1792.603733][T14493] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1792.617196][T14493] asix 6-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffc3
[ 1792.631754][T14493] asix 6-1:0.0: probe with driver asix failed with error -61
[ 1793.181162][ T1312] bridge1: entered promiscuous mode
[ 1793.186402][ T1312] bridge1: entered allmulticast mode
[ 1793.731117][ T1318] binder_alloc: 1310: binder_alloc_buf, no vma
[ 1795.562357][ T1347] FAULT_INJECTION: forcing a failure.
[ 1795.562357][ T1347] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1795.599840][ T1347] CPU: 0 UID: 0 PID: 1347 Comm: syz.2.5268 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 1795.599867][ T1347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1795.599877][ T1347] Call Trace:
[ 1795.599884][ T1347]  <TASK>
[ 1795.599891][ T1347]  dump_stack_lvl+0x16c/0x1f0
[ 1795.599915][ T1347]  should_fail_ex+0x512/0x640
[ 1795.599938][ T1347]  strncpy_from_user+0x3b/0x2e0
[ 1795.599958][ T1347]  getname_flags.part.0+0x8f/0x550
[ 1795.599987][ T1347]  getname_flags+0x93/0xf0
[ 1795.600005][ T1347]  do_sys_openat2+0xb8/0x1d0
[ 1795.600030][ T1347]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1795.600056][ T1347]  ? __fget_files+0x20e/0x3c0
[ 1795.600081][ T1347]  __x64_sys_open+0x153/0x1e0
[ 1795.600109][ T1347]  ? __pfx___x64_sys_open+0x10/0x10
[ 1795.600137][ T1347]  ? rcu_is_watching+0x12/0xc0
[ 1795.600161][ T1347]  do_syscall_64+0xcd/0x4c0
[ 1795.600181][ T1347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1795.600198][ T1347] RIP: 0033:0x7f6c1318ebe9
[ 1795.600212][ T1347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1795.600229][ T1347] RSP: 002b:00007f6c13fce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1795.600247][ T1347] RAX: ffffffffffffffda RBX: 00007f6c133b5fa0 RCX: 00007f6c1318ebe9
[ 1795.600259][ T1347] RDX: 0000000000000001 RSI: 0000000000101042 RDI: 00002000000005c0
[ 1795.600270][ T1347] RBP: 00007f6c13fce090 R08: 0000000000000000 R09: 0000000000000000
[ 1795.600280][ T1347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1795.600290][ T1347] R13: 00007f6c133b6038 R14: 00007f6c133b5fa0 R15: 00007ffd63947808
[ 1795.600312][ T1347]  </TASK>
[ 1796.007592][ T1363] netlink: 'syz.3.5269': attribute type 5 has an invalid length.
[ 1796.910219][   T30] audit: type=1400 audit(1754757224.405:3179): avc:  denied  { mount } for  pid=1349 comm="syz.3.5269" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1796.980900][T13520] usb 6-1: USB disconnect, device number 32
[ 1797.014558][   T30] audit: type=1400 audit(1754757224.535:3180): avc:  denied  { setopt } for  pid=1349 comm="syz.3.5269" lport=58357 faddr=::ffff:172.20.255.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1798.532353][ T1378] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[ 1798.544147][ T1378] netlink: 'syz.5.5274': attribute type 10 has an invalid length.
[ 1798.604502][   T30] audit: type=1400 audit(1754757226.135:3181): avc:  denied  { unmount } for  pid=17892 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1799.913702][   T10] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1800.160218][   T10] usb 6-1: Using ep0 maxpacket: 8
[ 1800.167884][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1800.181381][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1800.197345][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1800.208577][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1800.227879][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1800.250246][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1800.343935][ T1407] binder_alloc: 1403: binder_alloc_buf, no vma
[ 1800.508102][ T1405] netlink: 'syz.1.5272': attribute type 1 has an invalid length.
[ 1800.525955][ T1405] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5272'.
[ 1800.761745][   T10] usb 6-1: GET_CAPABILITIES returned 0
[ 1800.775361][   T10] usbtmc 6-1:16.0: can't read capabilities
[ 1801.094174][ T1425] overlayfs: failed to resolve './file0': -2
[ 1801.387195][ T1428] bridge2: entered promiscuous mode
[ 1801.392646][ T1428] bridge2: entered allmulticast mode
[ 1801.889674][   T30] audit: type=1400 audit(1754757228.935:3182): avc:  denied  { read } for  pid=1422 comm="syz.2.5281" path="socket:[103436]" dev="sockfs" ino=103436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1802.738896][ T1436] lo speed is unknown, defaulting to 1000
[ 1804.109163][ T5958] usb 6-1: USB disconnect, device number 33
[ 1805.194495][   T30] audit: type=1400 audit(1754757232.725:3183): avc:  denied  { write } for  pid=1495 comm="syz.0.5286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1806.083144][ T1506] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1806.142282][ T5858] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1806.388271][ T1528] binder_alloc: 1517: binder_alloc_buf, no vma
[ 1806.550068][T13520] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1806.741854][ T1529] syz.0.5292 (1529): drop_caches: 2
[ 1806.777354][ T1531] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1806.835478][T13520] usb 6-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[ 1806.851761][T13520] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1806.901464][T13520] usb 6-1: config 220 has 0 interfaces, different from the descriptor's value: 184
[ 1806.920943][T13520] usb 6-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[ 1806.941424][T13520] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1807.152490][ T1542] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5295'.
[ 1807.392830][ T1545] RDS: rds_bind could not find a transport for fe88::6, load rds_tcp or rds_rdma?
[ 1809.182984][ T5958] usb 6-1: USB disconnect, device number 34
[ 1809.228164][ T1563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1809.236760][ T1563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1809.677062][   T30] audit: type=1400 audit(1754757237.205:3184): avc:  denied  { bind } for  pid=1569 comm="syz.3.5299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1809.754766][   T30] audit: type=1400 audit(1754757237.205:3185): avc:  denied  { name_bind } for  pid=1569 comm="syz.3.5299" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 1809.970203][   T30] audit: type=1400 audit(1754757237.205:3186): avc:  denied  { node_bind } for  pid=1569 comm="syz.3.5299" saddr=172.20.20.170 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1810.006333][   T30] audit: type=1400 audit(1754757237.255:3187): avc:  denied  { mount } for  pid=1569 comm="syz.3.5299" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1810.010276][T13520] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1810.030440][   T30] audit: type=1400 audit(1754757237.255:3188): avc:  denied  { read write } for  pid=1569 comm="syz.3.5299" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1810.557333][   T30] audit: type=1400 audit(1754757237.255:3189): avc:  denied  { open } for  pid=1569 comm="syz.3.5299" path="/469/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1810.623043][   T30] audit: type=1800 audit(1754757237.285:3190): pid=1570 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.5299" name="/" dev="9p" ino=2 res=0 errno=0
[ 1810.637647][   T10] hid_parser_main: 1 callbacks suppressed
[ 1810.637664][   T10] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0
[ 1810.656608][T13520] usb 4-1: device descriptor read/64, error -71
[ 1810.694288][ T1590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5302'.
[ 1810.781771][ T5858] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1810.803264][   T10] hid-generic 0000:0000:0000.0057: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1810.911919][T13520] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1811.050287][T13520] usb 4-1: device descriptor read/64, error -71
[ 1811.200258][ T5899] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1811.200368][T13520] usb usb4-port1: attempt power cycle
[ 1811.234022][ T1602] ipvlan2: entered allmulticast mode
[ 1811.265345][ T1602] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 1811.400277][ T5899] usb 2-1: Using ep0 maxpacket: 8
[ 1811.424288][ T5899] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1811.444156][ T5899] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1811.489864][ T5899] usb 2-1: config 0 descriptor??
