last executing test programs:

56.005258267s ago: executing program 3 (id=3926):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e210002", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a", @ANYRES32=r2, @ANYBLOB="04"], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040), 0x4)
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
epoll_create1(0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x1003ffffffc]}, 0x8, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68)
r4 = io_uring_setup(0x1c6c, &(0x7f0000000040)={0x0, 0xaebb, 0xd000, 0x20000a, 0x20002f7})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f00000003c0)={0x8000001, 0x0, 0x0, 0x2, 0x4})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@deltfilter={0x34, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xfff2, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x4}}, @TCA_RATE={0x6, 0x5, {0x3, 0xa0}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10008007}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r7 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000029c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
r8 = gettid()
rt_sigqueueinfo(r8, 0x21, &(0x7f00000002c0))
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xe, 0x2010, r3, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffb000/0x4000)=nil], 0x0, &(0x7f00000000c0), 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="050000000000fbdbdf254400000008000300", @ANYRES32=r11, @ANYBLOB="0a001800030303030caf2f955cae8227f94cf35ac5571dbc625c83b8fd24299338111a09806dcf51e5ef08f068bb9480ffbf6cc706345309fbdc075ba33ec206c4ee9e08948c55562a9404a326d8fb754b87c82a117bd402d11c6a9e5ff4b35d76b778ef8ee5a9ce9903be89a60b99048370a9b7e467c57ece761e68e294860864dfc5877f2dd95c0ecada005a9e6a146feb59dd11"], 0x34}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x60000020}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="000429bd7000ffdbdf251b0000000400cc00002100616100000400cc0008009a00000000000400cc0007002100616100001800228014000080080004000700000008000400f900000006002100620000005c7a198c654d6a49ad6fb5199a96db4eea4f3b29c5033bed354adeb63c1b0b356061d4e894332a227310a1b56eb85f9afa04d697b696aebda84e3832a6d8afc0725750ca95b04f0335263275fcc82d500fd0822f0477552cfe69da391a3d676caf604c26fdb915e54e0e87a2cc16834f416964a7f24a315ed00d916c80951756a123fd1a46640150373f7a52528d735d6260c5a67189d93bfd9fd066d2625a1888a0"], 0x60}, 0x1, 0x0, 0x0, 0x4000880}, 0x4040801)

53.782495918s ago: executing program 2 (id=3930):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xf1}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x2000c7fd, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000340)='veno', 0x4)
sendmsg$NL80211_CMD_ADD_TX_TS(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000", @ANYRES16=0x0, @ANYBLOB="00012bbd7000378f8668755269ed30e8d86f", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[], 0x1194}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000880)

53.658757311s ago: executing program 2 (id=3931):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000002380), 0x40100001, 0x401)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000011c0)={0x0, 0x0, r3, r4, 0x3, 0x1800, 0x1, 0x802, {0x7fb, 0x1, 0x7, 0x79, 0xf4b, 0x1000, 0x99, 0x45, 0x412f, 0x2, 0x20, 0x4, 0x0, 0x3, "fe1d00023413000000180000000caa000000090000000000000004b427180010"}})

53.525770196s ago: executing program 2 (id=3932):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGSND(r2, 0x8040451a, 0xffffffffffffffff)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
memfd_create(&(0x7f0000000440)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)

52.706968371s ago: executing program 3 (id=3939):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f00000002c0)={0x1, 0x1, 0x2, 0xff, 0xa4, 0x0, 0x1, 0x0, 0x5, 0x28, 0x0, 0x0, 0x2, 0x20}, 0xe)
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$binfmt_format(0xffffff9c, 0x0, 0x2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_setup(0x3454, 0x0)
clock_gettime(0x6, &(0x7f0000000000)={<r5=>0x0, <r6=>0x0})
clock_settime(0x0, &(0x7f0000000040)={r5, r6+10000000})
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
mmap(&(0x7f0000a82000/0x3000)=nil, 0x3000, 0x300000a, 0xa3b749903f41249d, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$video4linux(&(0x7f0000000000), 0x4000000000000000, 0x500)
syz_genetlink_get_family_id$batadv(0x0, r7)

51.618244393s ago: executing program 3 (id=3944):
ioctl$TCSETS(0xffffffffffffffff, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x400000, 0x14, "3eccd8fd0000000000000010000000040100"})
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)={0xe4, 0x0, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5ec3ea17}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x684a}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xcac1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x800}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xf}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK={0x44, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x4000}, 0x4000800)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r4 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r4, 0x0, 0xd1, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000040000000000000000000000030a20000000000a01020000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021880000000c0a01030000000000000000070000090900020073797a31000000000900010073797a30000000005c000380580000800400018050000b80200001800a00010071756f7461000000100002800c00014000000000000000002c0001800a0001006c696d69740000001c0002800c00024000000000000000000c0001400000000000000003140900001000010000000000000000000084000a2946e6626156edb383315166627764bc2095113af8209daa777c"], 0x10c}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r6, 0xc0286405, &(0x7f0000000080)={0x0, 0x9, {0xffffffffffffffff}, {0xffffffffffffffff}, 0xbd, 0x6})

51.486995631s ago: executing program 2 (id=3945):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r3, r2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31f5ffffff38000000030a01040000000000000000010000010900030001007a32000000000c00024000000000000000010900010073797a300000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x2004041}, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x3, 0x2, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x5000}, 0x480d1)
syz_usb_connect$uac2(0x5, 0x8f, &(0x7f0000000080)=ANY=[@ANYBLOB="12011003000000401e04003040000102030109027d000301093009080b00010107208c0904000000010120000924010040041d000708240a0005ff03020c2403020703000400100001090401000001022000090401010101022000090501090002030b0408250100004004000904020000010220000904020101010220000905820920004006030825018203f30600"], &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000069c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002a00)}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x2, 0x4000000)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {0x3}, {}, @control={0x9, 0x6, 0x4}}], 0x1c)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600064000000000060005"], 0xe4}}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546de7bb959ebab028deda525e19bdeffafbd25000100", <r6=>0xffffffffffffffff})
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r7, 0xff, 0x1, 0x0, &(0x7f00000002c0)=0xfffffffffffffecd)
ioctl$SYNC_IOC_MERGE(r6, 0x40103e05, 0x0)

50.594623964s ago: executing program 4 (id=3946):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/vlan/config\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="22000000040000001000"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@ipv6_newrule={0x24, 0x1a, 0x1, 0x400000, 0x0, {0x81, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e21, 0x7ff}}]}, 0x24}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={r0, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0x1c, &(0x7f0000000680)=ANY=[@ANYBLOB="18080000cbb60000000900000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bf0920000000000035090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000020000b7050000080000001c00000000000000bf9800000000000056080000000000008500000005000000b70000000200000095"], &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)

49.882832368s ago: executing program 4 (id=3949):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e210002", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a", @ANYRES32=r2, @ANYBLOB="04"], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040), 0x4)
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
epoll_create1(0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x1003ffffffc]}, 0x8, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68)
r4 = io_uring_setup(0x1c6c, &(0x7f0000000040)={0x0, 0xaebb, 0xd000, 0x20000a, 0x20002f7})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f00000003c0)={0x8000001, 0x0, 0x0, 0x2, 0x4})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@deltfilter={0x34, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xfff2, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x4}}, @TCA_RATE={0x6, 0x5, {0x3, 0xa0}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10008007}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r7 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000029c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
r8 = gettid()
rt_sigqueueinfo(r8, 0x21, &(0x7f00000002c0))
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xe, 0x2010, r3, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffb000/0x4000)=nil], 0x0, &(0x7f00000000c0), 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="050000000000fbdbdf254400000008000300", @ANYRES32=r11, @ANYBLOB="0a001800030303030caf2f955cae8227f94cf35ac5571dbc625c83b8fd24299338111a09806dcf51e5ef08f068bb9480ffbf6cc706345309fbdc075ba33ec206c4ee9e08948c55562a9404a326d8fb754b87c82a117bd402d11c6a9e5ff4b35d76b778ef8ee5a9ce9903be89a60b99048370a9b7e467c57ece761e68e294860864dfc5877f2dd95c0ecada005a9e6a146feb59dd11"], 0x34}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x60000020}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="000429bd7000ffdbdf251b0000000400cc00002100616100000400cc0008009a00000000000400cc0007002100616100001800228014000080080004000700000008000400f900000006002100620000005c7a198c654d6a49ad6fb5199a96db4eea4f3b29c5033bed354adeb63c1b0b356061d4e894332a227310a1b56eb85f9afa04d697b696aebda84e3832a6d8afc0725750ca95b04f0335263275fcc82d500fd0822f0477552cfe69da391a3d676caf604c26fdb915e54e0e87a2cc16834f416964a7f24a315ed00d916c80951756a123fd1a46640150373f7a52528d735d6260c5a67189d93bfd9fd066d2625a1888a0"], 0x60}, 0x1, 0x0, 0x0, 0x4000880}, 0x4040801)

49.053579299s ago: executing program 1 (id=3952):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0xa, [@enum={0x8, 0x1, 0x0, 0x6, 0x4, [{0x2, 0x1}]}]}, {0x0, [0x30, 0x61, 0x2e, 0x5f, 0x2e, 0x30, 0x5f, 0x2e]}}, 0x0, 0x36, 0x0, 0x1, 0x3ff, 0x0, @void, @value=0xe4ffffff}, 0x28)

48.863713488s ago: executing program 1 (id=3953):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e210002", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a", @ANYRES32=r2, @ANYBLOB="04"], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040), 0x4)
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
epoll_create1(0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x1003ffffffc]}, 0x8, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68)
r4 = io_uring_setup(0x1c6c, &(0x7f0000000040)={0x0, 0xaebb, 0xd000, 0x20000a, 0x20002f7})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f00000003c0)={0x8000001, 0x0, 0x0, 0x2, 0x4})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@deltfilter={0x34, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xfff2, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x4}}, @TCA_RATE={0x6, 0x5, {0x3, 0xa0}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10008007}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r7 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000029c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
r8 = gettid()
rt_sigqueueinfo(r8, 0x21, &(0x7f00000002c0))
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xe, 0x2010, r3, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffb000/0x4000)=nil], 0x0, &(0x7f00000000c0), 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="050000000000fbdbdf254400000008000300", @ANYRES32=r11, @ANYBLOB="0a001800030303030caf2f955cae8227f94cf35ac5571dbc625c83b8fd24299338111a09806dcf51e5ef08f068bb9480ffbf6cc706345309fbdc075ba33ec206c4ee9e08948c55562a9404a326d8fb754b87c82a117bd402d11c6a9e5ff4b35d76b778ef8ee5a9ce9903be89a60b99048370a9b7e467c57ece761e68e294860864dfc5877f2dd95c0ecada005a9e6a146feb59dd11"], 0x34}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x60000020}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="000429bd7000ffdbdf251b0000000400cc00002100616100000400cc0008009a00000000000400cc0007002100616100001800228014000080080004000700000008000400f900000006002100620000005c7a198c654d6a49ad6fb5199a96db4eea4f3b29c5033bed354adeb63c1b0b356061d4e894332a227310a1b56eb85f9afa04d697b696aebda84e3832a6d8afc0725750ca95b04f0335263275fcc82d500fd0822f0477552cfe69da391a3d676caf604c26fdb915e54e0e87a2cc16834f416964a7f24a315ed00d916c80951756a123fd1a46640150373f7a52528d735d6260c5a67189d93bfd9fd066d2625a1888a0"], 0x60}, 0x1, 0x0, 0x0, 0x4000880}, 0x4040801)

48.829769149s ago: executing program 3 (id=3955):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200006, 0x801, 0x4, 0x7, 0xb0})
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)
arch_prctl$ARCH_SHSTK_STATUS(0x5005, &(0x7f0000000000))
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x801, 0x84)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x800000000000000, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0xffffffff, 0x0, 0x0, 0x1009, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x8000)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0xa000, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$FBIOGETCMAP(r4, 0x4604, &(0x7f0000000140)={0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000300)={0x8, @meta={0x4331434d, 0x18620f6b, 0x1cd6, 0xe25b, 0x4918fa40}})
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_GET_CPUID2(r7, 0xc008ae91, &(0x7f00000001c0))
fcntl$setlease(r0, 0x400, 0x1)
fcntl$setlease(r0, 0x400, 0x1)

48.327548074s ago: executing program 3 (id=3956):
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0xa, 0x8b}, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, &(0x7f0000000580)={0xd, 0x6})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x48, &(0x7f0000001600)=0x4, 0x4)
connect$unix(r2, &(0x7f00000007c0)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008520000003000ba9cea78cd01515a1e6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x2d8, 0x98, 0x2d8, 0x98, 0x138, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@multicast1, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1fb, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="000100002c0007012abd7000ffdbdf25037c00000800018004000600e4000280de0001"], 0x100}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r7, 0x8b2c, &(0x7f0000000040))
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000000a00)=@ethtool_rxnfc={0x30, 0xa, 0x3, {0x4, @usr_ip6_spec={@local, @remote, 0x800, 0x2}, {0x0, @multicast, 0x8, 0x3, [0x1, 0x80000000]}, @esp_ip4_spec={@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0x9, 0x80}, {0x0, @remote, 0x0, 0x0, [0x5, 0x6]}, 0x2, 0xa}, 0x6, [0x6a, 0x3, 0x3, 0x3, 0xe5, 0xa]}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)
ioctl$VIDIOC_S_PARM(r7, 0xc0cc5616, &(0x7f0000000840)={0x5, @output={0x0, 0x1, {0x9, 0xfffffff9}, 0x101, 0x2}})
setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000180)={0x2}, 0x2)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)