[ 1811.610527][T13520] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1811.664179][T13520] usb 4-1: device descriptor read/8, error -71
[ 1811.886805][ T1618] binder_alloc: 1612: binder_alloc_buf, no vma
[ 1812.120362][T13520] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1812.154364][ T1616] fuse: Bad value for 'fd'
[ 1812.201981][T13520] usb 4-1: device descriptor read/8, error -71
[ 1812.310431][T13520] usb usb4-port1: unable to enumerate USB device
[ 1812.734847][   T30] audit: type=1400 audit(1754757240.145:3191): avc:  denied  { create } for  pid=1622 comm="syz.2.5310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1812.758018][   T30] audit: type=1400 audit(1754757240.145:3192): avc:  denied  { setopt } for  pid=1622 comm="syz.2.5310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1812.784544][   T30] audit: type=1400 audit(1754757240.145:3193): avc:  denied  { bind } for  pid=1622 comm="syz.2.5310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1813.356890][ T1637] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1813.396611][   T30] audit: type=1400 audit(1754757240.925:3194): avc:  denied  { unmount } for  pid=17892 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1813.722404][ T1647] binder_alloc: 1639: binder_alloc_buf, no vma
[ 1813.880460][T14493] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1814.110326][T14493] usb 4-1: Using ep0 maxpacket: 32
[ 1814.118879][T14493] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[ 1814.145674][T14493] usb 4-1: config 0 has no interface number 0
[ 1814.176170][T14493] usb 4-1: config 0 interface 184 has no altsetting 0
[ 1814.198423][T14493] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1814.208787][T14493] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1814.242929][T14493] usb 4-1: Product: syz
[ 1814.249216][T14493] usb 4-1: Manufacturer: syz
[ 1814.281621][T14493] usb 4-1: SerialNumber: syz
[ 1814.326047][T14493] usb 4-1: config 0 descriptor??
[ 1814.364337][T14493] smsc75xx v1.0.0
[ 1814.385381][T14493] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1814.573173][T14493] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -22
[ 1814.647526][T14493] usb 4-1: USB disconnect, device number 5
[ 1814.940291][ T5858] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1814.942507][ T1661] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5316'.
[ 1815.942561][ T5899] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1816.062722][ T5899] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1816.097422][ T5899] asix 2-1:0.0: probe with driver asix failed with error -71
[ 1816.549898][ T1686] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5321'.
[ 1816.554775][ T5899] usb 2-1: USB disconnect, device number 15
[ 1816.558901][   T30] audit: type=1400 audit(1754757243.685:3195): avc:  denied  { append } for  pid=1674 comm="syz.3.5319" name="cec3" dev="devtmpfs" ino=963 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1816.618434][ T1688] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1816.627524][ T1688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1816.891587][ T1697] RDS: rds_bind could not find a transport for fe88::1, load rds_tcp or rds_rdma?
[ 1817.217073][   T30] audit: type=1400 audit(1754757244.745:3196): avc:  denied  { lock } for  pid=1701 comm="syz.1.5324" path="socket:[102830]" dev="sockfs" ino=102830 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[ 1817.340214][ T5858] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1819.450391][   T10] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1821.050453][   T10] usb 3-1: Using ep0 maxpacket: 32
[ 1821.439162][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1821.465179][   T10] usb 3-1: config 128 has an invalid interface number: 127 but max is 3
[ 1821.476778][   T10] usb 3-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[ 1821.622223][   T10] usb 3-1: config 128 has 1 interface, different from the descriptor's value: 4
[ 1821.643974][ T1742] block nbd3: shutting down sockets
[ 1821.964495][   T10] usb 3-1: config 128 has no interface number 0
[ 1821.996711][   T10] usb 3-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1822.022675][   T10] usb 3-1: config 128 interface 127 has no altsetting 0
[ 1822.030543][   T10] usb 3-1: string descriptor 0 read error: -71
[ 1822.138651][   T10] usb 3-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[ 1822.163014][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1822.581420][ T1770] netlink: 'syz.2.5338': attribute type 10 has an invalid length.
[ 1822.589315][ T1770] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5338'.
[ 1822.646996][   T10] usb 3-1: can't set config #128, error -71
[ 1822.731324][   T10] usb 3-1: USB disconnect, device number 14
[ 1824.434979][   T30] audit: type=1326 audit(1754757251.135:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1824.959967][   T30] audit: type=1326 audit(1754757251.135:3198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1824.987309][   T30] audit: type=1326 audit(1754757251.135:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.011961][   T30] audit: type=1326 audit(1754757251.135:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.102536][   T30] audit: type=1326 audit(1754757251.135:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.142589][   T30] audit: type=1326 audit(1754757251.135:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.196575][ T1806] openvswitch: netlink: Message has 4 unknown bytes.
[ 1825.298060][   T30] audit: type=1326 audit(1754757251.135:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.298436][ T1809] binder: 1807:1809 unknown command 0
[ 1825.349281][   T30] audit: type=1326 audit(1754757251.135:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.592251][   T30] audit: type=1326 audit(1754757251.135:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.616865][   T30] audit: type=1326 audit(1754757251.135:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1788 comm="syz.5.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31c18ebe9 code=0x7ffc0000
[ 1825.641854][ T1809] binder: 1807:1809 ioctl c0306201 200000000080 returned -22
[ 1826.639651][ T5858] block nbd0: Receive control failed (result -32)
[ 1826.651676][ T1818] block nbd0: shutting down sockets
[ 1827.567604][ T1837] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144
[ 1828.772686][ T1862] binder_alloc: 1858: binder_alloc_buf, no vma
[ 1829.632533][   T30] kauditd_printk_skb: 51 callbacks suppressed
[ 1829.632549][   T30] audit: type=1326 audit(1754757256.785:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1829.845753][   T30] audit: type=1326 audit(1754757256.795:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1829.921907][   T30] audit: type=1326 audit(1754757256.815:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1829.954870][   T30] audit: type=1326 audit(1754757256.815:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1830.168130][ T1872] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5358'.
[ 1830.383897][   T30] audit: type=1326 audit(1754757256.815:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1830.426615][   T30] audit: type=1326 audit(1754757256.825:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1830.491371][   T30] audit: type=1326 audit(1754757256.825:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1830.583851][   T30] audit: type=1326 audit(1754757256.835:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1830.860489][   T30] audit: type=1326 audit(1754757256.845:3266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1830.884261][   T30] audit: type=1326 audit(1754757256.845:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1864 comm="syz.1.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026cd8ebe9 code=0x7ffc0000
[ 1832.090190][ T1899] syz.0.5365 (1899): drop_caches: 2
[ 1833.134560][   T10] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1833.932570][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1834.543986][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1834.554925][   T10] usb 3-1: config 0 descriptor??
[ 1834.583406][   T10] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1834.980197][T13520] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1835.306811][   T30] kauditd_printk_skb: 24 callbacks suppressed
[ 1835.306827][   T30] audit: type=1400 audit(1754757262.835:3292): avc:  denied  { read write } for  pid=1956 comm="syz.1.5375" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1835.337002][   T30] audit: type=1400 audit(1754757262.835:3293): avc:  denied  { open } for  pid=1956 comm="syz.1.5375" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1835.363220][   T30] audit: type=1400 audit(1754757262.835:3294): avc:  denied  { ioctl } for  pid=1956 comm="syz.1.5375" path="/dev/ptp0" dev="devtmpfs" ino=1265 ioctlcmd=0x3d0b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1835.394821][T13520] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1835.414171][T13520] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1835.428471][   T30] audit: type=1400 audit(1754757262.865:3295): avc:  denied  { append } for  pid=1956 comm="syz.1.5375" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1835.454351][T13520] usb 4-1: Product: syz
[ 1835.459472][T13520] usb 4-1: Manufacturer: syz
[ 1835.469095][T13520] usb 4-1: SerialNumber: syz
[ 1835.813360][ T5858] block nbd0: Receive control failed (result -32)
[ 1835.822228][ T1953] block nbd0: shutting down sockets
[ 1835.894398][   T30] audit: type=1400 audit(1754757263.405:3296): avc:  denied  { create } for  pid=1960 comm="syz.1.5376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1836.056939][ T1967] block nbd0: server does not support multiple connections per device.
[ 1836.264385][   T10] usb 3-1: USB disconnect, device number 15
[ 1836.287682][ T1967] block nbd0: shutting down sockets
[ 1836.928917][T13520] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1836.937080][T13520] cdc_ncm 4-1:1.0: setting tx_max = 184
[ 1836.956475][T13520] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 1836.986282][T13520] usb 4-1: USB disconnect, device number 6
[ 1836.996471][T13520] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[ 1837.068739][ T2007] policy can only be matched on NF_INET_PRE_ROUTING
[ 1837.068757][ T2007] unable to load match
[ 1837.149203][ T2007] FAULT_INJECTION: forcing a failure.