48.054184925s ago: executing program 2 (id=3957):
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0xa, 0x8b}, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, &(0x7f0000000580)={0xd, 0x6})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x48, &(0x7f0000001600)=0x4, 0x4)
connect$unix(r2, &(0x7f00000007c0)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008520000003000ba9cea78cd01515a1e6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x2d8, 0x98, 0x2d8, 0x98, 0x138, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@multicast1, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1fb, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="000100002c0007012abd7000ffdbdf25037c00000800018004000600e4000280de0001"], 0x100}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r7, 0x8b2c, &(0x7f0000000040))
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000000a00)=@ethtool_rxnfc={0x30, 0xa, 0x3, {0x4, @usr_ip6_spec={@local, @remote, 0x800, 0x2}, {0x0, @multicast, 0x8, 0x3, [0x1, 0x80000000]}, @esp_ip4_spec={@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0x9, 0x80}, {0x0, @remote, 0x0, 0x0, [0x5, 0x6]}, 0x2, 0xa}, 0x6, [0x6a, 0x3, 0x3, 0x3, 0xe5, 0xa]}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)
ioctl$VIDIOC_S_PARM(r7, 0xc0cc5616, &(0x7f0000000840)={0x5, @output={0x0, 0x1, {0x9, 0xfffffff9}, 0x101, 0x2}})
setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000180)={0x2}, 0x2)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)

45.905485289s ago: executing program 4 (id=3959):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xf1}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x2000c7fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
sendmsg$NL80211_CMD_ADD_TX_TS(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000", @ANYRES16=0x0, @ANYBLOB="00012bbd7000378f8668755269ed30e8d86f", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[], 0x1194}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000880)

45.389332202s ago: executing program 1 (id=3960):
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000040), &(0x7f0000000000)="5e8f1f3fc933c527aff867540a7d9c09dfce2e8effe3cce464db57b94f5106f9ef131c838b4ceba290466262f1918be48ba9", 0x32, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000040), &(0x7f0000000000)="5e8f1f3fc933c527aff867540a7d9c09dfce2e8effe3cce464db57b94f5106f9ef131c838b4ceba290466262f1918be48ba9", 0x32, 0xfffffffffffffffe) (async)

45.2997674s ago: executing program 1 (id=3961):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB, @ANYBLOB=',group_id=', @ANYRESHEX=0x0])
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$notify(r0, 0x402, 0x80000032)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1c)
read$FUSE(r1, &(0x7f0000002480)={0x2020}, 0x2020)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x10040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x700}, {{0x18, 0x1, 0x1, 0x700, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x98}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x9, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

45.112475279s ago: executing program 0 (id=3962):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x1607c0, 0x78e22799f4a46ffe)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0xdb)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
syz_emit_ethernet(0x45, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
getitimer(0xe, 0x0)
write(0xffffffffffffffff, &(0x7f0000000140), 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x21, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$I2C(&(0x7f0000000180), 0x0, 0x0)
read$msr(r1, &(0x7f00000002c0)=""/78, 0x4e)
fcntl$setlease(r1, 0x400, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r3, 0x4b45, 0x0)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x300, 0x8, 0x300}})
fcntl$setlease(r0, 0x400, 0x0)
fcntl$getflags(r0, 0x401)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)={0x18, 0x1, 0x1, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x8008)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fffd, 0x522, 0x0, 0x1}, 0x50)

43.993975902s ago: executing program 4 (id=3963):
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004020000040000000a0000", @ANYRES32=0x1, @ANYBLOB='\x00'/17, @ANYRESHEX], 0x48)
r0 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x3110c2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket(0x15, 0x5, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)={0x14, r6, 0x7d243a6ea807936d, 0x70bd2c, 0x25dfdbfa}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x40110)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYRES16=r5, @ANYRES64=r8, @ANYRES8=r2, @ANYRESDEC, @ANYRES32], 0x78}, 0x1, 0x0, 0x0, 0x20004841}, 0x20004004)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r9 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r4, &(0x7f00000007c0)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x14}, @ipv4=@dccp={{0x4f, 0x4, 0x1, 0x9, 0x1e1, 0x68, 0x0, 0x2, 0x21, 0x0, @local, @remote, {[@timestamp_prespec={0x44, 0x3c, 0xdd, 0x3, 0x7, [{@empty, 0x5}, {@private=0xa010102, 0x8}, {@loopback, 0xc}, {@multicast1, 0x3}, {@broadcast, 0x8}, {@multicast1, 0x5}, {@local, 0x9}]}, @generic={0x12, 0x7, "149c3adea7"}, @timestamp={0x44, 0x10, 0xd0, 0x0, 0x3, [0x350b, 0xb, 0x4bfc]}, @end, @timestamp_prespec={0x44, 0x44, 0xed, 0x3, 0xe, [{@loopback, 0xe}, {@local, 0x8}, {@loopback, 0x4}, {@private=0xa01010a, 0x6f95}, {@rand_addr=0x64010100, 0x8}, {@remote}, {@rand_addr=0x64010101, 0x40}, {@local}]}, @timestamp_addr={0x44, 0x54, 0x5e, 0x1, 0x2, [{@broadcast, 0x8}, {@loopback}, {@multicast1, 0xa2}, {@multicast1, 0xfff}, {@dev={0xac, 0x14, 0x14, 0x28}, 0x49}, {@loopback, 0x4}, {@broadcast, 0x6}, {@local, 0x3}, {@loopback, 0x3}, {@private=0xa010100, 0x1}]}, @noop, @cipso={0x86, 0xf, 0x2, [{0x5, 0x3, "86"}, {0x1, 0x6, "086b8a64"}]}, @timestamp_prespec={0x44, 0x2c, 0x55, 0x3, 0x5, [{@rand_addr=0x64010100, 0x7e}, {@dev={0xac, 0x14, 0x14, 0x17}, 0xfffffffd}, {@local, 0x101}, {@private=0xa010102, 0x24}, {@remote, 0x1}]}]}}, {{0x5, 0x4e22, 0x4, 0x1, 0x9, 0x0, 0x0, 0x8, 0x0, "a4e3c9", 0x4, "a00bac"}, "79eca2d17cb569ad72b0f2c6c60183795b583783b956e667df5c7f8b11ada8a4d92e7e320af5aef79f36c34c070151d32c87140af3a0563e47e805b1d7124d472968549b0e4fe1b6a7c13c6115c8d4675bc5f0d8f947f7e92aa20adc7886e2109cd887fd8642f8655b5fa704f276c953c44e24d4b26abbe3543146be1fd4346ca058ec919c3dd8f09617726e6b88d747e838a5ea84"}}}, 0x1ef)
r10 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r10, 0x29, 0x3b, 0x0, 0x0)
getsockopt(r3, 0x200000000114, 0x2720, 0x0, &(0x7f0000000280))
r11 = userfaultfd(0x801)
ioctl$UFFDIO_CONTINUE(r11, 0x8010aa01, &(0x7f0000000000)={{&(0x7f0000600000/0x3000)=nil, 0x3000}})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

43.477738552s ago: executing program 2 (id=3964):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="9fea010018000000000000001800000018000000fc227efe73c5a9ca01000005090000000000000003000000010000000000ff42954aaab4560ec5fdf78da82309db97871053273264f83d605bbcf4a4ef61f0dff1d3d2f3ea37b40813727377e83f"], 0x0, 0x32, 0x0, 0x1}, 0x28)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="2c0000003702000105", @ANYRES32=0x0, @ANYBLOB="0e002f6400"/15], 0x2c)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0)
r3 = openat$cgroup_ro(r1, &(0x7f00000003c0)='cpuacct.stat\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socket$tipc(0x1e, 0x5, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x2)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r5, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r6, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r6, 0x0, &(0x7f0000ff8000/0x1000)=nil, 0x1000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r5, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r6, 0x0, 0x0, 0x0, <r7=>0x0, 0xffffff97})
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x1c, 0x5a, 0x1, 0x0, 0x0, {0x1c}, [@typed={0x8, 0x1, 0x0, 0x0, @binary="1436c99f"}]}, 0x1c}}, 0x0)
ioctl$IOMMU_HWPT_ALLOC$TEST(r5, 0x3b89, &(0x7f0000000100)={0x28, 0x1, r7, r6, 0x0, 0x0, 0xdead, 0x0, 0x0})
close_range(r4, 0xffffffffffffffff, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r9, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})

43.476123146s ago: executing program 3 (id=3965):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x4c, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3ff}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902240001000010000904b8070259d1ca000905060200020d0006090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000480)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="400a04000000a0e763a8b74aa536c199db9f7aeb5048f82adfde5a65616893789261e44305"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000640)={0x44, &(0x7f0000000200)={0x0, 0xc, 0x4, "ca258375"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="601004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000005c0)={0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB="205aba"], 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f00000007c0)={0x20, 0x17, 0x4, "549b3e82"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f00000002c0)={0x2c, &(0x7f0000000380)={0x0, 0xe, 0x4, "2ae84be4"}, 0x0, 0x0, 0x0, 0x0})
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f00000006c0)=ANY=[@ANYBLOB='\b\x00\x00\x00\x00\x00\b'])
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

42.917652854s ago: executing program 0 (id=3966):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x1607c0, 0x78e22799f4a46ffe)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0xdb)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
syz_emit_ethernet(0x45, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
getitimer(0xe, 0x0)
write(0xffffffffffffffff, &(0x7f0000000140), 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x21, 0x0, 0x0)
syz_open_dev$I2C(&(0x7f0000000180), 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000080), 0x9, 0x0)
read$msr(r1, &(0x7f00000002c0)=""/78, 0x4e)
fcntl$setlease(r1, 0x400, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r3, 0x4b45, 0x0)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x300, 0x8, 0x300}})
fcntl$setlease(r0, 0x400, 0x0)
fcntl$getflags(r0, 0x401)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)={0x18, 0x1, 0x1, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x8008)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fffd, 0x522, 0x0, 0x1}, 0x50)

41.914999318s ago: executing program 0 (id=3967):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000013000a20000000000a01030000000000000000010000090900010073797a31000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a31000000002c000000050a01020000000000000000010000000c00024000000000000000010900010073797a310000000028000000000a05000000000000000000010000080900010073797a31000000000800024000000001"], 0xc8}}, 0x0)

41.373354165s ago: executing program 4 (id=3968):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
close(r0)

41.201396584s ago: executing program 1 (id=3969):
syz_emit_ethernet(0x6c, &(0x7f0000000c40)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x5e, 0x0, 0xe0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x300}, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x800, [0x5, 0x39e, 0xfff]}, {}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0xc}}}}}}}}, 0x0)

41.126656042s ago: executing program 0 (id=3970):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010102, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4e20, 0x0, 0x4e22, 0xc, 0x2, 0x0, 0x0, 0x89, 0x0, 0xee01}, {0x2e6, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0x4, 0x2, 0x101, 0x800000000}, {0x1, 0x0, 0x0, 0x1ffffffffe}, 0x20, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x3, 0x0, 0x0, 0xfffffc01, 0xfd3, 0x86}}, 0xe4)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x8, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x0, 0x0, 0x11}}}}}}, 0x0)

40.663322095s ago: executing program 1 (id=3971):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = fsopen(&(0x7f0000001240)='nfs4\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='port', &(0x7f00000002c0)='0', 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31f5ffffff38000000030a01040000000000000000010000010900030001007a32000000000c00024000000000000000010900010073797a300000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x2004041}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="180200000000ff0100000000000000008500000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000001700000095"], &(0x7f0000000480)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x3, 0x2, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x5000}, 0x480d1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000980)={0x1c, 0x3, 0x1, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40011}, 0x8d0)
syz_usb_connect$uac2(0x5, 0x8f, &(0x7f0000000080)=ANY=[@ANYBLOB="12011003000000401e04003040000102030109027d000301093009080b00010107208c0904000000010120000924010040041d000708240a0005ff03020c2403020703000400100001090401000001022000090401010101022000090501090002030b0408250100004004000904020000010220000904020101010220000905820920004006030825018203f30600"], &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0})

40.487046014s ago: executing program 0 (id=3972):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)={0x3d4, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x394, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x384, 0x4, "fc654c187d6eb5f0ca15095cc8787b50b96435ad3147dd10e867248d37187c2a131a62d105462ce34d5cf8ded36159aea612a3460534d8c298556e91590238f40dd2c7148d365ab6cdd5f2a7f74bac8d59f731c655a46917f18b28ed05e58b70287d26677601258a5c0ab9f679e2e520228c3a1f1aede04c6ba82cc38cc2ab6b35a24fb20e032dedf6f6caf4bfea5435f746f746fd46ca192e3744eb6908b358c10833bf484237ba654641e6186a45957c6345e61ea620fdc74383ce1df4a24e7044bae596f018736424a5bfa438865044e7026fa37a3540fadd0e89d87aecd3bc127e0cb10274991d6127224a0f2a4ef19e2c4dedbe45f2471abcc38c584ead0e3df3f9211022b2421fb6b327361e8f58f2b73134fc5444b350ede95ecef5bbbf9950e75c9f772a3ff0180d2cfac287228709726a6abbab2971982de7f1a9149d71dcbfd212e89ff17cf284b7f8ad82a469cb1c1e3d9d1d3689271c8dad0ba89dda651d4242062ac0bc5877e397236fa9476ac5fac7c2c896babca09d74720004cd0e634327de4fd87ed72ae069c095d2c70caed52e3335478c1c3719925e24f2fd7755baebd5cde385727a0f0440dd3b662248c43ff5afc4f186ff0051ba8eaa07623b79c4bb6985f14c5ac15041a6ff7584f921982e5414481d4db4c76798d70a59b5aeccb6e7882aefe70993758b55b4dc4039c2b1c98452113aaf23ccdf68cb6eff6e048f9da6f39a2def3caaf80cdcbadb83b029b8738391f02fec90c8a8b6f036aae8ceaff5dca7d3e0098472bd246c0b3004d1988f802b846d62ca59e9a63ce12814176ec4380e1cf29d27e7b2f7e7eadcaae8f182498ad32e67323fe6ef9508fec40dd38897652053ef92e44a909060c237890c196f0c26ab10248f999001f6231813a81313971bea77a5470f312d185dce689adc99e430e4010a3a341482c51fb71c23c3cdf92303c7580c73775f9a74685a61ce9849eaca52b97ee7ffe2e672dc1be5267c285a102711b1b5d81d6dbb76494f2892fd4f85244ade3cdd3809fd5fdfce5157fc1658f0bceb379489732583707c170fc6392aa4f5b94843aeb18da58e0156e029c2b722918b1b3dc7c151cb9c248ddd18423629b53cd4b0ab2693b0df29c88c04657f4eccdc41357de8186fdc0ec86f92950734975921a2fde57c3e7176b57c871d76ff8a8f36520b67e64930cf34bcde9ad92d057a359ca022b646df18e2b7202845bd8ac4be5e5ebae436dc4b93dfaaf2778a53e7"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7ffd}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x3d4}}, 0x0)