[ 1837.149203][ T2007] name failslab, interval 1, probability 0, space 0, times 0
[ 1837.302010][ T2007] CPU: 0 UID: 0 PID: 2007 Comm: syz.2.5381 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 1837.302037][ T2007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1837.302048][ T2007] Call Trace:
[ 1837.302055][ T2007]  <TASK>
[ 1837.302062][ T2007]  dump_stack_lvl+0x16c/0x1f0
[ 1837.302087][ T2007]  should_fail_ex+0x512/0x640
[ 1837.302106][ T2007]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1837.302129][ T2007]  should_failslab+0xc2/0x120
[ 1837.302151][ T2007]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1837.302170][ T2007]  ? __alloc_skb+0x2b2/0x380
[ 1837.302202][ T2007]  __alloc_skb+0x2b2/0x380
[ 1837.302227][ T2007]  ? __pfx___alloc_skb+0x10/0x10
[ 1837.302252][ T2007]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1837.302282][ T2007]  netlink_ack+0x15d/0xb80
[ 1837.302311][ T2007]  netlink_rcv_skb+0x332/0x420
[ 1837.302330][ T2007]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1837.302353][ T2007]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1837.302381][ T2007]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1837.302405][ T2007]  netlink_unicast+0x5aa/0x870
[ 1837.302428][ T2007]  ? __pfx_netlink_unicast+0x10/0x10
[ 1837.302457][ T2007]  netlink_sendmsg+0x8d1/0xdd0
[ 1837.302481][ T2007]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1837.302510][ T2007]  ____sys_sendmsg+0xa95/0xc70
[ 1837.302535][ T2007]  ? copy_msghdr_from_user+0x10a/0x160
[ 1837.302552][ T2007]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1837.302591][ T2007]  ___sys_sendmsg+0x134/0x1d0
[ 1837.302609][ T2007]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1837.302650][ T2007]  ? __mutex_unlock_slowpath+0x100/0x800
[ 1837.302677][ T2007]  __sys_sendmsg+0x16d/0x220
[ 1837.302696][ T2007]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1837.302730][ T2007]  do_syscall_64+0xcd/0x4c0
[ 1837.302752][ T2007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.302769][ T2007] RIP: 0033:0x7f6c1318ebe9
[ 1837.302785][ T2007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1837.302802][ T2007] RSP: 002b:00007f6c13fce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1837.302820][ T2007] RAX: ffffffffffffffda RBX: 00007f6c133b5fa0 RCX: 00007f6c1318ebe9
[ 1837.302832][ T2007] RDX: 000000002008c014 RSI: 0000200000000580 RDI: 0000000000000004
[ 1837.302843][ T2007] RBP: 00007f6c13fce090 R08: 0000000000000000 R09: 0000000000000000
[ 1837.302862][ T2007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1837.302873][ T2007] R13: 00007f6c133b6038 R14: 00007f6c133b5fa0 R15: 00007ffd63947808
[ 1837.302899][ T2007]  </TASK>
[ 1838.220190][   T30] audit: type=1400 audit(1754757265.715:3297): avc:  denied  { unmount } for  pid=17892 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1838.536745][ T2035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1838.609569][ T2035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1838.903919][ T2044] block nbd2: shutting down sockets
[ 1838.935775][ T2032] kvm: MONITOR instruction emulated as NOP!
[ 1839.079324][ T5858] block nbd1: Receive control failed (result -32)
[ 1839.107094][ T2036] block nbd1: shutting down sockets
[ 1840.661845][   T10] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 1840.700392][T14493] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1841.556735][   T10] usb 6-1: Using ep0 maxpacket: 8
[ 1841.572280][T14493] usb 4-1: Using ep0 maxpacket: 32
[ 1841.593973][T14493] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1841.608111][   T10] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1841.619602][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1841.635536][   T10] usb 6-1: config 0 descriptor??
[ 1841.636382][T14493] usb 4-1: New USB device found, idVendor=1630, idProduct=0042, bcdDevice=5b.13
[ 1841.668291][T14493] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1841.844074][T14493] usb 4-1: Product: syz
[ 1841.852788][   T10] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1841.854363][T14493] usb 4-1: Manufacturer: syz
[ 1841.885351][ T2132] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5402'.
[ 1841.939047][T14493] usb 4-1: SerialNumber: syz
[ 1841.939349][   T10] asix 6-1:0.0: probe with driver asix failed with error -32
[ 1842.025519][T14493] usb 4-1: config 0 descriptor??
[ 1842.059484][T14493] rndis_host 4-1:0.0: skipping garbage
[ 1842.081709][T14493] rndis_host 4-1:0.0: probe with driver rndis_host failed with error -22
[ 1842.094087][   T30] audit: type=1400 audit(1754757269.615:3298): avc:  denied  { getopt } for  pid=2125 comm="syz.1.5402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1843.432009][   T30] audit: type=1400 audit(1754757270.445:3299): avc:  denied  { listen } for  pid=2105 comm="syz.3.5398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1843.469002][   T30] audit: type=1400 audit(1754757270.645:3300): avc:  denied  { write } for  pid=2105 comm="syz.3.5398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1843.510178][   T30] audit: type=1400 audit(1754757270.685:3301): avc:  denied  { accept } for  pid=2105 comm="syz.3.5398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1843.538390][T14493] usb 6-1: USB disconnect, device number 35
[ 1843.579121][   T30] audit: type=1326 audit(1754757271.075:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2147 comm="syz.2.5404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1843.610216][ T2155] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5405'.
[ 1843.776920][   T30] audit: type=1326 audit(1754757271.075:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2147 comm="syz.2.5404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1843.947120][   T30] audit: type=1326 audit(1754757271.075:3304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2147 comm="syz.2.5404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1844.272289][   T30] audit: type=1326 audit(1754757271.075:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2147 comm="syz.2.5404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1844.357010][   T30] audit: type=1326 audit(1754757271.075:3306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2147 comm="syz.2.5404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1844.387736][ T2175] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5408'.
[ 1844.440590][   T30] audit: type=1326 audit(1754757271.075:3307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2147 comm="syz.2.5404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1844.590103][   T10] usb 4-1: USB disconnect, device number 7
[ 1846.077065][ T2206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1846.085826][ T2206] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1847.956187][ T2261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1847.964774][ T2261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1848.185508][ T2267] RDS: rds_bind could not find a transport for fe88::1, load rds_tcp or rds_rdma?
[ 1848.601338][   T30] kauditd_printk_skb: 55 callbacks suppressed
[ 1848.601399][   T30] audit: type=1400 audit(1754757276.135:3363): avc:  denied  { write } for  pid=2265 comm="syz.1.5424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1849.710439][T13520] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 1849.885972][T13520] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1849.924536][T13520] usb 6-1: config 0 has no interface number 0
[ 1850.091403][T13520] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1850.123191][T13520] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1850.269361][T13520] usb 6-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1850.413670][T13520] usb 6-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[ 1850.436686][T13520] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1850.467497][T13520] usb 6-1: config 0 descriptor??
[ 1850.777850][   T30] audit: type=1326 audit(1754757278.285:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1850.983778][   T30] audit: type=1326 audit(1754757278.285:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.013649][   T30] audit: type=1326 audit(1754757278.285:3366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.136977][   T30] audit: type=1326 audit(1754757278.285:3367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.173134][   T30] audit: type=1326 audit(1754757278.285:3368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.411659][   T30] audit: type=1326 audit(1754757278.285:3369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.436430][   T30] audit: type=1326 audit(1754757278.285:3370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.468716][   T30] audit: type=1326 audit(1754757278.285:3371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1318ebe9 code=0x7ffc0000
[ 1851.472099][T13520] input: HID 28bd:0042 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.1/0003:28BD:0042.0058/input/input57
[ 1851.492175][   T30] audit: type=1326 audit(1754757278.285:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2291 comm="syz.2.5430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6c13190b07 code=0x7ffc0000
[ 1851.675564][T13520] uclogic 0003:28BD:0042.0058: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.5-1/input1
[ 1851.875145][ T5858] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1852.344014][ T2275] lo speed is unknown, defaulting to 1000
[ 1852.463898][ T2301] unknown channel width for channel at 909000KHz?
[ 1852.683535][ T2328] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5434'.
[ 1852.846285][T13520] usb 6-1: reset high-speed USB device number 36 using dummy_hcd
[ 1853.540323][ T2369] netlink: 'syz.1.5435': attribute type 1 has an invalid length.
[ 1853.590604][ T2369] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5435'.