40.458937169s ago: executing program 4 (id=3973):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xf1}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x2000c7fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
sendmsg$NL80211_CMD_ADD_TX_TS(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000", @ANYRES16=0x0, @ANYBLOB="00012bbd7000378f8668755269ed30e8d86f", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[], 0x1194}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000880)

0s ago: executing program 0 (id=3974):
r0 = socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x0, 0x8800)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdir(0x0, 0x14)
unshare(0x8000000)
syz_usb_connect(0x3, 0x4a, &(0x7f00000007c0)=ANY=[@ANYRES64=r0, @ANYRESDEC=r0, @ANYRESHEX, @ANYRES16=r0, @ANYRESOCT=r0, @ANYRESOCT], 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
unshare(0x2000000)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x1, 'veth0_to_batadv\x00', {}, 0xeff})
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c0000000a0601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008800000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x2d8, 0x98, 0x2d8, 0x98, 0x138, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@multicast1, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1fb, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
r3 = eventfd(0x1)
mmap(&(0x7f00004f0000/0x4000)=nil, 0x4000, 0x8, 0x11, r3, 0x63dbb000)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000000)=0x3)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000080)={0x2, &(0x7f0000000300)=[{0x50, 0xff, 0x2, 0x6}, {0x6, 0x2, 0x0, 0xb}]})
write$ppp(r4, &(0x7f0000000700)="5af94eceab80db5598c3f2ef876ede0100000025edd589fa5c14bc84b5c5bb75213c9f064747c795f51445ea78193f3a99ab6898ce586c01e117de89b5fd463c81539977298adfea0e9760f4f832a1f151017bd990ba2578bf6cc671a8c936ff7eaa4dfd726dfa3cc5d6f3ed227ad9957da5eaafa0913b2379523dc649cbb0fce2447387b78d3dbf1b4510576208c1f603d4ef439a3c672bf27ee3a6b43a898ae5cc3cdb", 0xa4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x100002, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000036000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x49, &(0x7f00000000c0)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1120008c}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