[ 1854.195828][ T5976] usb 6-1: USB disconnect, device number 36
[ 1855.821546][ T5976] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1855.990324][ T5976] usb 6-1: Using ep0 maxpacket: 16
[ 1856.002953][ T5976] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[ 1856.017288][ T5976] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1856.121253][ T5976] usb 6-1: Product: syz
[ 1856.159678][ T5976] usb 6-1: Manufacturer: syz
[ 1856.165307][ T5976] usb 6-1: SerialNumber: syz
[ 1856.195814][ T5976] usb 6-1: config 0 descriptor??
[ 1856.496567][ T5976] speedtch 6-1:0.0: speedtch_bind: wrong device class 68
[ 1856.504631][ T5976] speedtch 6-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1856.671703][ T2446] binder_alloc: 2442: binder_alloc_buf, no vma
[ 1856.783520][ T5958] usb 6-1: USB disconnect, device number 37
[ 1856.896293][ T2433] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5446'.
[ 1856.911877][ T2433] can0: slcan on ptm0.
[ 1857.000624][ T2432] can0 (unregistered): slcan off ptm0.
[ 1857.087117][ T2470] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1857.297810][ T2475] syz.0.5450 (2475): drop_caches: 2
[ 1857.437967][   T30] kauditd_printk_skb: 21 callbacks suppressed
[ 1857.437978][   T30] audit: type=1400 audit(1754757284.965:3394): avc:  denied  { read } for  pid=2465 comm="syz.3.5449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1857.707169][   T30] audit: type=1400 audit(1754757284.965:3395): avc:  denied  { write } for  pid=2465 comm="syz.3.5449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1858.527848][T12900] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1858.621023][ T2497] block nbd3: shutting down sockets
[ 1858.663601][ T2506] netlink: 'syz.0.5455': attribute type 10 has an invalid length.
[ 1858.699707][T12900] usb 2-1: Using ep0 maxpacket: 32
[ 1858.710094][T12900] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1858.760220][T12900] usb 2-1: config 0 has no interface number 0
[ 1858.766362][T12900] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1858.801735][T12900] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1858.820252][T12900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1858.850248][T12900] usb 2-1: Product: syz
[ 1858.854444][T12900] usb 2-1: Manufacturer: syz
[ 1858.859030][T12900] usb 2-1: SerialNumber: syz
[ 1858.895723][T12900] usb 2-1: config 0 descriptor??
[ 1858.951983][ T2506] 8021q: adding VLAN 0 to HW filter on device team0
[ 1858.966519][T12900] smsc75xx v1.0.0
[ 1859.006855][ T2506] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1859.147120][T12900] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1859.259476][T12900] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -22
[ 1859.322233][T12900] usb 2-1: USB disconnect, device number 16
[ 1859.851129][   T10] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[ 1860.111907][   T10] usb 6-1: Using ep0 maxpacket: 32
[ 1860.146704][   T10] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1860.156291][   T10] usb 6-1: config 0 has no interface number 0
[ 1860.306292][   T10] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1860.315246][   T10] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1860.324619][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1860.332629][   T10] usb 6-1: Product: syz
[ 1860.338256][   T10] usb 6-1: Manufacturer: syz
[ 1860.350219][   T10] usb 6-1: SerialNumber: syz
[ 1860.362620][   T10] usb 6-1: config 0 descriptor??
[ 1860.378399][   T10] smsc75xx v1.0.0
[ 1860.396540][   T10] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1860.407299][   T10] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -22
[ 1860.456575][   T30] audit: type=1400 audit(1754757287.975:3396): avc:  denied  { read } for  pid=2572 comm="syz.3.5463" path="socket:[105118]" dev="sockfs" ino=105118 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1860.578513][   T10] usb 6-1: USB disconnect, device number 38
[ 1860.640291][T14493] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1860.687874][ T2586] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1860.800273][T14493] usb 2-1: Using ep0 maxpacket: 8
[ 1861.074323][T14493] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1861.118776][T14493] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1861.145482][T14493] usb 2-1: config 0 descriptor??
[ 1862.650302][T27090] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1862.803171][T27090] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1862.813522][T27090] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1862.835000][T27090] usb 3-1: config 0 descriptor??
[ 1862.846909][T27090] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1862.990212][T12900] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1863.150278][T12900] usb 4-1: Using ep0 maxpacket: 8
[ 1863.163154][T12900] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1863.329720][T12900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1863.352727][T12900] usb 4-1: config 0 descriptor??
[ 1864.326880][ T2655] netlink: 'syz.5.5474': attribute type 1 has an invalid length.
[ 1864.334717][ T2655] netlink: 'syz.5.5474': attribute type 1 has an invalid length.
[ 1864.342470][ T2655] netlink: 216 bytes leftover after parsing attributes in process `syz.5.5474'.
[ 1864.352716][ T2655] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5474'.
[ 1864.409800][T27090] usb 3-1: USB disconnect, device number 16
[ 1866.061001][T14493] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1866.078779][T14493] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1866.110486][T14493] asix 2-1:0.0: probe with driver asix failed with error -71
[ 1866.123910][T14493] usb 2-1: USB disconnect, device number 17
[ 1866.360772][T12900] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1866.410407][T12900] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1866.878094][T12900] asix 4-1:0.0: probe with driver asix failed with error -71
[ 1867.160173][T12900] usb 4-1: USB disconnect, device number 8
[ 1867.593496][ T2749] serio: Serial port ttyS3
[ 1867.727860][   T30] audit: type=1800 audit(1754757295.115:3397): pid=2749 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.5482" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1867.916870][ T2730] block nbd3: shutting down sockets
[ 1868.491506][ T2762] netlink: 'syz.0.5487': attribute type 4 has an invalid length.
[ 1868.525887][ T2762] netlink: 'syz.0.5487': attribute type 4 has an invalid length.
[ 1868.816258][ T2773] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5488'.
[ 1868.855260][ T2765] block nbd3: shutting down sockets
[ 1868.927020][   T30] audit: type=1400 audit(1754757296.445:3398): avc:  denied  { append } for  pid=2763 comm="syz.2.5488" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1869.003722][   T30] audit: type=1400 audit(1754757296.455:3399): avc:  denied  { ioctl } for  pid=2763 comm="syz.2.5488" path="socket:[105321]" dev="sockfs" ino=105321 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1869.333680][ T2782] binder_alloc: 2775: binder_alloc_buf, no vma
[ 1869.580889][ T2789] syz.0.5494 (2789): drop_caches: 2
[ 1869.601888][ T2790] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1869.980681][ T2798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1869.989295][ T2798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1870.279093][ T2805] RDS: rds_bind could not find a transport for fe88::1, load rds_tcp or rds_rdma?
[ 1871.635097][ T2823] policy can only be matched on NF_INET_PRE_ROUTING
[ 1871.635117][ T2823] unable to load match
[ 1872.212157][   T10] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1872.646112][   T10] usb 4-1: too many configurations: 223, using maximum allowed: 8
[ 1872.657326][   T10] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1872.667175][   T10] usb 4-1: can't read configurations, error -61
[ 1872.707308][ T2873] binder: BINDER_SET_CONTEXT_MGR already set
[ 1872.717448][ T2873] binder: 2872:2873 ioctl 4018620d 200000004a80 returned -16
[ 1872.877666][   T10] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1873.445352][ T5858] Bluetooth: hci0: connection err: -111
[ 1873.454235][   T10] usb 4-1: too many configurations: 223, using maximum allowed: 8
[ 1873.515556][   T10] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1873.785493][   T10] usb 4-1: can't read configurations, error -61
[ 1873.897087][   T10] usb usb4-port1: attempt power cycle
[ 1874.133693][ T2897] syz.0.5511 (2897): drop_caches: 2
[ 1874.385907][ T2896] overlayfs: failed to resolve './file1': -2
[ 1874.560517][   T10] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1874.582109][   T10] usb 4-1: too many configurations: 223, using maximum allowed: 8
[ 1874.591603][   T10] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1874.599270][   T10] usb 4-1: can't read configurations, error -61
[ 1874.750217][   T10] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1874.864322][   T10] usb 4-1: too many configurations: 223, using maximum allowed: 8
[ 1874.880756][   T10] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1874.888475][   T10] usb 4-1: can't read configurations, error -61
[ 1874.906090][   T10] usb usb4-port1: unable to enumerate USB device
[ 1875.380197][   T10] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1875.484599][ T2931] syz.5.5519 (2931): drop_caches: 2
[ 1875.509221][T14493] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1875.640221][   T10] usb 4-1: Using ep0 maxpacket: 32
[ 1875.700175][T14493] usb 2-1: Using ep0 maxpacket: 8
[ 1875.705778][   T10] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1875.705806][   T10] usb 4-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[ 1875.705831][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1875.705862][   T10] usb 4-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[ 1875.705884][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1875.707819][   T10] usb 4-1: config 0 descriptor??
[ 1875.738428][T14493] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1875.780230][T14493] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1875.832080][T14493] usb 2-1: config 0 descriptor??
[ 1875.934552][ T2937] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5520'.
[ 1877.480217][   T30] audit: type=1400 audit(1754757305.005:3400): avc:  denied  { read } for  pid=2974 comm="syz.0.5524" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1878.086603][   T30] audit: type=1400 audit(1754757305.005:3401): avc:  denied  { open } for  pid=2974 comm="syz.0.5524" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1878.130034][   T30] audit: type=1400 audit(1754757305.015:3402): avc:  denied  { ioctl } for  pid=2974 comm="syz.0.5524" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x9366 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1878.167299][ T2984] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5525'.
[ 1878.326227][ T2985] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5516'.
[ 1879.285620][T14493] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1879.313815][T14493] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1880.097953][T14493] asix 2-1:0.0: probe with driver asix failed with error -71
[ 1880.168410][T14493] usb 2-1: USB disconnect, device number 18
[ 1880.637993][ T5976] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1880.792008][ T5976] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1880.801462][ T5976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1880.832039][ T5976] usb 3-1: config 0 descriptor??
[ 1881.488016][   T10] usbhid 4-1:0.0: can't add hid device: -32
[ 1881.497603][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[ 1881.522539][ T5976] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1881.803584][ T3024] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1882.108358][ T3034] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[ 1882.117777][ T3034] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[ 1882.486103][T27090] usb 4-1: USB disconnect, device number 13
[ 1883.180477][ T5976] usb 3-1: USB disconnect, device number 17
[ 1884.310186][ T5976] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1884.480159][ T5976] usb 4-1: Using ep0 maxpacket: 8
[ 1884.560045][ T5976] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1884.569749][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1885.167907][ T5976] usb 4-1: config 0 descriptor??
[ 1889.018253][ T5976] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1889.248084][ T5976] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1889.287607][ T5976] asix 4-1:0.0: probe with driver asix failed with error -71
[ 1889.303937][   T30] audit: type=1400 audit(1754757316.835:3403): avc:  denied  { lock } for  pid=3108 comm="syz.1.5547" path="socket:[106325]" dev="sockfs" ino=106325 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1889.329495][ T5976] usb 4-1: USB disconnect, device number 14
[ 1890.419158][ T3147] ubi: mtd0 is already attached to ubi31
[ 1890.455490][   T30] audit: type=1400 audit(1754757317.975:3404): avc:  denied  { setattr } for  pid=3146 comm="syz.0.5554" name="ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1890.456239][ T3147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1890.478600][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1890.505850][ T3147] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1891.613039][ T5899] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1891.897925][ T5899] usb 4-1: Using ep0 maxpacket: 8
[ 1891.916904][ T5899] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1891.926567][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1891.951525][    C0] IPv4: Oversized IP packet from 172.20.20.24
[ 1891.958255][ T3185] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5562'.
[ 1891.967243][ T3185] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5562'.
[ 1892.031268][ T5899] usb 4-1: config 0 descriptor??
[ 1892.309227][ T5858] Bluetooth: hci2: connection err: -111
[ 1893.100080][ T3217] FAULT_INJECTION: forcing a failure.
[ 1893.100080][ T3217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1893.113326][ T3217] CPU: 1 UID: 0 PID: 3217 Comm: syz.1.5565 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 1893.113352][ T3217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1893.113364][ T3217] Call Trace:
[ 1893.113371][ T3217]  <TASK>
[ 1893.113379][ T3217]  dump_stack_lvl+0x16c/0x1f0
[ 1893.113407][ T3217]  should_fail_ex+0x512/0x640
[ 1893.113431][ T3217]  _copy_from_user+0x2e/0xd0
[ 1893.113456][ T3217]  keyctl_dh_compute+0xaa/0x140
[ 1893.113486][ T3217]  ? __pfx_keyctl_dh_compute+0x10/0x10
[ 1893.113518][ T3217]  ? ksys_write+0x1ac/0x250
[ 1893.113543][ T3217]  __do_sys_keyctl+0x4df/0x590
[ 1893.113567][ T3217]  do_syscall_64+0xcd/0x4c0
[ 1893.113589][ T3217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1893.113608][ T3217] RIP: 0033:0x7f026cd8ebe9
[ 1893.113623][ T3217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1893.113641][ T3217] RSP: 002b:00007f026dc2e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[ 1893.113658][ T3217] RAX: ffffffffffffffda RBX: 00007f026cfb6180 RCX: 00007f026cd8ebe9
[ 1893.113670][ T3217] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000017
[ 1893.113680][ T3217] RBP: 00007f026dc2e090 R08: 0000200000000000 R09: 0000000000000000
[ 1893.113691][ T3217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1893.113702][ T3217] R13: 00007f026cfb6218 R14: 00007f026cfb6180 R15: 00007ffcb977c658
[ 1893.113726][ T3217]  </TASK>
[ 1893.537048][ T3228] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5566'.
[ 1893.606442][   T30] audit: type=1400 audit(1754757321.065:3405): avc:  denied  { bind } for  pid=3215 comm="syz.2.5566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1893.730711][   T30] audit: type=1400 audit(1754757321.065:3406): avc:  denied  { setopt } for  pid=3215 comm="syz.2.5566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1894.065739][ T3213] pim6reg: entered allmulticast mode
[ 1894.210084][ T3213] pim6reg: left allmulticast mode
[ 1895.443516][ T5899] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1895.454632][ T5899] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1895.477493][ T5899] asix 4-1:0.0: probe with driver asix failed with error -71
[ 1895.497583][ T5899] usb 4-1: USB disconnect, device number 15
[ 1896.845229][ T3269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1896.855452][ T3269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1896.928372][   T30] audit: type=1400 audit(1754757324.455:3407): avc:  denied  { read append } for  pid=3283 comm="syz.3.5575" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1896.962388][   T30] audit: type=1400 audit(1754757324.475:3408): avc:  denied  { open } for  pid=3283 comm="syz.3.5575" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1897.014529][ T3284] usb 1-1: USB disconnect, device number 14
[ 1897.140242][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1898.192116][   T10] usb 2-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[ 1898.213279][   T10] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1898.228869][   T10] usb 2-1: config 220 has 0 interfaces, different from the descriptor's value: 184
[ 1898.241363][   T10] usb 2-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[ 1898.257998][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1898.731655][ T3315] RDS: rds_bind could not find a transport for fe88::2, load rds_tcp or rds_rdma?
[ 1899.965638][ T3318] syz.0.5581 (3318): drop_caches: 2
[ 1900.047619][ T3324] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[ 1900.058810][ T3324] netlink: 'syz.0.5583': attribute type 10 has an invalid length.
[ 1900.095386][   T30] audit: type=1400 audit(1754757327.625:3409): avc:  denied  { setopt } for  pid=3321 comm="syz.3.5582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1900.173815][T27090] usb 2-1: USB disconnect, device number 19
[ 1900.709599][ T3346] syz.3.5587 (3346): drop_caches: 2
[ 1902.382083][ T3370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1902.395675][ T3370] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1902.773489][   T30] audit: type=1400 audit(1754757330.305:3410): avc:  denied  { getopt } for  pid=3373 comm="syz.1.5593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1903.788649][   T30] audit: type=1400 audit(1754757331.305:3411): avc:  denied  { setopt } for  pid=3386 comm="syz.1.5595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1903.823987][ T3391] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5596'.
[ 1904.391455][ T3400] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[ 1904.408820][ T3400] netlink: 'syz.0.5597': attribute type 10 has an invalid length.
[ 1904.460415][ T5976] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1904.620249][ T5976] usb 2-1: Using ep0 maxpacket: 32
[ 1904.633175][ T5976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1904.664558][ T5976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1904.694148][ T5976] usb 2-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[ 1904.710149][ T5976] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1904.730180][ T5976] usb 2-1: Product: syz
[ 1904.734354][ T5976] usb 2-1: Manufacturer: syz
[ 1904.759270][ T5976] usb 2-1: SerialNumber: syz
[ 1904.771822][ T5976] usb 2-1: config 0 descriptor??