011.699647][T19515]  __x64_sys_bpf+0x7b/0xc0
[ 1011.699666][T19515]  ? lockdep_hardirqs_on+0x78/0x100
[ 1011.699688][T19515]  do_syscall_64+0x106/0xf80
[ 1011.699709][T19515]  ? clear_bhb_loop+0x40/0x90
[ 1011.699731][T19515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.699750][T19515] RIP: 0033:0x7f4a7b59c799
[ 1011.699765][T19515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1011.699782][T19515] RSP: 002b:00007f4a7c4e3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1011.699799][T19515] RAX: ffffffffffffffda RBX: 00007f4a7b815fa0 RCX: 00007f4a7b59c799
[ 1011.699810][T19515] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[ 1011.699820][T19515] RBP: 00007f4a7c4e3090 R08: 0000000000000000 R09: 0000000000000000
[ 1011.699830][T19515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1011.699840][T19515] R13: 00007f4a7b816038 R14: 00007f4a7b815fa0 R15: 00007fff727af818
[ 1011.699864][T19515]  </TASK>
[ 1012.077872][T19524] netlink: 84 bytes leftover after parsing attributes in process `syz.0.3388'.
[ 1012.655094][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[ 1012.884161][T19536] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1012.939388][T19536] usb usb8: usbfs: process 19536 (syz.2.3392) did not claim interface 0 before use
[ 1013.028758][   T29] audit: type=1400 audit(1773650412.935:1535): avc:  denied  { write } for  pid=19537 comm="syz.4.3394" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1013.844678][T19551] netlink: 'syz.2.3398': attribute type 33 has an invalid length.
[ 1013.873120][T19551] netlink: 164 bytes leftover after parsing attributes in process `syz.2.3398'.
[ 1013.912044][T19550] netlink: 'syz.0.3396': attribute type 10 has an invalid length.
[ 1013.921434][T19550] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3396'.
[ 1014.088684][T19556] netlink: 'syz.3.3399': attribute type 10 has an invalid length.
[ 1014.096555][T19556] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3399'.
[ 1014.141904][T19556] batadv0: entered promiscuous mode
[ 1014.168035][T19556] batadv0: entered allmulticast mode
[ 1014.184915][T19556] bridge0: port 1(batadv0) entered blocking state
[ 1014.258063][    T9] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1014.370684][T19556] bridge0: port 1(batadv0) entered disabled state
[ 1014.511413][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1014.520307][    T9] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[ 1014.534365][    T9] usb 3-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[ 1014.544451][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1014.554231][    T9] usb 3-1: Product: syz
[ 1014.559169][    T9] usb 3-1: Manufacturer: syz
[ 1014.565927][    T9] usb 3-1: SerialNumber: syz
[ 1014.649657][  T792] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1014.712457][T19564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3403'.
[ 1014.777401][T19564] team0: Device gtp0 is up. Set it down before adding it as a team port
[ 1014.798223][    T9] usb 3-1: unit 4 not found!
[ 1014.808967][   T58] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1014.818204][   T58] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1014.828261][  T792] usb 2-1: Using ep0 maxpacket: 16
[ 1014.836447][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3403'.
[ 1014.869625][  T792] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1014.903436][T19566] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31929 sclass=netlink_route_socket pid=19566 comm=syz.4.3403
[ 1014.924813][  T792] usb 2-1: config 8 has an invalid interface number: 46 but max is 0
[ 1014.946666][  T792] usb 2-1: config 8 has no interface number 0
[ 1014.978093][  T792] usb 2-1: config 8 interface 46 has no altsetting 0
[ 1014.985862][    T9] usb 3-1: USB disconnect, device number 79
[ 1015.014349][  T792] usb 2-1: New USB device found, idVendor=2040, idProduct=1700, bcdDevice=a7.db
[ 1015.033175][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1015.045816][  T792] usb 2-1: Product: syz
[ 1015.052338][  T792] usb 2-1: Manufacturer: syz
[ 1015.061092][T15513] udevd[15513]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1015.078083][  T792] usb 2-1: SerialNumber: syz
[ 1015.912482][  T792] smsusb:smsusb_probe: board id=5, interface number 46
[ 1016.180000][  T792] usb 2-1: USB disconnect, device number 38
[ 1016.363517][   T29] audit: type=1800 audit(1773650416.297:1536): pid=19568 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.3404" name="bus" dev="overlay" ino=207 res=0 errno=0
[ 1016.377317][T19583] netlink: 'syz.1.3406': attribute type 10 has an invalid length.
[ 1016.394644][T19583] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3406'.
[ 1016.557122][  T793] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1016.673252][T19592] syzkaller0: entered promiscuous mode
[ 1016.689249][T19592] syzkaller0: entered allmulticast mode
[ 1016.738917][  T793] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x1 has invalid maxpacket 8
[ 1016.764709][  T793] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1016.776756][ T5873] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1016.788318][  T793] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1016.805797][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1016.827465][  T793] usb 5-1: Product: 㐊
[ 1016.832034][  T793] usb 5-1: Manufacturer: 褨馊쳡಍愒¹ꢺ啚䀏ﾻ๾삯꿘舢ؚꎑ䔊뫰籣Ǟ∪䙷撍ꐇα禉ᛄ╎䕹藤枮鞾꫻
[ 1016.853394][  T793] usb 5-1: SerialNumber: 〯
[ 1016.927489][ T5873] usb 3-1: Using ep0 maxpacket: 8
[ 1016.934048][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1016.944011][ T5873] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1016.970660][T19578] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1016.984923][ T5873] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1016.994325][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1017.012078][ T5873] usb 3-1: Product: syz
[ 1017.028175][ T5873] usb 3-1: Manufacturer: syz
[ 1017.032833][ T5873] usb 3-1: SerialNumber: syz
[ 1017.063332][ T5873] usb 3-1: config 0 descriptor??
[ 1017.305644][ T5873] usb 3-1: USB disconnect, device number 80
[ 1017.376007][T19578] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1017.400279][T19578] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1017.523867][T19578] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1017.534594][T19578] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1018.102500][T19604] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1018.121863][T19604] usb usb8: usbfs: process 19604 (syz.2.3414) did not claim interface 0 before use
[ 1018.593652][T19610] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1018.692717][T11842] Bluetooth: hci3: unknown advertising packet type: 0x75
[ 1018.692820][T11842] Bluetooth: hci3: unknown advertising packet type: 0x20
[ 1018.702446][T11842] Bluetooth: hci3: Malformed LE Event: 0x02
[ 1019.429400][  T793] usb 5-1: USB disconnect, device number 53
[ 1022.024877][   T29] audit: type=1400 audit(1773650421.960:1537): avc:  denied  { ioctl } for  pid=19631 comm="syz.2.3423" path="socket:[63356]" dev="sockfs" ino=63356 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1022.745968][T19639] netlink: 'syz.2.3425': attribute type 10 has an invalid length.
[ 1022.753945][T19639] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3425'.
[ 1023.190332][   T29] audit: type=1400 audit(1773650423.120:1538): avc:  denied  { write } for  pid=19643 comm="syz.1.3427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1023.263516][  T793] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1023.428478][T19650] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1023.505545][T19650] usb usb8: usbfs: process 19650 (syz.1.3428) did not claim interface 0 before use
[ 1023.526564][  T793] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1023.546029][  T793] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1023.575292][  T793] usb 5-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[ 1023.681932][  T793] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.702092][  T793] usb 5-1: config 0 descriptor??
[ 1024.135944][T19662] netlink: 810 bytes leftover after parsing attributes in process `syz.3.3429'.
[ 1024.328574][  T793] steelseries 0003:1038:12B6.000D: report_id 0 is invalid
[ 1024.357877][  T793] steelseries 0003:1038:12B6.000D: item 0 4 1 8 parsing failed
[ 1024.395396][  T793] steelseries 0003:1038:12B6.000D: probe with driver steelseries failed with error -22
[ 1024.600049][T19642] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1025.144361][T10285] usb 5-1: USB disconnect, device number 54
[ 1025.452728][   T29] audit: type=1400 audit(1773650425.352:1539): avc:  denied  { append } for  pid=19680 comm="syz.2.3434" name="event3" dev="devtmpfs" ino=962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1025.980322][T19694] MINIX-fs: unable to read superblock
[ 1026.004875][T19694] tmpfs: Bad value for 'mpol'
[ 1026.624417][T19691] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1026.648365][T19698] syzkaller0: entered promiscuous mode
[ 1026.662240][T19694] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1026.695116][T19698] syzkaller0: entered allmulticast mode
[ 1028.501253][T19708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3440'.
[ 1029.179795][T19719] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3443'.
[ 1029.726905][   T29] audit: type=1400 audit(1773650429.654:1540): avc:  denied  { write } for  pid=19722 comm="syz.1.3445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1029.840717][T19728] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1029.864932][T19728] usb usb8: usbfs: process 19728 (syz.2.3446) did not claim interface 0 before use
[ 1030.300139][T19734] syzkaller1: entered promiscuous mode
[ 1030.310136][T19734] syzkaller1: entered allmulticast mode
[ 1030.580323][T19743] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1030.744956][T11842] Bluetooth: hci2: unknown advertising packet type: 0x75
[ 1030.745024][T11842] Bluetooth: hci2: unknown advertising packet type: 0x6c
[ 1030.753167][T11842] Bluetooth: hci2: unknown advertising packet type: 0x20
[ 1030.761040][T11842] Bluetooth: hci2: Malformed LE Event: 0x02
[ 1030.899186][ T5858] usb 2-1: new full-speed USB device number 39 using dummy_hcd
[ 1030.998282][   T29] audit: type=1400 audit(1773650430.924:1541): avc:  denied  { create } for  pid=19747 comm="syz.0.3452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 1031.038323][   T29] audit: type=1400 audit(1773650430.934:1542): avc:  denied  { sys_admin } for  pid=19747 comm="syz.0.3452" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1031.131746][ T5858] usb 2-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[ 1031.142924][ T5858] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1031.154833][ T5858] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1031.165005][ T5858] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[ 1031.178409][ T5858] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1031.259842][ T5858] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1031.289918][ T5858] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1031.405705][   T29] audit: type=1400 audit(1773650431.265:1543): avc:  denied  { shutdown } for  pid=19750 comm="syz.4.3453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1031.699241][ T5858] usb 2-1: config 0 descriptor??
[ 1031.741140][   T29] audit: type=1400 audit(1773650431.275:1544): avc:  denied  { setopt } for  pid=19750 comm="syz.4.3453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1032.455147][ T5858] ryos 0003:1E7D:3138.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.1-1/input0
[ 1033.421623][T11842] Bluetooth: hci1: unexpected event for opcode 0x0003
[ 1033.465697][T16465] usb 2-1: USB disconnect, device number 39
[ 1033.608427][ T8144] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[ 1033.912008][ T8144] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1033.943699][ T8144] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1033.984643][ T8144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1033.992655][T19784] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1034.038999][ T8144] usb 1-1: config 0 descriptor??
[ 1034.077707][T19784] usb usb8: usbfs: process 19784 (syz.4.3461) did not claim interface 0 before use
[ 1034.118683][ T8144] pwc: Askey VC010 type 2 USB webcam detected.
[ 1034.577852][ T5858] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1034.780285][ T8144] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1034.803117][ T8144] pwc: recv_control_msg error -32 req 02 val 2700
[ 1034.837914][ T8144] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1034.948287][ T8144] pwc: recv_control_msg error -32 req 04 val 1000
[ 1034.976755][ T8144] pwc: recv_control_msg error -32 req 04 val 1300
[ 1035.089176][ T8144] pwc: recv_control_msg error -32 req 04 val 1400
[ 1035.217565][    T9] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1035.378605][    T9] usb 2-1: Using ep0 maxpacket: 32
[ 1035.670431][    T9] usb 2-1: config 0 has no interfaces?
[ 1035.678044][    T9] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1035.688304][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1035.699324][T19802] netlink: 'syz.2.3466': attribute type 1 has an invalid length.
[ 1035.708076][    T9] usb 2-1: Product: syz
[ 1035.712397][    T9] usb 2-1: Manufacturer: syz
[ 1035.720146][    T9] usb 2-1: SerialNumber: syz
[ 1035.744964][    T9] usb 2-1: config 0 descriptor??
[ 1036.394005][T19810] netlink: 810 bytes leftover after parsing attributes in process `syz.4.3467'.
[ 1036.495315][ T8144] pwc: recv_control_msg error -71 req 02 val 2000
[ 1036.535709][ T8144] pwc: recv_control_msg error -71 req 02 val 2100
[ 1036.567097][ T8144] pwc: recv_control_msg error -71 req 04 val 1500
[ 1036.586090][ T8144] pwc: recv_control_msg error -71 req 02 val 2500
[ 1036.605216][ T8144] pwc: recv_control_msg error -71 req 02 val 2400
[ 1036.634825][ T8144] pwc: recv_control_msg error -71 req 02 val 2600
[ 1036.672314][ T8144] pwc: recv_control_msg error -71 req 02 val 2900
[ 1036.804465][ T8144] pwc: recv_control_msg error -71 req 02 val 2800
[ 1036.820337][    T9] usb 2-1: USB disconnect, device number 40
[ 1036.933910][ T8144] pwc: recv_control_msg error -71 req 04 val 1100
[ 1036.942933][ T8144] pwc: recv_control_msg error -71 req 04 val 1200
[ 1037.032020][T19832] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1037.387976][   T51] Bluetooth: hci3: unknown advertising packet type: 0x75
[ 1037.395089][   T51] Bluetooth: hci3: unknown advertising packet type: 0x6c
[ 1037.419127][   T51] Bluetooth: hci3: unknown advertising packet type: 0x20
[ 1037.440975][   T51] Bluetooth: hci3: Malformed LE Event: 0x02
[ 1037.720620][ T8144] pwc: Registered as video103.
[ 1037.734145][ T8144] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input21
[ 1037.770666][ T8144] usb 1-1: USB disconnect, device number 68
[ 1038.878088][T19847] pimreg: entered allmulticast mode
[ 1038.896775][T19847] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[ 1039.770211][T19854] netlink: 64985 bytes leftover after parsing attributes in process `syz.0.3477'.
[ 1040.355653][T10285] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1040.504129][T19866] netlink: 'syz.4.3481': attribute type 10 has an invalid length.
[ 1040.522712][T19866] team0: Failed to send options change via netlink (err -105)
[ 1040.524867][T10285] usb 4-1: Using ep0 maxpacket: 16
[ 1040.538557][T10285] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1040.546249][T19866] team0: Port device dummy0 added
[ 1040.550770][T10285] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1040.567367][T19867] netlink: 'syz.4.3481': attribute type 10 has an invalid length.
[ 1040.577029][T10285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1040.624842][T16465] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1040.647558][T19869] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3482'.
[ 1040.685398][T10285] usb 4-1: config 0 descriptor??
[ 1040.713839][T10285] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input22
[ 1040.847234][T16465] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1040.866078][T16465] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[ 1040.894056][T16465] usb 2-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[ 1040.908436][T16465] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1040.909936][   T29] audit: type=1400 audit(1773650440.849:1545): avc:  denied  { read write } for  pid=19855 comm="syz.3.3478" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1040.940178][T16465] usb 2-1: Product: syz
[ 1040.944927][ T8144] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1040.960327][T16465] usb 2-1: Manufacturer: syz
[ 1040.978306][ T5164] bcm5974 4-1:0.0: could not read from device
[ 1040.993519][T16465] usb 2-1: SerialNumber: syz
[ 1041.026562][T19856] bcm5974 4-1:0.0: could not read from device
[ 1041.108733][T10285] usb 4-1: USB disconnect, device number 35
[ 1041.117390][ T5164] bcm5974 4-1:0.0: could not read from device
[ 1041.117386][   T29] audit: type=1400 audit(1773650440.849:1546): avc:  denied  { open } for  pid=19855 comm="syz.3.3478" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1041.204567][ T8144] usb 5-1: Using ep0 maxpacket: 32
[ 1041.213546][ T8144] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1041.223639][ T8144] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1041.242259][T16465] usb 2-1: unit 4 not found!
[ 1041.250783][ T8144] usb 5-1: config 0 descriptor??
[ 1041.274217][ T8144] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1041.521204][T16465] usb 2-1: USB disconnect, device number 41
[ 1041.571746][T19883] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3482'.
[ 1041.794472][ T8144] gspca_vc032x: reg_r err -110
[ 1042.080470][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1042.393162][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1042.428867][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1042.453006][T15513] udevd[15513]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1042.471831][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1042.484630][T19887] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3488'.
[ 1042.595163][T19888] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3487'.
[ 1042.847427][T19892] coredump: 1(syz.1.3487): Core dump to core aborted: cannot preserve file permissions
[ 1043.265889][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.323470][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.328795][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.328809][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.328818][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.328826][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.328835][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.328843][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364059][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364083][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364093][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364101][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364109][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364117][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1043.364125][ T8144] gspca_vc032x: Unknown sensor...
[ 1043.364183][ T8144] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1043.383452][T10285] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1043.630465][T19900] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1043.650498][   T51] Bluetooth: hci4: unknown advertising packet type: 0x75
[ 1043.650598][   T51] Bluetooth: hci4: unknown advertising packet type: 0x6c
[ 1043.657889][   T51] Bluetooth: hci4: unknown advertising packet type: 0x20
[ 1043.665058][   T51] Bluetooth: hci4: Malformed LE Event: 0x02