[ 1904.784833][ T5976] usb 2-1: no audio or video endpoints found
[ 1905.023270][T13520] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1905.123812][ T5858] Bluetooth: hci4: connection err: -111
[ 1905.290276][T13520] usb 4-1: Using ep0 maxpacket: 8
[ 1905.305539][T13520] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1905.321115][T13520] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1905.331155][T13520] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1905.341482][T13520] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1905.354697][T13520] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1905.365706][T13520] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1905.433498][T12900] usb 2-1: USB disconnect, device number 20
[ 1905.593283][T13520] usb 4-1: GET_CAPABILITIES returned 0
[ 1905.602572][T13520] usbtmc 4-1:16.0: can't read capabilities
[ 1906.433388][ T3449] bridge3: entered promiscuous mode
[ 1906.438596][ T3449] bridge3: entered allmulticast mode
[ 1907.830394][T27090] usb 4-1: USB disconnect, device number 16
[ 1907.940196][   T30] audit: type=1400 audit(1754757335.405:3412): avc:  denied  { read } for  pid=3469 comm="syz.2.5606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1907.961368][ T3482] netlink: 'syz.0.5607': attribute type 1 has an invalid length.
[ 1907.967634][ T3484] netlink: 'syz.3.5608': attribute type 11 has an invalid length.
[ 1907.969087][ T3482] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5607'.
[ 1907.998291][   T30] audit: type=1400 audit(1754757335.405:3413): avc:  denied  { ioctl } for  pid=3469 comm="syz.2.5606" path="socket:[107352]" dev="sockfs" ino=107352 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1908.194473][ T3484] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5608'.
[ 1908.484797][ T3498] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5610'.
[ 1911.245936][ T3526] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5615'.
[ 1912.135908][   T30] audit: type=1400 audit(1754757339.665:3414): avc:  denied  { ioctl } for  pid=3543 comm="syz.3.5619" path="socket:[108080]" dev="sockfs" ino=108080 ioctlcmd=0x9413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1912.184227][   T30] audit: type=1400 audit(1754757339.695:3415): avc:  granted  { setsecparam } for  pid=3543 comm="syz.3.5619" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 1912.365581][ T3547] geneve2: entered promiscuous mode
[ 1912.399202][ T3547] geneve2: entered allmulticast mode
[ 1912.448135][   T30] audit: type=1400 audit(1754757339.975:3416): avc:  denied  { create } for  pid=3559 comm="syz.0.5625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[ 1912.551193][T15020] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1912.572227][T15020] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1912.580992][T15020] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1912.589364][ T3569] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1912.605473][T15020] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1912.616018][T15020] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1912.647030][ T3563] lo speed is unknown, defaulting to 1000
[ 1912.659400][   T30] audit: type=1400 audit(1754757340.155:3417): avc:  denied  { mounton } for  pid=3563 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 1913.573471][ T3580] syz.1.5626 (3580): drop_caches: 2
[ 1913.826075][ T3685] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5628'.
[ 1913.898588][ T3563] chnl_net:caif_netlink_parms(): no params data found
[ 1914.127188][ T5858] Bluetooth: hci1: connection err: -111
[ 1914.133367][T13520] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1914.369408][T13520] usb 3-1: config index 0 descriptor too short (expected 61476, got 36)
[ 1914.378091][T13520] usb 3-1: config 0 has an invalid descriptor of length 159, skipping remainder of the config
[ 1914.390410][T13520] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[ 1914.543048][T13520] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1914.552734][T13520] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=8
[ 1914.574588][T13520] usb 3-1: SerialNumber: syz
[ 1914.603542][T13520] usb 3-1: config 0 descriptor??
[ 1914.614406][ T3563] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1914.670450][ T3563] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1914.698632][ T3563] bridge_slave_0: entered allmulticast mode
[ 1914.704983][ T5858] Bluetooth: hci3: command tx timeout
[ 1914.732430][ T3563] bridge_slave_0: entered promiscuous mode
[ 1914.750585][ T3563] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1914.763456][ T3563] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1914.884472][ T3563] bridge_slave_1: entered allmulticast mode
[ 1914.960460][ T3563] bridge_slave_1: entered promiscuous mode
[ 1915.718143][ T3563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1915.762934][ T3563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1915.878694][ T3563] team0: Port device team_slave_0 added
[ 1915.898481][ T3563] team0: Port device team_slave_1 added
[ 1916.052322][   T30] audit: type=1400 audit(1754757343.575:3418): avc:  denied  { shutdown } for  pid=3666 comm="syz.2.5628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1916.214757][ T3563] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1916.256683][ T3563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1916.348419][ T3563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1916.374181][ T3848] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5635'.
[ 1916.400041][ T3563] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1916.424811][ T3563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1916.511140][ T3563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1916.640217][ T3563] hsr_slave_0: entered promiscuous mode
[ 1916.646394][ T3563] hsr_slave_1: entered promiscuous mode
[ 1916.652601][ T3563] debugfs: 'hsr0' already exists in 'hsr'
[ 1916.658309][ T3563] Cannot create hsr debugfs directory
[ 1916.781053][ T5858] Bluetooth: hci3: command tx timeout
[ 1916.827769][ T3563] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1916.838313][ T3563] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1916.847442][ T3563] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1916.856291][ T3563] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1916.912823][ T3563] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1916.931194][ T3563] 8021q: adding VLAN 0 to HW filter on device team0
[ 1916.942584][T31511] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1916.949703][T31511] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1916.963012][T13442] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1916.970083][T13442] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1917.108946][ T3563] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1917.204383][ T5976] usb 3-1: USB disconnect, device number 18
[ 1917.289148][ T3563] veth0_vlan: entered promiscuous mode
[ 1917.299974][ T3563] veth1_vlan: entered promiscuous mode
[ 1917.326982][ T3563] veth0_macvtap: entered promiscuous mode
[ 1917.336848][ T3563] veth1_macvtap: entered promiscuous mode
[ 1917.349929][ T3563] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1917.365389][ T3563] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1917.377770][T31507] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1917.387135][T31507] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1917.401493][T31507] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1917.410781][T31507] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1917.504276][T31513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1917.515529][T31513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1917.539988][T31513] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1917.549167][T31513] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1917.564527][   T30] audit: type=1400 audit(1754757345.095:3419): avc:  denied  { mounton } for  pid=3563 comm="syz-executor" path="/root/syzkaller.Xeks6a/syz-tmp" dev="sda1" ino=2059 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1917.589993][   T30] audit: type=1400 audit(1754757345.095:3420): avc:  denied  { mount } for  pid=3563 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1917.612249][   T30] audit: type=1400 audit(1754757345.095:3421): avc:  denied  { mounton } for  pid=3563 comm="syz-executor" path="/root/syzkaller.Xeks6a/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1917.663655][   T30] audit: type=1400 audit(1754757345.095:3422): avc:  denied  { mounton } for  pid=3563 comm="syz-executor" path="/root/syzkaller.Xeks6a/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=109685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1917.693360][   T30] audit: type=1400 audit(1754757345.125:3423): avc:  denied  { mounton } for  pid=3563 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1917.722239][   T30] audit: type=1400 audit(1754757345.125:3424): avc:  denied  { mount } for  pid=3563 comm="syz-executor" name="/" dev="gadgetfs" ino=6686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 1917.746882][   T30] audit: type=1400 audit(1754757345.125:3425): avc:  denied  { mounton } for  pid=3563 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 1918.870403][ T5858] Bluetooth: hci3: command tx timeout
[ 1920.940299][ T5858] Bluetooth: hci3: command tx timeout
[ 2039.110216][T15020] Bluetooth: hci3: command 0x0406 tx timeout
[ 2046.621993][   T31] INFO: task syz.5.5576:3284 blocked for more than 143 seconds.