[ 1043.951576][ T5858] usb 5-1: USB disconnect, device number 55
[ 1044.033968][T10285] usb 4-1: Using ep0 maxpacket: 32
[ 1044.046665][T10285] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1044.066240][T10285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1044.085169][T10285] usb 4-1: config 0 descriptor??
[ 1044.093296][T19907] nbd: couldn't find device at index 1
[ 1044.101903][T10285] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1044.193814][T19911] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3495'.
[ 1044.289640][   T29] audit: type=1400 audit(1773650444.231:1547): avc:  denied  { create } for  pid=19914 comm="syz.1.3498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1044.315495][   T29] audit: type=1400 audit(1773650444.231:1548): avc:  denied  { write } for  pid=19914 comm="syz.1.3498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1044.356506][T19889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3488'.
[ 1044.463014][ T8144] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1044.508450][T19923] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.592415][T19923] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.623068][T10285] gspca_vc032x: reg_r err -110
[ 1044.623833][ T8144] usb 3-1: Using ep0 maxpacket: 32
[ 1044.627850][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.627865][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.627873][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.627882][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.627890][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.635734][ T8144] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1044.638526][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.645706][ T8144] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1044.656429][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.673820][ T8144] usb 3-1: config 0 descriptor??
[ 1044.682275][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.687761][ T8144] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1044.693304][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.723915][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.729241][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.735822][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.740335][T19923] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.741117][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.741129][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.741138][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.741146][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.741154][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.741163][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1044.785425][T10285] gspca_vc032x: Unknown sensor...
[ 1044.790519][T10285] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[ 1044.848585][T19923] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.953040][T19924] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3495'.
[ 1045.027652][ T3540] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1045.052088][ T3540] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1045.061029][ T3540] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1045.078333][ T3540] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1045.203593][ T8144] gspca_vc032x: reg_r err -110
[ 1045.211476][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.219987][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.225462][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.230804][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.236292][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.241632][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.247052][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.252495][T10285] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1045.252801][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.268173][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.274718][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.280196][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.285600][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.290941][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.296453][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.301782][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.307187][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.313481][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.318834][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1045.324308][ T8144] gspca_vc032x: Unknown sensor...
[ 1045.329446][ T8144] vc032x 3-1:0.0: probe with driver vc032x failed with error -22
[ 1045.412401][T10285] usb 5-1: Using ep0 maxpacket: 8
[ 1045.422104][T10285] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1045.433715][T10285] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1045.478681][T10285] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1045.489609][T10285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1045.500914][T10285] usb 5-1: Product: syz
[ 1045.521824][T10285] usb 5-1: Manufacturer: syz
[ 1045.527484][T10285] usb 5-1: SerialNumber: syz
[ 1045.614112][T10285] usb 5-1: config 0 descriptor??
[ 1045.652039][ T5858] usb 4-1: USB disconnect, device number 36
[ 1045.906702][T10285] usb 5-1: USB disconnect, device number 56
[ 1046.067924][   T29] audit: type=1400 audit(1773650446.012:1549): avc:  denied  { getopt } for  pid=19938 comm="syz.3.3505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1046.068212][T19939] 9p: Bad value for 'wfdno'
[ 1046.325078][T19949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3507'.
[ 1046.359083][T19954] bridge0: port 1(batadv0) entered disabled state
[ 1046.425742][T19954] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1046.461223][   T29] audit: type=1400 audit(1773650446.402:1550): avc:  denied  { connect } for  pid=19955 comm="syz.0.3510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1046.488513][T19960] xt_socket: unknown flags 0x4
[ 1047.198532][T16465] usb 3-1: USB disconnect, device number 82
[ 1047.216818][T19975] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3515'.
[ 1047.811902][T10285] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[ 1047.824968][T19994] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3518'.
[ 1048.036344][T10285] usb 1-1: Using ep0 maxpacket: 32
[ 1048.751471][T10285] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1048.760546][T10285] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.772975][T20003] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1048.800352][T10285] usb 1-1: config 0 descriptor??
[ 1048.818216][T19989] SET target dimension over the limit!
[ 1048.833631][T10285] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1048.861490][T19989] block nbd4: NBD_DISCONNECT
[ 1048.978896][T19984] block nbd4: Disconnected due to user request.
[ 1048.993697][T19984] block nbd4: shutting down sockets
[ 1049.097693][T20009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3515'.
[ 1049.370698][T10285] gspca_vc032x: reg_r err -110
[ 1049.380901][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.396721][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.409779][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.422447][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.437543][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.449213][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.462857][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.472888][T20011] FAULT_INJECTION: forcing a failure.
[ 1049.472888][T20011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1049.475976][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.486677][T20011] CPU: 1 UID: 0 PID: 20011 Comm: syz.2.3523 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1049.486704][T20011] Tainted: [L]=SOFTLOCKUP
[ 1049.486709][T20011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1049.486718][T20011] Call Trace:
[ 1049.486725][T20011]  <TASK>
[ 1049.486731][T20011]  dump_stack_lvl+0x100/0x190
[ 1049.486761][T20011]  should_fail_ex.cold+0x5/0xa
[ 1049.486783][T20011]  _copy_from_user+0x2e/0xd0
[ 1049.486800][T20011]  copy_folio_from_user+0x249/0x330
[ 1049.486825][T20011]  hugetlb_mfill_atomic_pte+0x7f3/0x1600
[ 1049.486850][T20011]  ? __pfx_hugetlb_mfill_atomic_pte+0x10/0x10
[ 1049.486869][T20011]  ? __pfx_down_read+0x10/0x10
[ 1049.486894][T20011]  ? huge_pte_alloc+0x4ce/0x730
[ 1049.486921][T20011]  mfill_atomic_copy+0x1458/0x1de0
[ 1049.486948][T20011]  ? __pfx_mfill_atomic_copy+0x10/0x10
[ 1049.486974][T20011]  userfaultfd_ioctl+0x2ac2/0x3b60
[ 1049.486996][T20011]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1049.487012][T20011]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1049.487044][T20011]  ? __fget_files+0x215/0x3d0
[ 1049.487059][T20011]  ? hook_file_ioctl_common+0x146/0x410
[ 1049.487090][T20011]  ? selinux_file_ioctl+0x139/0x290
[ 1049.487111][T20011]  ? selinux_file_ioctl+0xb4/0x290
[ 1049.487131][T20011]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1049.487149][T20011]  ? __x64_sys_ioctl+0x18e/0x210
[ 1049.487170][T20011]  __x64_sys_ioctl+0x18e/0x210
[ 1049.487194][T20011]  do_syscall_64+0x106/0xf80
[ 1049.487213][T20011]  ? clear_bhb_loop+0x40/0x90
[ 1049.487233][T20011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1049.487248][T20011] RIP: 0033:0x7fbac3b9c799
[ 1049.487262][T20011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1049.487276][T20011] RSP: 002b:00007fbac4a3a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1049.487292][T20011] RAX: ffffffffffffffda RBX: 00007fbac3e15fa0 RCX: 00007fbac3b9c799
[ 1049.487302][T20011] RDX: 0000200000000000 RSI: 00000000c028aa03 RDI: 0000000000000005
[ 1049.487311][T20011] RBP: 00007fbac4a3a090 R08: 0000000000000000 R09: 0000000000000000
[ 1049.487320][T20011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1049.487329][T20011] R13: 00007fbac3e16038 R14: 00007fbac3e15fa0 R15: 00007fff7d82b6d8
[ 1049.487353][T20011]  </TASK>
[ 1049.915594][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.927863][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.939563][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.967530][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1049.996864][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1050.015086][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1050.038408][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1050.060477][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1050.072928][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1050.078756][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1050.084423][T10285] gspca_vc032x: Unknown sensor...
[ 1050.105704][T20018] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1050.131021][T20018] usb usb8: usbfs: process 20018 (syz.2.3526) did not claim interface 0 before use
[ 1050.141882][T10285] vc032x 1-1:0.0: probe with driver vc032x failed with error -22
[ 1050.215640][ T5872] usb 1-1: USB disconnect, device number 69
[ 1050.290735][ T8144] usb 2-1: new full-speed USB device number 42 using dummy_hcd
[ 1050.451726][ T8144] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1050.460113][ T8144] usb 2-1: not running at top speed; connect to a high speed hub
[ 1050.475307][ T8144] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1050.485992][ T8144] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1050.519623][T20029] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1050.553793][T20029] usb usb8: usbfs: process 20029 (syz.4.3530) did not claim interface 0 before use
[ 1050.579534][ T8144] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1050.594455][ T8144] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1050.653145][ T8144] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1050.669983][ T8144] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1050.694471][ T8144] usb 2-1: Product: syz
[ 1050.707303][ T8144] usb 2-1: Manufacturer: syz
[ 1050.713340][ T8144] usb 2-1: SerialNumber: syz
[ 1051.165281][ T8144] usb 2-1: 0:2 : does not exist
[ 1051.237607][ T8144] usb 2-1: USB disconnect, device number 42
[ 1051.581516][T20051] netlink: 108 bytes leftover after parsing attributes in process `syz.4.3539'.
[ 1051.760713][T20056] FAULT_INJECTION: forcing a failure.
[ 1051.760713][T20056] name failslab, interval 1, probability 0, space 0, times 0
[ 1051.773406][T20056] CPU: 0 UID: 0 PID: 20056 Comm: syz.1.3541 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1051.773434][T20056] Tainted: [L]=SOFTLOCKUP
[ 1051.773441][T20056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1051.773450][T20056] Call Trace:
[ 1051.773455][T20056]  <TASK>
[ 1051.773460][T20056]  dump_stack_lvl+0x100/0x190
[ 1051.773482][T20056]  should_fail_ex.cold+0x5/0xa
[ 1051.773497][T20056]  ? tomoyo_encode2+0xfb/0x3c0
[ 1051.773513][T20056]  should_failslab+0xc2/0x120
[ 1051.773525][T20056]  __kmalloc_noprof+0xe0/0x850
[ 1051.773544][T20056]  tomoyo_encode2+0xfb/0x3c0
[ 1051.773562][T20056]  tomoyo_encode+0x29/0x50
[ 1051.773577][T20056]  tomoyo_realpath_from_path+0x18c/0x690
[ 1051.773597][T20056]  tomoyo_path_number_perm+0x23c/0x580
[ 1051.773610][T20056]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1051.773625][T20056]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1051.773653][T20056]  ? find_held_lock+0x2b/0x80
[ 1051.773668][T20056]  ? __fget_files+0x215/0x3d0
[ 1051.773679][T20056]  ? hook_file_ioctl_common+0x146/0x410
[ 1051.773700][T20056]  ? __fget_files+0x21f/0x3d0
[ 1051.773714][T20056]  security_file_ioctl+0xd3/0x230
[ 1051.773729][T20056]  __x64_sys_ioctl+0xb7/0x210
[ 1051.773756][T20056]  do_syscall_64+0x106/0xf80
[ 1051.773771][T20056]  ? clear_bhb_loop+0x40/0x90
[ 1051.773785][T20056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.773797][T20056] RIP: 0033:0x7f4a7b59c799
[ 1051.773807][T20056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1051.773817][T20056] RSP: 002b:00007f4a7c4e3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1051.773829][T20056] RAX: ffffffffffffffda RBX: 00007f4a7b815fa0 RCX: 00007f4a7b59c799
[ 1051.773836][T20056] RDX: 0000000000000000 RSI: 00000000000089e4 RDI: 0000000000000005
[ 1051.773843][T20056] RBP: 00007f4a7c4e3090 R08: 0000000000000000 R09: 0000000000000000
[ 1051.773849][T20056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1051.773856][T20056] R13: 00007f4a7b816038 R14: 00007f4a7b815fa0 R15: 00007fff727af818
[ 1051.773871][T20056]  </TASK>
[ 1051.773883][T20056] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1051.829229][ T8144] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1052.318908][T20064] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1053.036253][   T51] Bluetooth: hci3: unknown advertising packet type: 0x75
[ 1053.036290][   T51] Bluetooth: hci3: unknown advertising packet type: 0x20
[ 1053.043511][   T51] Bluetooth: hci3: Malformed LE Event: 0x02
[ 1053.228513][ T8144] usb 5-1: Using ep0 maxpacket: 32
[ 1053.291243][ T8144] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1053.324890][ T8144] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.458527][ T8144] usb 5-1: config 0 descriptor??
[ 1053.972857][ T8144] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1054.249059][T20079] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3539'.
[ 1054.292997][T20076] syzkaller0: entered promiscuous mode
[ 1054.319812][T20076] syzkaller0: entered allmulticast mode
[ 1054.488676][ T8144] gspca_vc032x: reg_r err -110
[ 1054.493665][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.506971][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.513165][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.520314][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.525776][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.531496][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.536908][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.542951][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.548595][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.554084][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.560740][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.566399][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.573063][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.579040][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.584649][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.590628][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.596261][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.602416][ T8144] gspca_vc032x: I2c Bus Busy Wait 00
[ 1054.608155][ T8144] gspca_vc032x: Unknown sensor...
[ 1054.613472][ T8144] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1055.396636][ T8144] usb 5-1: USB disconnect, device number 57
[ 1056.097105][   T29] audit: type=1400 audit(1773650456.047:1551): avc:  denied  { accept } for  pid=20095 comm="syz.3.3551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1056.438825][T20094] syzkaller0: entered promiscuous mode
[ 1056.444320][T20094] syzkaller0: entered allmulticast mode
[ 1056.598332][T20111] netlink: 'syz.2.3553': attribute type 10 has an invalid length.
[ 1056.615024][T20111] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3553'.
[ 1057.926150][  T792] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 1058.089721][  T792] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1058.099204][  T792] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[ 1058.112767][  T792] usb 4-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[ 1058.122343][  T792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1058.130588][  T792] usb 4-1: Product: syz
[ 1058.134965][  T792] usb 4-1: Manufacturer: syz
[ 1058.139967][  T792] usb 4-1: SerialNumber: syz
[ 1058.371498][  T792] usb 4-1: unit 4 not found!
[ 1058.417979][  T792] usb 4-1: USB disconnect, device number 37
[ 1058.465989][T15514] udevd[15514]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1058.546179][T16465] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[ 1058.725958][T16465] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1058.734312][T16465] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1058.775799][T16465] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1058.784860][T16465] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1058.821481][T16465] usb 1-1: Manufacturer: syz
[ 1058.836357][T16465] usb 1-1: config 0 descriptor??
[ 1058.919491][T16465] rc_core: IR keymap rc-hauppauge not found
[ 1058.925418][T16465] Registered IR keymap rc-empty
[ 1058.955158][T16465] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[ 1058.984344][T16465] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input23
[ 1059.066472][T20126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1059.110934][T20126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1059.217540][T20132] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1059.389877][T20126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1059.457589][T20126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1059.605146][ T8144] usb 1-1: USB disconnect, device number 70
[ 1059.704392][T20115] netlink: 136 bytes leftover after parsing attributes in process `syz.4.3555'.
[ 1059.781178][T20138] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1059.787725][T20138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1059.798284][T20138] vhci_hcd vhci_hcd.0: Device attached
[ 1059.807508][T20138] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(9)
[ 1059.814011][T20138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1059.833089][T20138] vhci_hcd vhci_hcd.0: Device attached
[ 1059.844222][T20138] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(11)
[ 1059.850834][T20138] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1059.865752][T20138] vhci_hcd vhci_hcd.0: Device attached