[ 2046.629660][   T31]       Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0
[ 2046.637064][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2046.645808][   T31] task:syz.5.5576      state:D stack:25112 pid:3284  tgid:3279  ppid:23612  task_flags:0x480140 flags:0x00004006
[ 2046.657850][   T31] Call Trace:
[ 2046.661465][   T31]  <TASK>
[ 2046.664796][   T31]  __schedule+0x1190/0x5de0
[ 2046.669320][   T31]  ? __pfx___schedule+0x10/0x10
[ 2046.674650][   T31]  ? find_held_lock+0x2b/0x80
[ 2046.679329][   T31]  ? schedule+0x2d7/0x3a0
[ 2046.683751][   T31]  schedule+0xe7/0x3a0
[ 2046.687823][   T31]  schedule_timeout+0x257/0x290
[ 2046.692751][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 2046.698128][   T31]  ? mark_held_locks+0x49/0x80
[ 2046.703190][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2046.708485][   T31]  __wait_for_common+0x2fc/0x4e0
[ 2046.713496][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 2046.718875][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 2046.724445][   T31]  ? __pfx_device_del+0x10/0x10
[ 2046.729294][   T31]  ? kobject_put+0xab/0x5a0
[ 2046.733975][   T31]  i2c_del_adapter+0x546/0x6f0
[ 2046.738743][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[ 2046.745601][   T31]  ? __pfx_rpm_resume+0x10/0x10
[ 2046.750523][   T31]  pvr2_i2c_core_done+0x6d/0xc0
[ 2046.755373][   T31]  pvr2_hdw_disconnect+0xcb/0x630
[ 2046.760433][   T31]  pvr2_context_disconnect+0x32/0xc0
[ 2046.765891][   T31]  pvr_disconnect+0x80/0xf0
[ 2046.770473][   T31]  usb_unbind_interface+0x1da/0x9e0
[ 2046.775673][   T31]  ? kernfs_remove_by_name_ns+0xbe/0x110
[ 2046.781440][   T31]  ? __pfx_usb_unbind_interface+0x10/0x10
[ 2046.787171][   T31]  device_remove+0x122/0x170
[ 2046.791795][   T31]  device_release_driver_internal+0x44b/0x620
[ 2046.797859][   T31]  bus_remove_device+0x22f/0x420
[ 2046.802868][   T31]  device_del+0x396/0x9f0
[ 2046.807288][   T31]  ? __pfx_device_del+0x10/0x10
[ 2046.812221][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2046.817253][   T31]  ? __pfx___pm_runtime_barrier+0x10/0x10
[ 2046.823019][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2046.828041][   T31]  usb_disable_device+0x355/0x7d0
[ 2046.833086][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2046.838278][   T31]  usb_disconnect+0x2e1/0x9c0
[ 2046.842971][   T31]  hub_quiesce+0x170/0x320
[ 2046.847382][   T31]  hub_disconnect+0xd5/0x500
[ 2046.852081][   T31]  usb_unbind_interface+0x1da/0x9e0
[ 2046.857279][   T31]  ? kernfs_remove_by_name_ns+0xbe/0x110
[ 2046.862920][   T31]  ? __pfx_usb_unbind_interface+0x10/0x10
[ 2046.868643][   T31]  device_remove+0x122/0x170
[ 2046.873281][   T31]  device_release_driver_internal+0x44b/0x620
[ 2046.879340][   T31]  ? __might_fault+0xb0/0x190
[ 2046.884042][   T31]  usb_driver_release_interface+0x109/0x190
[ 2046.889934][   T31]  proc_ioctl+0x5c5/0x6c0
[ 2046.894316][   T31]  usbdev_ioctl+0x1773/0x4070
[ 2046.899069][   T31]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 2046.904123][   T31]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2046.910017][   T31]  ? do_vfs_ioctl+0x128/0x14f0
[ 2046.914808][   T31]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2046.919830][   T31]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2046.926710][   T31]  ? hook_file_ioctl_common+0x145/0x410
[ 2046.932320][   T31]  ? selinux_file_ioctl+0x180/0x270
[ 2046.937519][   T31]  ? selinux_file_ioctl+0xb4/0x270
[ 2046.942683][   T31]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 2046.947696][   T31]  __x64_sys_ioctl+0x18e/0x210
[ 2046.952484][   T31]  do_syscall_64+0xcd/0x4c0
[ 2046.956975][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2046.962893][   T31] RIP: 0033:0x7fb31c18ebe9
[ 2046.967296][   T31] RSP: 002b:00007fb31cf99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2046.975798][   T31] RAX: ffffffffffffffda RBX: 00007fb31c3b5fa0 RCX: 00007fb31c18ebe9
[ 2046.983795][   T31] RDX: 0000200000000200 RSI: 00000000c0105512 RDI: 0000000000000005
[ 2046.991790][   T31] RBP: 00007fb31c211e19 R08: 0000000000000000 R09: 0000000000000000
[ 2046.999749][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2047.007733][   T31] R13: 00007fb31c3b6038 R14: 00007fb31c3b5fa0 R15: 00007ffe73ff1708
[ 2047.015745][   T31]  </TASK>
[ 2047.018757][   T31] INFO: task syz.5.5576:3290 blocked for more than 143 seconds.
[ 2047.026548][   T31]       Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0
[ 2047.033849][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2047.042527][   T31] task:syz.5.5576      state:D stack:29112 pid:3290  tgid:3279  ppid:23612  task_flags:0x400040 flags:0x00004004
[ 2047.054488][   T31] Call Trace:
[ 2047.057765][   T31]  <TASK>
[ 2047.060734][   T31]  __schedule+0x1190/0x5de0
[ 2047.065246][   T31]  ? __pfx_stack_trace_save+0x10/0x10
[ 2047.070671][   T31]  ? __pfx___schedule+0x10/0x10
[ 2047.075525][   T31]  ? find_held_lock+0x2b/0x80
[ 2047.080258][   T31]  ? schedule+0x2d7/0x3a0
[ 2047.084586][   T31]  ? usbdev_ioctl+0x1a8/0x4070
[ 2047.089322][   T31]  schedule+0xe7/0x3a0
[ 2047.093418][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2047.098872][   T31]  __mutex_lock+0x82a/0x10b0
[ 2047.103479][   T31]  ? usbdev_ioctl+0x1a8/0x4070
[ 2047.108234][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2047.113364][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2047.118552][   T31]  ? find_held_lock+0x2b/0x80
[ 2047.123257][   T31]  ? usbdev_ioctl+0x1a8/0x4070
[ 2047.128005][   T31]  usbdev_ioctl+0x1a8/0x4070
[ 2047.132600][   T31]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 2047.137617][   T31]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2047.143523][   T31]  ? do_vfs_ioctl+0x128/0x14f0
[ 2047.148283][   T31]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2047.153350][   T31]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2047.160243][   T31]  ? hook_file_ioctl_common+0x145/0x410
[ 2047.165791][   T31]  ? selinux_file_ioctl+0x180/0x270
[ 2047.171012][   T31]  ? selinux_file_ioctl+0xb4/0x270
[ 2047.176117][   T31]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 2047.181274][   T31]  __x64_sys_ioctl+0x18e/0x210
[ 2047.186048][   T31]  do_syscall_64+0xcd/0x4c0
[ 2047.190578][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.196473][   T31] RIP: 0033:0x7fb31c18ebe9
[ 2047.200932][   T31] RSP: 002b:00007fb31cf78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2047.209341][   T31] RAX: ffffffffffffffda RBX: 00007fb31c3b6090 RCX: 00007fb31c18ebe9
[ 2047.217334][   T31] RDX: 0000200000000040 RSI: 0000000080045505 RDI: 0000000000000005
[ 2047.225318][   T31] RBP: 00007fb31c211e19 R08: 0000000000000000 R09: 0000000000000000
[ 2047.233328][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2047.241345][   T31] R13: 00007fb31c3b6128 R14: 00007fb31c3b6090 R15: 00007ffe73ff1708
[ 2047.249317][   T31]  </TASK>
[ 2047.252362][   T31] INFO: task syz.5.5576:3295 blocked for more than 143 seconds.