[ 1059.883130][T20138] fuse: Bad value for 'group_id'
[ 1059.895339][T20138] fuse: Bad value for 'group_id'
[ 1060.035286][T16465] usb 37-1: new low-speed USB device number 5 using vhci_hcd
[ 1060.122929][T20152] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(18)
[ 1060.129550][T20152] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1060.196880][T20152] vhci_hcd vhci_hcd.0: Device attached
[ 1060.207954][T20138] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(15)
[ 1060.214572][T20138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1060.255661][T20138] vhci_hcd vhci_hcd.0: Device attached
[ 1060.270355][T20152] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(20)
[ 1060.276985][T20152] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1060.288486][T20152] vhci_hcd vhci_hcd.0: Device attached
[ 1060.335621][T20138] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1060.355432][T20138] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1060.398294][T20138] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(25)
[ 1060.404923][T20138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1060.419256][   T29] audit: type=1400 audit(1773650460.369:1552): avc:  denied  { setopt } for  pid=20164 comm="syz.1.3567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1061.149576][T11842] Bluetooth: hci2: command 0x0406 tx timeout
[ 1061.451917][T20138] vhci_hcd vhci_hcd.0: Device attached
[ 1061.464650][T20152] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1061.483511][T20165] vhci_hcd: connection closed
[ 1061.483836][T20158] vhci_hcd: connection closed
[ 1061.483902][T20153] vhci_hcd: connection closed
[ 1061.493502][T20151] vhci_hcd: connection closed
[ 1061.497058][T20144] vhci_hcd: connection closed
[ 1061.498285][T20139] vhci_hcd: connection reset by peer
[ 1061.512952][T20141] vhci_hcd: connection closed
[ 1061.538005][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1061.548460][T20167] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20167 comm=syz.1.3567
[ 1061.577917][T20169] netlink: 810 bytes leftover after parsing attributes in process `syz.0.3565'.
[ 1061.608152][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1061.622448][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1061.644367][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1061.662849][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1061.683036][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1061.758760][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1061.764126][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1061.769961][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1061.785130][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1061.794205][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1061.799888][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1061.812674][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1061.818353][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1061.823994][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1061.921210][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1061.999614][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1062.005351][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1062.012343][ T1159] vhci_hcd vhci_hcd.2: stop threads
[ 1062.019565][ T1159] vhci_hcd vhci_hcd.2: release socket
[ 1062.025558][ T1159] vhci_hcd vhci_hcd.2: disconnect device
[ 1062.601437][T20196] netlink: 'syz.3.3571': attribute type 10 has an invalid length.
[ 1062.609411][T20196] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3571'.
[ 1062.626300][T20196] bridge0: port 1(batadv0) entered blocking state
[ 1062.633903][T20196] bridge0: port 1(batadv0) entered disabled state
[ 1062.736759][T20198] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1062.804671][T20199] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 1062.988577][ T1159] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1062.997942][ T1159] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1063.145359][T20200] syzkaller0: entered promiscuous mode
[ 1063.152405][T20200] syzkaller0: entered allmulticast mode
[ 1063.376252][ T5858] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1063.556171][ T5858] usb 5-1: Using ep0 maxpacket: 16
[ 1063.576680][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1063.588938][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1063.599752][ T5858] usb 5-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[ 1063.609285][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1063.645753][ T5858] usb 5-1: config 0 descriptor??
[ 1064.133054][   T29] audit: type=1400 audit(1773650464.081:1553): avc:  denied  { setopt } for  pid=20219 comm="syz.3.3578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1064.205284][ T5858] ntrig 0003:1B96:0008.000F: item fetching failed at offset 3/7
[ 1064.215573][ T5858] ntrig 0003:1B96:0008.000F: parse failed
[ 1064.221448][ T5858] ntrig 0003:1B96:0008.000F: probe with driver ntrig failed with error -22
[ 1065.187085][   T29] audit: type=1400 audit(1773650464.511:1554): avc:  denied  { write } for  pid=20223 comm="syz.0.3580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1065.253347][T16465] vhci_hcd vhci_hcd.2: vhci_device speed not set
[ 1065.298178][ T5858] usb 5-1: USB disconnect, device number 58
[ 1065.951458][T20232] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3582'.
[ 1066.654096][T10285] usb usb38-port1: attempt power cycle
[ 1067.050082][T20232] batadv_slave_1: entered promiscuous mode
[ 1067.065832][T20232] macsec1: entered promiscuous mode
[ 1067.072620][T20232] macsec1: entered allmulticast mode
[ 1067.097041][T20232] batadv_slave_1: entered allmulticast mode
[ 1067.135038][T20236] netlink: 810 bytes leftover after parsing attributes in process `syz.0.3581'.
[ 1067.232383][T10285] usb usb38-port1: unable to enumerate USB device
[ 1067.922439][ T5872] usb 1-1: new full-speed USB device number 71 using dummy_hcd
[ 1068.153411][ T5872] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1068.174814][ T5872] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1068.190275][ T5872] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1068.204367][ T5872] usb 1-1: too many endpoints for config 1 interface 1 altsetting 0: 230, using maximum allowed: 30
[ 1068.216658][ T5872] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 230
[ 1068.234233][ T5872] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1068.244812][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.260057][ T5872] usb 1-1: Product: syz
[ 1068.286286][ T5872] usb 1-1: Manufacturer: syz
[ 1068.291701][T20266] netlink: 'syz.3.3589': attribute type 10 has an invalid length.
[ 1068.303965][T20266] team0: Failed to send options change via netlink (err -105)
[ 1068.311811][T20266] team0: Port device dummy0 added
[ 1068.321038][ T5872] usb 1-1: SerialNumber: syz
[ 1068.361960][T20252] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1068.369727][T20267] netlink: 'syz.3.3589': attribute type 10 has an invalid length.
[ 1068.370971][ T5872] cdc_mbim 1-1:1.0: skipping garbage
[ 1068.383319][ T5872] cdc_mbim 1-1:1.0: skipping garbage
[ 1068.390981][ T5872] usb 1-1: selecting invalid altsetting 1
[ 1068.572875][ T5872] cdc_mbim 1-1:1.0: bind() failure
[ 1068.867492][ T5872] usb 1-1: USB disconnect, device number 71
[ 1069.330565][T10285] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1069.801884][T10285] usb 3-1: device descriptor read/64, error -71
[ 1069.895827][T20293] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3595'.
[ 1069.955341][   T29] audit: type=1400 audit(1773650469.884:1555): avc:  denied  { read } for  pid=20291 comm="syz.4.3595" path="socket:[65920]" dev="sockfs" ino=65920 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1070.118100][T20290] syzkaller0: entered promiscuous mode
[ 1070.150748][T20290] syzkaller0: entered allmulticast mode
[ 1070.243082][T10285] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1070.383045][T10285] usb 3-1: device descriptor read/64, error -71
[ 1070.540157][T10285] usb usb3-port1: attempt power cycle
[ 1070.930538][T10285] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 1071.531778][T10285] usb 3-1: device descriptor read/8, error -71
[ 1071.792787][   T29] audit: type=1400 audit(1773650471.745:1556): avc:  denied  { module_load } for  pid=20321 comm="syz.3.3605" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1
[ 1071.792809][T10285] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1071.824790][T20322] kernel read not supported for file /policy (pid: 20322 comm: syz.3.3605)
[ 1071.860882][T10285] usb 3-1: device descriptor read/8, error -71
[ 1071.972706][T10285] usb usb3-port1: unable to enumerate USB device
[ 1074.719336][   T51] Bluetooth: hci2: unexpected event for opcode 0x2003
[ 1075.565060][T20373] ntfs3(nullb0): Primary boot signature is not NTFS.
[ 1075.592667][T20373] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[ 1075.804888][   T29] audit: type=1400 audit(1773650475.747:1557): avc:  denied  { mounton } for  pid=20375 comm="syz.1.3620" path="/proc/464/task" dev="proc" ino=66110 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 1075.890863][T20380] team0: Port device dummy0 removed
[ 1075.919169][T20380] bridge_slave_0: left allmulticast mode
[ 1075.931309][   T29] audit: type=1400 audit(1773650475.827:1558): avc:  denied  { associate } for  pid=20383 comm="syz.1.3620" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1075.954318][T20352] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[ 1075.977252][T20380] bridge_slave_0: left promiscuous mode
[ 1075.998301][T20380] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1076.050921][T20380] bridge_slave_1: left allmulticast mode
[ 1076.163359][T20388] sock: sock_set_timeout: `syz.0.3623' (pid 20388) tries to set negative timeout
[ 1076.181207][T20380] bridge_slave_1: left promiscuous mode
[ 1076.209039][T20380] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1076.272338][T20380] bond0: (slave bond_slave_0): Releasing backup interface
[ 1076.319740][T20380] bond0: (slave bond_slave_1): Releasing backup interface
[ 1076.360316][T20380] team0: Port device team_slave_0 removed
[ 1076.391006][T20380] team0: Port device team_slave_1 removed
[ 1076.399945][T20380] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1076.408623][T20380] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1076.443267][T20380] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1076.451701][T20380] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1076.552995][T20380] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1076.602523][T20382] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1076.901474][T20396] syzkaller0: entered promiscuous mode
[ 1076.915955][T20396] syzkaller0: entered allmulticast mode
[ 1077.079243][T16590] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 1077.506379][T16590] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1077.515601][T16590] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[ 1077.534408][T16590] usb 3-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[ 1077.565364][T16590] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.118561][T16590] usb 3-1: Product: syz
[ 1078.122635][   T51] Bluetooth: hci4: unexpected event for opcode 0x2003
[ 1078.122756][T16590] usb 3-1: Manufacturer: syz
[ 1078.134172][T16590] usb 3-1: SerialNumber: syz
[ 1078.528995][T16590] usb 3-1: unit 4 not found!
[ 1078.766252][T16590] usb 3-1: USB disconnect, device number 87
[ 1081.063513][T20450] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1081.585816][   T51] Bluetooth: hci1: unexpected event for opcode 0x2003
[ 1082.063253][T20450] usb usb8: usbfs: process 20450 (syz.1.3639) did not claim interface 0 before use
[ 1082.845166][T20488] netlink: 'syz.3.3650': attribute type 10 has an invalid length.
[ 1082.853082][T20488] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3650'.
[ 1082.923700][ T8144] usb 1-1: new full-speed USB device number 72 using dummy_hcd
[ 1083.285403][ T8144] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1083.294402][ T8144] usb 1-1: not running at top speed; connect to a high speed hub
[ 1083.418640][ T8144] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1083.632166][ T8144] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1083.728870][T20496] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1083.894332][   T51] Bluetooth: hci2: unknown advertising packet type: 0x75
[ 1083.894435][   T51] Bluetooth: hci2: unknown advertising packet type: 0x20
[ 1083.903032][   T51] Bluetooth: hci2: Malformed LE Event: 0x02
[ 1084.061680][ T8144] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1084.072644][ T8144] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1084.102405][ T8144] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1084.121725][ T8144] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1084.152002][ T8144] usb 1-1: Product: syz
[ 1084.166497][ T8144] usb 1-1: Manufacturer: syz
[ 1084.727971][   T51] Bluetooth: hci3: unexpected event for opcode 0x2003
[ 1084.746642][ T8144] usb 1-1: SerialNumber: syz
[ 1085.353178][T20513] syzkaller1: entered promiscuous mode
[ 1085.440888][T20513] syzkaller1: entered allmulticast mode
[ 1085.566853][T20518] netlink: 810 bytes leftover after parsing attributes in process `syz.1.3656'.
[ 1085.586953][ T8144] usb 1-1: 0:2 : does not exist
[ 1085.633115][ T8144] usb 1-1: USB disconnect, device number 72
[ 1085.668516][T15836] udevd[15836]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1086.475491][ T5858] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1086.677208][   T29] audit: type=1400 audit(1773650486.642:1559): avc:  denied  { getopt } for  pid=20532 comm="syz.3.3661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1086.703938][T20535] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1086.863428][ T5858] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1086.907187][ T5858] usb 2-1: string descriptor 0 read error: -22
[ 1086.929728][ T5858] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.9a
[ 1086.973682][T20543] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1087.005061][T20543] usb usb8: usbfs: process 20543 (syz.0.3664) did not claim interface 0 before use
[ 1087.061670][ T5858] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.298919][ T5858] gspca_main: spca501-2.14.0 probing 0000:0000
[ 1087.528243][T20529] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1087.536841][T20529] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1087.681570][T20551] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1087.750935][ T5858] gspca_spca501: reg write: error -71
[ 1087.758113][ T5858] spca501 2-1:1.0: Reg write failed for 0x02,0xa048,0x00
[ 1087.768266][ T5858] spca501 2-1:1.0: probe with driver spca501 failed with error -22
[ 1087.784165][ T5858] usb 2-1: USB disconnect, device number 43
[ 1087.884813][T20555] netlink: 'syz.0.3667': attribute type 10 has an invalid length.
[ 1087.892844][T20555] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3667'.
[ 1087.954743][T20551] usb usb8: usbfs: process 20551 (syz.4.3666) did not claim interface 0 before use
[ 1088.406315][T20559] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3669'.
[ 1088.748907][T20567] netlink: 810 bytes leftover after parsing attributes in process `syz.1.3670'.
[ 1091.133403][T20590] netlink: 228 bytes leftover after parsing attributes in process `syz.2.3676'.
[ 1091.450175][T20585] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1091.528293][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1091.534836][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1091.543228][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.553014][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(9)
[ 1091.559552][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1091.574364][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.581374][T20585] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1091.588024][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(11)
[ 1091.597711][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1091.607675][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.631119][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(13)
[ 1091.637753][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1091.650044][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.662642][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(15)
[ 1091.669266][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1091.692592][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.704937][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(17)
[ 1091.711566][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1091.720462][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.728912][T20598] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1091.741750][T20598] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1091.750820][T20585] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1091.755944][T20598] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(23)
[ 1091.767111][T20598] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1091.775094][T20598] vhci_hcd vhci_hcd.0: Device attached
[ 1091.780679][ T8144] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[ 1091.782135][T20598] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1092.533535][T20611] vhci_hcd: connection closed
[ 1092.533821][T20609] vhci_hcd: connection closed
[ 1092.534172][T20585] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1092.539159][T20607] vhci_hcd: connection closed
[ 1092.543937][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.554327][T20605] vhci_hcd: connection closed
[ 1092.563641][T20601] vhci_hcd: connection closed
[ 1092.578867][T20614] vhci_hcd: connection closed
[ 1092.578874][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.583716][T20599] vhci_hcd: connection reset by peer
[ 1092.593856][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1092.610387][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.616214][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.622043][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1092.627903][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.634967][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.640648][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1092.647152][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.653578][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.659287][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1092.746394][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.754196][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.763518][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1092.763985][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.764042][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.765072][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1092.770469][ T8926] vhci_hcd vhci_hcd.3: stop threads
[ 1092.770488][ T8926] vhci_hcd vhci_hcd.3: release socket
[ 1092.770741][ T8926] vhci_hcd vhci_hcd.3: disconnect device
[ 1093.030509][  T250] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1093.098629][T20628] netlink: 810 bytes leftover after parsing attributes in process `syz.4.3683'.
[ 1093.222194][T20632] netlink: 'syz.2.3684': attribute type 10 has an invalid length.
[ 1093.222208][T20632] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3684'.
[ 1093.253473][ T8926] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1093.322381][  T250] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1093.350750][  T250] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1093.904477][T20650] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3690'.
[ 1094.158574][   T29] audit: type=1400 audit(1773650494.136:1560): avc:  denied  { create } for  pid=20651 comm="syz.3.3692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=irda_socket permissive=1