[ 2047.259979][   T31]       Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0
[ 2047.268872][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2047.277588][   T31] task:syz.5.5576      state:D stack:27736 pid:3295  tgid:3279  ppid:23612  task_flags:0x400140 flags:0x00004004
[ 2047.289576][   T31] Call Trace:
[ 2047.292882][   T31]  <TASK>
[ 2047.295816][   T31]  __schedule+0x1190/0x5de0
[ 2047.300353][   T31]  ? __pfx_stack_trace_save+0x10/0x10
[ 2047.305740][   T31]  ? __pfx___schedule+0x10/0x10
[ 2047.310616][   T31]  ? find_held_lock+0x2b/0x80
[ 2047.315293][   T31]  ? schedule+0x2d7/0x3a0
[ 2047.319602][   T31]  ? usbdev_ioctl+0x1a8/0x4070
[ 2047.324392][   T31]  schedule+0xe7/0x3a0
[ 2047.328462][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2047.333930][   T31]  __mutex_lock+0x82a/0x10b0
[ 2047.338520][   T31]  ? usbdev_ioctl+0x1a8/0x4070
[ 2047.343288][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2047.348302][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2047.353525][   T31]  ? find_held_lock+0x2b/0x80
[ 2047.358197][   T31]  ? usbdev_ioctl+0x1a8/0x4070
[ 2047.362983][   T31]  usbdev_ioctl+0x1a8/0x4070
[ 2047.367573][   T31]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 2047.372601][   T31]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2047.378484][   T31]  ? do_vfs_ioctl+0x128/0x14f0
[ 2047.383269][   T31]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2047.388302][   T31]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2047.395188][   T31]  ? hook_file_ioctl_common+0x145/0x410
[ 2047.400765][   T31]  ? selinux_file_ioctl+0x180/0x270
[ 2047.405961][   T31]  ? selinux_file_ioctl+0xb4/0x270
[ 2047.411109][   T31]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 2047.416128][   T31]  __x64_sys_ioctl+0x18e/0x210
[ 2047.421038][   T31]  do_syscall_64+0xcd/0x4c0
[ 2047.425569][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.431498][   T31] RIP: 0033:0x7fb31c18ebe9
[ 2047.435904][   T31] RSP: 002b:00007fb31cf36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2047.444327][   T31] RAX: ffffffffffffffda RBX: 00007fb31c3b6270 RCX: 00007fb31c18ebe9
[ 2047.452322][   T31] RDX: 0000200000000000 RSI: 0000000080045505 RDI: 0000000000000005
[ 2047.460304][   T31] RBP: 00007fb31c211e19 R08: 0000000000000000 R09: 0000000000000000
[ 2047.468261][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2047.476240][   T31] R13: 00007fb31c3b6308 R14: 00007fb31c3b6270 R15: 00007ffe73ff1708
[ 2047.484227][   T31]  </TASK>
[ 2047.487238][   T31] 
[ 2047.487238][   T31] Showing all locks held in the system:
[ 2047.494974][   T31] 1 lock held by khungtaskd/31:
[ 2047.499804][   T31]  #0: ffffffff8e5c1160 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 2047.509929][   T31] 2 locks held by getty/5609:
[ 2047.514893][   T31]  #0: ffff88814dd470a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 2047.524649][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 2047.534811][   T31] 2 locks held by kworker/u8:17/31513:
[ 2047.540273][   T31]  #0: ffff88801b881148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 2047.551448][   T31]  #1: ffffc9000c537d10 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: sched_balance_newidle+0x3ae/0x1470
[ 2047.564001][   T31] 5 locks held by syz.5.5576/3284:
[ 2047.569092][   T31]  #0: ffff888144f88198 (&dev->mutex){....}-{4:4}, at: usbdev_ioctl+0x1a8/0x4070
[ 2047.578217][   T31]  #1: ffff888144f89160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620
[ 2047.588814][   T31]  #2: ffff8880359fd198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0x10a/0x9c0
[ 2047.598040][   T31]  #3: ffff88802583f160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620
[ 2047.608574][   T31]  #4: ffff888063174188 (&hdw->big_lock_mutex){+.+.}-{4:4}, at: pvr2_hdw_disconnect+0x8a/0x630
[ 2047.618951][   T31] 1 lock held by syz.5.5576/3290:
[ 2047.624005][   T31]  #0: ffff888144f88198 (&dev->mutex){....}-{4:4}, at: usbdev_ioctl+0x1a8/0x4070
[ 2047.633175][   T31] 1 lock held by syz.5.5576/3295:
[ 2047.638179][   T31]  #0: ffff888144f88198 (&dev->mutex){....}-{4:4}, at: usbdev_ioctl+0x1a8/0x4070
[ 2047.647323][   T31] 
[ 2047.649632][   T31] =============================================
[ 2047.649632][   T31] 
[ 2047.658058][   T31] NMI backtrace for cpu 1
[ 2047.658071][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 2047.658092][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2047.658102][   T31] Call Trace:
[ 2047.658108][   T31]  <TASK>
[ 2047.658114][   T31]  dump_stack_lvl+0x116/0x1f0
[ 2047.658136][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 2047.658159][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2047.658188][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 2047.658215][   T31]  watchdog+0xf0e/0x1260
[ 2047.658239][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2047.658257][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2047.658277][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2047.658305][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2047.658324][   T31]  kthread+0x3c5/0x780
[ 2047.658343][   T31]  ? __pfx_kthread+0x10/0x10
[ 2047.658363][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2047.658384][   T31]  ? __pfx_kthread+0x10/0x10
[ 2047.658402][   T31]  ret_from_fork+0x5d4/0x6f0
[ 2047.658419][   T31]  ? __pfx_kthread+0x10/0x10
[ 2047.658436][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2047.658469][   T31]  </TASK>
[ 2047.658476][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 2047.775765][    C0] NMI backtrace for cpu 0
[ 2047.775779][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 2047.775797][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2047.775805][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 2047.775831][    C0] Code: cc 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d f3 e2 16 00 fb f4 <e9> 4c 0d 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 2047.775844][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 000002c2
[ 2047.775856][    C0] RAX: 000000000b3c42c9 RBX: 0000000000000000 RCX: ffffffff8b932c29
[ 2047.775865][    C0] RDX: 0000000000000000 RSI: ffffffff8de4f035 RDI: ffffffff8c162400
[ 2047.775874][    C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1017086655
[ 2047.775883][    C0] R10: ffff8880b84332ab R11: 0000000000000000 R12: 0000000000000000
[ 2047.775891][    C0] R13: ffffffff8e2977c0 R14: ffffffff90ab3790 R15: 0000000000000000
[ 2047.775900][    C0] FS:  0000000000000000(0000) GS:ffff8881246bd000(0000) knlGS:0000000000000000
[ 2047.775914][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2047.775923][    C0] CR2: 0000559f194e83b8 CR3: 000000000e380000 CR4: 00000000003526f0
[ 2047.775932][    C0] Call Trace:
[ 2047.775938][    C0]  <TASK>
[ 2047.775943][    C0]  default_idle+0x13/0x20
[ 2047.775958][    C0]  default_idle_call+0x6d/0xb0
[ 2047.775973][    C0]  do_idle+0x391/0x510
[ 2047.775991][    C0]  ? __pfx_do_idle+0x10/0x10
[ 2047.776007][    C0]  ? trace_sched_exit_tp+0x2f/0x120
[ 2047.776023][    C0]  cpu_startup_entry+0x4f/0x60
[ 2047.776039][    C0]  rest_init+0x16b/0x2b0
[ 2047.776054][    C0]  ? acpi_subsystem_init+0x133/0x180
[ 2047.776073][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 2047.776095][    C0]  start_kernel+0x3ee/0x4d0
[ 2047.776114][    C0]  x86_64_start_reservations+0x18/0x30
[ 2047.776133][    C0]  x86_64_start_kernel+0x130/0x190
[ 2047.776158][    C0]  common_startup_64+0x13e/0x148
[ 2047.776178][    C0]  </TASK>
[ 2047.778863][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 2047.977409][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-12187-g0227b49b5027 #0 PREEMPT(full) 
[ 2047.988842][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2047.998876][   T31] Call Trace:
[ 2048.002138][   T31]  <TASK>
[ 2048.005049][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 2048.009620][   T31]  vpanic+0x6e8/0x7a0
[ 2048.013587][   T31]  ? __pfx_vpanic+0x10/0x10
[ 2048.018075][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2048.024044][   T31]  panic+0xca/0xd0
[ 2048.027751][   T31]  ? __pfx_panic+0x10/0x10
[ 2048.032336][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 2048.037711][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b1/0x300
[ 2048.043861][   T31]  ? watchdog+0xd78/0x1260
[ 2048.048269][   T31]  ? watchdog+0xd6b/0x1260
[ 2048.052672][   T31]  watchdog+0xd89/0x1260
[ 2048.056907][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2048.061565][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2048.066744][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2048.071756][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2048.076413][   T31]  kthread+0x3c5/0x780
[ 2048.080466][   T31]  ? __pfx_kthread+0x10/0x10
[ 2048.085034][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2048.089779][   T31]  ? __pfx_kthread+0x10/0x10
[ 2048.094349][   T31]  ret_from_fork+0x5d4/0x6f0
[ 2048.098932][   T31]  ? __pfx_kthread+0x10/0x10
[ 2048.103501][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2048.108254][   T31]  </TASK>
[ 2048.111458][   T31] Kernel Offset: disabled
[ 2048.115784][   T31] Rebooting in 86400 seconds..