[ 1094.625133][T20668] overlayfs: missing 'workdir'
[ 1094.790460][T20662] lo speed is unknown, defaulting to 1000
[ 1094.797106][T20662] lo speed is unknown, defaulting to 1000
[ 1094.810361][T20662] lo speed is unknown, defaulting to 1000
[ 1094.833310][T20662] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1095.159248][T20662] lo speed is unknown, defaulting to 1000
[ 1095.582925][T20662] lo speed is unknown, defaulting to 1000
[ 1095.634105][T20662] lo speed is unknown, defaulting to 1000
[ 1095.658634][T20662] lo speed is unknown, defaulting to 1000
[ 1095.680432][T20662] lo speed is unknown, defaulting to 1000
[ 1095.700813][T20662] lo speed is unknown, defaulting to 1000
[ 1096.309344][   T29] audit: type=1326 audit(1773650496.277:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1096.422090][T20681] netlink: 810 bytes leftover after parsing attributes in process `syz.2.3699'.
[ 1096.615771][   T29] audit: type=1326 audit(1773650496.287:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1096.683137][   T29] audit: type=1326 audit(1773650496.497:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1096.755323][   T29] audit: type=1326 audit(1773650496.497:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1096.782990][   T29] audit: type=1326 audit(1773650496.497:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1096.816889][   T29] audit: type=1326 audit(1773650496.497:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1096.977181][ T8144] vhci_hcd vhci_hcd.3: vhci_device speed not set
[ 1097.048560][  T792] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1097.204424][   T29] audit: type=1326 audit(1773650496.497:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1097.295783][  T792] usb 5-1: config 2 has an invalid interface number: 184 but max is 0
[ 1097.308932][  T792] usb 5-1: config 2 has no interface number 0
[ 1097.315060][  T792] usb 5-1: config 2 interface 184 has no altsetting 0
[ 1097.322567][   T29] audit: type=1326 audit(1773650496.497:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1097.349813][   T29] audit: type=1326 audit(1773650496.497:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20678 comm="syz.0.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1097.376929][  T792] usb 5-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice= c.2f
[ 1097.386623][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1097.394624][  T792] usb 5-1: Product: syz
[ 1097.399289][  T792] usb 5-1: Manufacturer: syz
[ 1097.403890][  T792] usb 5-1: SerialNumber: syz
[ 1097.690928][T20697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1097.730700][T20697] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1097.756363][    T9] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1097.920480][  T792] usb 5-1: unknown interface protocol 0xd0, assuming v1
[ 1097.938031][    T9] usb 1-1: Using ep0 maxpacket: 16
[ 1097.950267][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 32134, setting to 1024
[ 1097.976723][  T792] usb 5-1: cannot find UAC_HEADER
[ 1097.981839][    T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1098.012704][    T9] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[ 1098.027254][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1098.081055][    T9] usb 1-1: Product: syz
[ 1098.281639][T10285] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[ 1098.628638][  T792] snd-usb-audio 5-1:2.184: probe with driver snd-usb-audio failed with error -22
[ 1098.641042][    T9] usb 1-1: Manufacturer: syz
[ 1098.645660][    T9] usb 1-1: SerialNumber: syz
[ 1098.655048][    T9] usb 1-1: config 0 descriptor??
[ 1098.660489][  T792] usb 5-1: USB disconnect, device number 59
[ 1098.667057][T20713] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1098.682594][    T9] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1098.703694][T15836] udevd[15836]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:2.184/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1098.938855][T20736] netlink: 'syz.4.3715': attribute type 4 has an invalid length.
[ 1099.917202][T16590] usb usb40-port1: attempt power cycle
[ 1099.921619][T19289] usb 1-1: Failed to submit usb control message: -110
[ 1099.932956][T16465] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1099.940617][T10285] usb 3-1: Using ep0 maxpacket: 8
[ 1099.948613][T10285] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1099.962520][T10285] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[ 1099.973728][T19289] usb 1-1: unable to send the bmi data to the device: -110
[ 1099.973752][T19289] usb 1-1: unable to get target info from device
[ 1099.973766][T19289] usb 1-1: could not get target info (-110)
[ 1099.974024][T19289] usb 1-1: could not probe fw (-110)
[ 1100.037590][T10285] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1100.067478][T10285] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1100.147975][T16465] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[ 1100.156277][T16465] usb 2-1: config 0 has no interface number 0
[ 1100.175003][T10285] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1100.194782][T16465] usb 2-1: config 0 interface 255 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[ 1100.195176][T10285] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1100.217343][T16465] usb 2-1: config 0 interface 255 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[ 1100.217428][T16465] usb 2-1: config 0 interface 255 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[ 1100.217487][T16465] usb 2-1: config 0 interface 255 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1100.220140][T16465] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[ 1100.705006][T16465] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1100.745032][T16465] usb 2-1: Product: syz
[ 1100.749573][T16465] usb 2-1: Manufacturer: syz
[ 1100.754499][T16465] usb 2-1: SerialNumber: syz
[ 1100.754518][T10285] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[ 1100.779968][T10285] usb 3-1: config 168 interface 0 has no altsetting 0
[ 1100.944972][T16590] usb usb40-port1: unable to enumerate USB device
[ 1100.946625][T16465] usb 2-1: config 0 descriptor??
[ 1100.991361][T16465] iguanair 2-1:0.255: failed to get version
[ 1101.015801][T16465] iguanair 2-1:0.255: probe with driver iguanair failed with error -90
[ 1101.026237][T10285] usb 3-1: unable to read config index 1 descriptor/start: -71
[ 1101.052137][T10285] usb 3-1: can't read configurations, error -71
[ 1101.553745][   T29] kauditd_printk_skb: 71 callbacks suppressed
[ 1101.553781][   T29] audit: type=1400 audit(1773650501.520:1641): avc:  denied  { map } for  pid=20726 comm="syz.1.3713" path="socket:[68621]" dev="sockfs" ino=68621 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1101.698403][T16465] usb 4-1: new full-speed USB device number 38 using dummy_hcd
[ 1101.747137][   T29] audit: type=1400 audit(1773650501.560:1642): avc:  denied  { read } for  pid=20726 comm="syz.1.3713" path="socket:[68621]" dev="sockfs" ino=68621 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1101.777521][ T5858] usb 1-1: USB disconnect, device number 73
[ 1101.857289][T16465] usb 4-1: config 0 has an invalid interface number: 107 but max is 0
[ 1101.875757][T16465] usb 4-1: config 0 has no interface number 0
[ 1101.883218][T16465] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid maxpacket 65535, setting to 64
[ 1101.885639][  T792] usb 2-1: USB disconnect, device number 44
[ 1101.901230][T16465] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[ 1101.911475][T16465] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[ 1102.902833][T16465] usb 4-1: Product: syz
[ 1102.912942][T16465] usb 4-1: Manufacturer: syz
[ 1103.213501][T16465] usb 4-1: SerialNumber: syz
[ 1103.366377][T16465] usb 4-1: config 0 descriptor??
[ 1103.498950][T20750] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1103.554160][T16465] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected
[ 1103.565985][T16465] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81
[ 1103.640485][T16465] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1
[ 1103.701426][T16465] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[ 1103.778361][T20750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1103.784355][T16465] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2
[ 1103.800808][T20750] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1103.814617][T16465] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[ 1103.845557][T16465] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4
[ 1103.858581][T16465] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[ 1103.868541][T16465] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6
[ 1103.882310][T16465] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[ 1103.894068][T16465] usb 4-1: USB disconnect, device number 38
[ 1103.904860][T16465] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[ 1103.941374][T16465] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[ 1104.180862][T16465] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[ 1104.542615][ T5872] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1104.553748][T16465] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[ 1104.558481][T20783] netlink: 'syz.4.3729': attribute type 10 has an invalid length.
[ 1104.564046][T16465] keyspan 4-1:0.107: device disconnected
[ 1104.599726][T20783] team0: Failed to send options change via netlink (err -105)
[ 1104.610824][T20783] team0: Port device dummy0 added
[ 1104.629400][T20783] netlink: 'syz.4.3729': attribute type 10 has an invalid length.
[ 1104.702913][ T5872] usb 2-1: Using ep0 maxpacket: 16
[ 1104.711396][ T5872] usb 2-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[ 1104.733215][ T5872] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1104.803363][ T5872] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1104.812720][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.820793][ T5872] usb 2-1: Product: syz
[ 1104.957198][ T5872] usb 2-1: Manufacturer: syz
[ 1104.961906][ T5872] usb 2-1: SerialNumber: syz
[ 1106.460155][T20813] netlink: 'syz.4.3736': attribute type 10 has an invalid length.
[ 1106.480803][T20813] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3736'.
[ 1106.519410][T20812] FAULT_INJECTION: forcing a failure.
[ 1106.519410][T20812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1106.575191][T20812] CPU: 1 UID: 0 PID: 20812 Comm: syz.3.3737 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1106.575219][T20812] Tainted: [L]=SOFTLOCKUP
[ 1106.575225][T20812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1106.575235][T20812] Call Trace:
[ 1106.575241][T20812]  <TASK>
[ 1106.575248][T20812]  dump_stack_lvl+0x100/0x190
[ 1106.575280][T20812]  should_fail_ex.cold+0x5/0xa
[ 1106.575306][T20812]  _copy_to_user+0x32/0xd0
[ 1106.575325][T20812]  simple_read_from_buffer+0xcb/0x170
[ 1106.575356][T20812]  proc_fail_nth_read+0x1af/0x230
[ 1106.575381][T20812]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1106.575407][T20812]  ? rw_verify_area+0xce/0x6d0
[ 1106.575430][T20812]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1106.575454][T20812]  vfs_read+0x1e4/0xb30
[ 1106.575482][T20812]  ? __pfx_vfs_read+0x10/0x10
[ 1106.575507][T20812]  ? __fget_files+0x215/0x3d0
[ 1106.575530][T20812]  ? __fget_files+0x21f/0x3d0
[ 1106.575554][T20812]  ksys_read+0x12a/0x250
[ 1106.575585][T20812]  ? __pfx_ksys_read+0x10/0x10
[ 1106.575617][T20812]  do_syscall_64+0x106/0xf80
[ 1106.575639][T20812]  ? clear_bhb_loop+0x40/0x90
[ 1106.575661][T20812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1106.575678][T20812] RIP: 0033:0x7f68b5b5cfce
[ 1106.575693][T20812] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1106.575708][T20812] RSP: 002b:00007f68b6b42fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1106.575725][T20812] RAX: ffffffffffffffda RBX: 00007f68b6b436c0 RCX: 00007f68b5b5cfce
[ 1106.575735][T20812] RDX: 000000000000000f RSI: 00007f68b6b430a0 RDI: 0000000000000007
[ 1106.575744][T20812] RBP: 00007f68b6b43090 R08: 0000000000000000 R09: 0000000000000000
[ 1106.575754][T20812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.575763][T20812] R13: 00007f68b5e16038 R14: 00007f68b5e15fa0 R15: 00007ffe789fb0f8
[ 1106.575786][T20812]  </TASK>
[ 1106.579556][T20813] batadv0: entered promiscuous mode
[ 1106.991477][T20813] batadv0: entered allmulticast mode
[ 1107.058182][T20813] bridge0: port 1(batadv0) entered blocking state
[ 1107.065632][T20813] bridge0: port 1(batadv0) entered disabled state
[ 1107.148627][T20813] bridge0: port 1(batadv0) entered blocking state
[ 1107.155196][T20813] bridge0: port 1(batadv0) entered forwarding state
[ 1107.281618][T19289] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1107.290876][T19289] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1107.618408][ T5872] usb 2-1: 0:2 : does not exist
[ 1107.721526][ T5872] usb 2-1: USB disconnect, device number 45
[ 1107.836283][   T29] audit: type=1400 audit(1773650507.793:1643): avc:  denied  { ioctl } for  pid=20826 comm="syz.4.3743" path="socket:[67940]" dev="sockfs" ino=67940 ioctlcmd=0x8901 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1108.009334][T15836] udevd[15836]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1108.124194][ T5858] usb 5-1: new full-speed USB device number 60 using dummy_hcd
[ 1108.736379][ T5858] usb 5-1: config index 0 descriptor too short (expected 28277, got 36)
[ 1108.825247][ T5858] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1108.835811][ T5858] usb 5-1: config 0 has no interfaces?
[ 1108.841521][ T5858] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1108.851771][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1108.885942][ T5858] usb 5-1: config 0 descriptor??
[ 1110.415168][   T51] Bluetooth: hci2: unexpected event for opcode 0x2003
[ 1110.720217][T20867] 9p: Bad value for 'rfdno'
[ 1110.887073][T20864] netlink: 'syz.1.3751': attribute type 10 has an invalid length.
[ 1110.914661][T20864] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3751'.
[ 1111.544549][   T29] audit: type=1400 audit(1773650511.405:1644): avc:  denied  { connect } for  pid=20876 comm="syz.2.3757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1111.782150][   T29] audit: type=1400 audit(1773650511.415:1645): avc:  denied  { accept } for  pid=20876 comm="syz.2.3757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1112.008951][ T5858] usb 5-1: USB disconnect, device number 60
[ 1112.129049][   T29] audit: type=1400 audit(1773650511.415:1646): avc:  denied  { write } for  pid=20876 comm="syz.2.3757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1112.244762][T20888] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1112.295785][T20888] usb usb8: usbfs: process 20888 (syz.4.3759) did not claim interface 0 before use
[ 1112.794419][T20895] tmpfs: Cannot disable swap on remount
[ 1113.708928][ T5858] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[ 1113.882943][ T5858] usb 2-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[ 1114.047512][ T5858] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1114.210805][T20913] lo speed is unknown, defaulting to 1000
[ 1114.480264][ T5858] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1114.543800][ T5858] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[ 1114.560079][ T5858] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1114.566851][ T5858] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1115.192024][T20919] tmpfs: Bad value for 'mpol'
[ 1115.200186][ T5858] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1115.239570][ T5858] usb 2-1: config 0 descriptor??
[ 1115.411268][   T29] audit: type=1400 audit(1773650515.397:1647): avc:  denied  { getopt } for  pid=20923 comm="syz.2.3771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1115.490428][   T29] audit: type=1400 audit(1773650515.437:1648): avc:  denied  { ioctl } for  pid=20923 comm="syz.2.3771" path="socket:[68837]" dev="sockfs" ino=68837 ioctlcmd=0x587e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1115.721305][ T5858] ryos 0003:1E7D:3138.0010: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.1-1/input0
[ 1116.120217][ T5858] usb 2-1: USB disconnect, device number 46
[ 1116.219058][T20943] netlink: 'syz.3.3775': attribute type 10 has an invalid length.
[ 1116.226960][T20943] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3775'.
[ 1117.639816][T20958] lo speed is unknown, defaulting to 1000
[ 1118.799776][T20966] netlink: 212340 bytes leftover after parsing attributes in process `syz.3.3781'.
[ 1118.813457][T20966] openvswitch: netlink: Key 0 has unexpected len 4 expected 0
[ 1119.254171][T20973] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3783'.
[ 1119.838007][T20973] SET target dimension over the limit!
[ 1119.955116][ T8144] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[ 1120.344966][ T8144] usb 1-1: device descriptor read/64, error -71
[ 1120.594813][ T8144] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[ 1120.608351][T20990] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1120.646318][T20990] usb usb8: usbfs: process 20990 (syz.4.3788) did not claim interface 0 before use
[ 1120.754702][ T8144] usb 1-1: device descriptor read/64, error -71
[ 1120.864916][ T8144] usb usb1-port1: attempt power cycle
[ 1121.594353][ T8144] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1121.601955][T16465] usb 3-1: new full-speed USB device number 90 using dummy_hcd
[ 1121.629913][ T8144] usb 1-1: device descriptor read/8, error -71
[ 1121.739388][T20961] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1121.755934][T16465] usb 3-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[ 1121.769744][T16465] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1121.784241][T16465] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1121.794539][T16465] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[ 1121.831423][T16465] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1121.845002][T16465] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1121.973813][ T8144] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[ 1121.981957][T16465] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.005302][T16465] usb 3-1: config 0 descriptor??
[ 1122.016677][ T8144] usb 1-1: device descriptor read/8, error -71
[ 1122.203500][T21007] lo speed is unknown, defaulting to 1000
[ 1123.011194][ T8144] usb usb1-port1: unable to enumerate USB device
[ 1123.267013][T16465] ryos 0003:1E7D:3138.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.2-1/input0
[ 1123.652645][  T792] usb 3-1: USB disconnect, device number 90
[ 1123.677541][T21016] fido_id[21016]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[ 1124.174993][T21026] syzkaller1: entered promiscuous mode
[ 1124.180617][T21026] syzkaller1: entered allmulticast mode
[ 1124.271649][T21035] netlink: 'syz.0.3799': attribute type 10 has an invalid length.
[ 1124.300234][T21035] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3799'.
[ 1124.316210][T21031] bridge0: port 1(batadv0) entered disabled state
[ 1124.712334][T21044] tipc: Started in network mode
[ 1124.722969][T21044] tipc: Node identity baf4a4c0313c, cluster identity 4711
[ 1124.723185][  T792] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1124.731059][T21044] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1124.733708][T21044] syzkaller0: entered promiscuous mode
[ 1124.753118][T21044] syzkaller0: entered allmulticast mode
[ 1124.984808][  T792] usb 2-1: Using ep0 maxpacket: 16
[ 1124.992354][  T792] usb 2-1: config 1 has an invalid descriptor of length 120, skipping remainder of the config
[ 1125.019028][  T792] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1125.464667][  T792] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1125.474783][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1125.487173][  T792] usb 2-1: Product: syz
[ 1125.491823][  T792] usb 2-1: Manufacturer: syz
[ 1125.516414][T21043] tipc: Resetting bearer <eth:syzkaller0>
[ 1125.530223][T21043] tipc: Disabling bearer <eth:syzkaller0>
[ 1125.545779][  T792] usb 2-1: SerialNumber: syz
[ 1125.956649][T21057] lo speed is unknown, defaulting to 1000
[ 1127.603870][   T29] audit: type=1400 audit(1773650527.583:1649): avc:  denied  { shutdown } for  pid=21065 comm="syz.3.3809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1127.651529][   T29] audit: type=1400 audit(1773650527.613:1650): avc:  denied  { read } for  pid=21065 comm="syz.3.3809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1127.828470][   T29] audit: type=1400 audit(1773650527.813:1651): avc:  denied  { write } for  pid=21070 comm="syz.4.3810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1128.094923][   T29] audit: type=1400 audit(1773650527.833:1652): avc:  denied  { bind } for  pid=21070 comm="syz.4.3810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1128.304782][T21079] syzkaller1: entered promiscuous mode
[ 1128.310262][T21079] syzkaller1: entered allmulticast mode
[ 1128.316665][   T29] audit: type=1400 audit(1773650527.833:1653): avc:  denied  { write } for  pid=21070 comm="syz.4.3810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1128.390499][   T29] audit: type=1400 audit(1773650528.373:1654): avc:  denied  { ioctl } for  pid=21085 comm="syz.4.3813" path="socket:[69191]" dev="sockfs" ino=69191 ioctlcmd=0x5882 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1128.735149][  T792] usb 2-1: 0:2 : does not exist
[ 1128.759025][  T792] usb 2-1: unit 5 not found!
[ 1128.869794][  T792] usb 2-1: USB disconnect, device number 47
[ 1128.900222][T21098] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3816'.
[ 1128.901712][T15836] udevd[15836]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1129.020580][T16465] usb 5-1: new full-speed USB device number 61 using dummy_hcd
[ 1129.482953][T16465] usb 5-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[ 1129.516527][T16465] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1129.530824][T10285] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1129.542420][T16465] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1129.556601][T16465] usb 5-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[ 1129.573562][T16465] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1129.581356][T16465] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1129.591900][T16465] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.606833][T16465] usb 5-1: config 0 descriptor??
[ 1129.680283][T10285] usb 1-1: Using ep0 maxpacket: 32
[ 1129.691900][T10285] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1129.710192][T10285] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.730047][T10285] usb 1-1: config 0 descriptor??
[ 1129.752993][T10285] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1130.401927][T10285] gspca_vc032x: reg_r err -110
[ 1130.411847][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.436856][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.454572][T21111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3820'.
[ 1130.463544][T21111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3820'.
[ 1130.574969][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.586872][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.598773][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.608670][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.620916][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.626212][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.633696][T21112] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3816'.
[ 1130.641006][T16465] ryos 0003:1E7D:3138.0012: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.4-1/input0
[ 1130.794253][   T29] audit: type=1400 audit(1773650530.744:1655): avc:  denied  { mount } for  pid=21108 comm="syz.2.3820" name="/" dev="hugetlbfs" ino=68590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[ 1130.799672][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.852865][T16465] usb 5-1: USB disconnect, device number 61
[ 1130.930013][T21114] fido_id[21114]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[ 1130.939626][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.969664][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.975746][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1130.986561][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.004142][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.024118][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.052509][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.067923][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.091594][T10285] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.102393][T10285] gspca_vc032x: Unknown sensor...
[ 1131.113757][T10285] vc032x 1-1:0.0: probe with driver vc032x failed with error -22
[ 1131.389656][T16465] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[ 1131.669248][T16465] usb 3-1: Using ep0 maxpacket: 16
[ 1131.705053][T16465] usb 3-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[ 1131.718321][T16465] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1131.741404][T16465] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1131.752131][T16465] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1131.762301][T16465] usb 3-1: Product: syz
[ 1131.766638][T16465] usb 3-1: Manufacturer: syz
[ 1131.773120][T16465] usb 3-1: SerialNumber: syz
[ 1132.197359][  T792] usb 1-1: USB disconnect, device number 78
[ 1134.449527][T16465] usb 3-1: 0:2 : does not exist
[ 1134.454608][T16465] usb 3-1: unit 5 not found!
[ 1134.470600][   T29] audit: type=1400 audit(1773650534.466:1656): avc:  denied  { append } for  pid=21144 comm="syz.4.3830" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1134.973853][T16465] usb 3-1: USB disconnect, device number 91
[ 1135.084672][   T29] audit: type=1400 audit(1773650535.076:1657): avc:  denied  { append } for  pid=21156 comm="syz.2.3833" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1135.151637][T21164] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3836'.
[ 1135.181048][   T29] audit: type=1400 audit(1773650535.076:1658): avc:  denied  { open } for  pid=21156 comm="syz.2.3833" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1135.407541][T16465] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1135.465248][T16590] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1135.486862][T21175] overlayfs: missing 'workdir'
[ 1135.517334][  T792] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1135.560396][T16465] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1135.571113][T16465] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1135.580747][T16465] usb 3-1: config 1 has no interface number 0
[ 1135.587134][T16465] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1135.603037][T16465] usb 3-1: config 1 interface 1 has no altsetting 0
[ 1135.612238][T16465] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1135.622015][T16465] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1135.631473][T16465] usb 3-1: Product: syz
[ 1135.635764][T16465] usb 3-1: Manufacturer: syz
[ 1135.640800][T16465] usb 3-1: SerialNumber: syz
[ 1135.650357][T16590] usb 1-1: Using ep0 maxpacket: 32
[ 1135.997105][  T792] usb 2-1: Using ep0 maxpacket: 16
[ 1136.009582][T16465] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1136.012334][  T792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1136.037250][T16590] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1136.045598][T16465] usb 3-1: USB disconnect, device number 92
[ 1136.052360][T16590] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1136.066858][  T792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1136.100516][T16590] usb 1-1: config 0 descriptor??
[ 1136.105704][  T792] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[ 1136.119461][T16590] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1136.125708][  T792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1136.139045][  T792] usb 2-1: config 0 descriptor??
[ 1136.394876][T21190] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3836'.
[ 1136.486852][T10285] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[ 1136.676851][T10285] usb 4-1: Using ep0 maxpacket: 16
[ 1136.785020][T10285] usb 4-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[ 1136.814514][T16590] gspca_vc032x: reg_r err -110
[ 1136.821789][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.829600][T10285] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1136.854861][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.860541][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.871916][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.878652][T10285] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1136.888222][  T792] ntrig 0003:1B96:0008.0013: item fetching failed at offset 3/7
[ 1136.901578][T10285] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1136.909762][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.915351][  T792] ntrig 0003:1B96:0008.0013: parse failed
[ 1136.921318][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.926648][T10285] usb 4-1: Product: syz
[ 1136.931234][T10285] usb 4-1: Manufacturer: syz
[ 1136.935897][  T792] ntrig 0003:1B96:0008.0013: probe with driver ntrig failed with error -22
[ 1136.944959][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1136.981828][T21196] netlink: 'syz.2.3845': attribute type 10 has an invalid length.
[ 1136.993294][T21196] netlink: 'syz.2.3845': attribute type 10 has an invalid length.
[ 1137.017473][T10285] usb 4-1: SerialNumber: syz
[ 1137.022101][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.030348][  T792] usb 2-1: USB disconnect, device number 48
[ 1137.039521][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.318805][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.326314][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.331685][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.343199][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.348580][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.353878][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.359572][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.364880][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.370507][T16590] gspca_vc032x: I2c Bus Busy Wait 00
[ 1137.375783][T16590] gspca_vc032x: Unknown sensor...
[ 1137.382352][T16590] vc032x 1-1:0.0: probe with driver vc032x failed with error -22
[ 1137.536699][T11842] Bluetooth: hci4: command 0x0406 tx timeout
[ 1138.159056][  T792] usb 1-1: USB disconnect, device number 79
[ 1138.727657][T21217] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1138.851160][   T51] Bluetooth: hci1: unknown advertising packet type: 0x75
[ 1138.851252][   T51] Bluetooth: hci1: unknown advertising packet type: 0x20
[ 1138.858488][   T51] Bluetooth: hci1: Malformed LE Event: 0x02
[ 1139.015939][T16465] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 1139.235560][T16465] usb 3-1: Using ep0 maxpacket: 16
[ 1139.445806][T10285] usb 4-1: 0:2 : does not exist
[ 1139.462162][T10285] usb 4-1: unit 5 not found!
[ 1139.476956][T16465] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1139.521818][T16465] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1139.569022][T16465] usb 3-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[ 1139.598264][T16465] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.607523][T10285] usb 4-1: USB disconnect, device number 39
[ 1139.670122][T16465] usb 3-1: config 0 descriptor??
[ 1140.041428][T21244] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3858'.
[ 1140.108692][T21241] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1140.134767][T15836] block nbd64: NBD_DISCONNECT
[ 1140.179417][T16465] ntrig 0003:1B96:0008.0014: item fetching failed at offset 3/7
[ 1140.216041][T16465] ntrig 0003:1B96:0008.0014: parse failed
[ 1140.231176][T16465] ntrig 0003:1B96:0008.0014: probe with driver ntrig failed with error -22
[ 1140.293059][T15836] udevd[15836]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1140.439834][T10285] usb 3-1: USB disconnect, device number 93
[ 1141.530620][T21265] block nbd0: NBD_DISCONNECT
[ 1141.567986][T21267] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1141.979787][  T792] usb 3-1: new full-speed USB device number 94 using dummy_hcd
[ 1142.175558][T21281] netlink: 'syz.0.3869': attribute type 4 has an invalid length.
[ 1142.386352][T21278] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1142.445157][  T792] usb 3-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[ 1142.465985][  T792] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1142.482149][  T792] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1142.522786][T21278] usb usb8: usbfs: process 21278 (syz.4.3868) did not claim interface 0 before use
[ 1142.546281][  T792] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[ 1142.562792][  T792] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1142.569664][  T792] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1142.579075][  T792] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1142.604810][  T792] usb 3-1: config 0 descriptor??
[ 1142.717994][   T29] audit: type=1326 audit(1773650542.710:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1142.763981][T21285] team0 (unregistering): Port device team_slave_0 removed
[ 1142.807485][   T29] audit: type=1326 audit(1773650542.710:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1142.841981][T21285] team0 (unregistering): Port device team_slave_1 removed
[ 1142.853045][   T29] audit: type=1326 audit(1773650542.740:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.003153][   T29] audit: type=1326 audit(1773650542.740:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.077210][   T29] audit: type=1326 audit(1773650542.740:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.115168][   T29] audit: type=1326 audit(1773650542.740:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.159618][   T29] audit: type=1326 audit(1773650542.740:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.185258][   T29] audit: type=1326 audit(1773650542.740:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.243642][   T29] audit: type=1326 audit(1773650542.740:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.283422][   T29] audit: type=1326 audit(1773650542.740:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21269 comm="syz.1.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7b59c799 code=0x7ffc0000
[ 1143.318641][  T792] ryos 0003:1E7D:3138.0015: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.2-1/input0
[ 1143.855666][ T5887] usb 3-1: USB disconnect, device number 94
[ 1144.453216][ T5887] usb 2-1: new low-speed USB device number 49 using dummy_hcd
[ 1144.540699][T21316] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1144.579355][T21316] usb usb8: usbfs: process 21316 (syz.3.3879) did not claim interface 0 before use
[ 1144.662717][ T5887] usb 2-1: Invalid ep0 maxpacket: 32
[ 1144.752704][T16465] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1144.792703][ T5887] usb 2-1: new low-speed USB device number 50 using dummy_hcd
[ 1144.907363][T16465] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1144.935161][T16465] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1144.946710][T16465] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1144.962633][T16465] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1144.962652][ T5887] usb 2-1: Invalid ep0 maxpacket: 32
[ 1144.991413][T16465] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40
[ 1145.001110][T16465] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1145.009636][T16465] usb 3-1: Product: syz
[ 1145.022389][T16465] usb 3-1: Manufacturer: syz
[ 1145.030071][T16465] usb 3-1: SerialNumber: syz
[ 1145.078034][ T5887] usb usb2-port1: attempt power cycle
[ 1145.634676][T21323] SET target dimension over the limit!
[ 1145.987664][T21318] delete_channel: no stack
[ 1146.085741][T21329] netlink: 'syz.3.3882': attribute type 1 has an invalid length.
[ 1146.103450][T21329] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1146.171986][ T5887] usb 2-1: new low-speed USB device number 51 using dummy_hcd
[ 1146.187947][T21331] bond1: (slave geneve0): making interface the new active one
[ 1146.234598][ T5887] usb 2-1: Invalid ep0 maxpacket: 32
[ 1146.267643][T21331] bond1: (slave geneve0): Enslaving as an active interface with an up link
[ 1146.372472][ T5887] usb 2-1: new low-speed USB device number 52 using dummy_hcd
[ 1146.423427][ T5887] usb 2-1: Invalid ep0 maxpacket: 32
[ 1146.434509][ T5887] usb usb2-port1: unable to enumerate USB device
[ 1147.089396][T21336] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3884'.
[ 1147.229078][T21336] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3884'.
[ 1147.295053][T21336] geneve2: entered promiscuous mode
[ 1147.319295][T21336] geneve2: entered allmulticast mode
[ 1147.551791][ T5887] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1147.721254][ T5887] usb 2-1: Using ep0 maxpacket: 16
[ 1147.728057][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1147.739135][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1147.749152][ T5887] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[ 1147.760999][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1147.812028][ T5887] usb 2-1: config 0 descriptor??
[ 1148.243312][T21355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1148.255501][ T5887] ntrig 0003:1B96:0008.0016: item fetching failed at offset 3/7
[ 1148.291443][ T5887] ntrig 0003:1B96:0008.0016: parse failed
[ 1148.293168][T21355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1148.297317][ T5887] ntrig 0003:1B96:0008.0016: probe with driver ntrig failed with error -22
[ 1148.752198][T21358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3889'.
[ 1148.803517][  T793] usb 2-1: USB disconnect, device number 53
[ 1150.130067][  T793] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1150.607747][T16465] usb 3-1: USB disconnect, device number 95
[ 1150.769819][  T793] usb 5-1: Using ep0 maxpacket: 16
[ 1150.784870][  T793] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[ 1150.804242][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1150.827371][  T793] usb 5-1: Product: syz
[ 1150.855259][  T793] usb 5-1: Manufacturer: syz
[ 1150.879775][  T793] usb 5-1: SerialNumber: syz
[ 1150.910647][  T793] usb 5-1: config 0 descriptor??
[ 1150.942160][  T793] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[ 1150.981756][  T793] usb 5-1: Detected FT-X
[ 1151.142871][  T793] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1151.168330][  T793] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1151.194492][  T793] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[ 1151.226218][  T793] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1151.255396][  T793] usb 5-1: USB disconnect, device number 62
[ 1151.264816][  T793] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1151.276146][  T793] ftdi_sio 5-1:0.0: device disconnected
[ 1151.338457][T21373] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3897'.
[ 1151.570211][T21378] syzkaller0: entered promiscuous mode
[ 1151.575865][T21378] syzkaller0: entered allmulticast mode
[ 1152.668576][   T29] kauditd_printk_skb: 15 callbacks suppressed
[ 1152.668592][   T29] audit: type=1400 audit(1773650552.665:1684): avc:  denied  { read } for  pid=21405 comm="syz.1.3907" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1152.699321][ T5872] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1152.872657][ T5872] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1152.885882][ T5872] usb 3-1: string descriptor 0 read error: -22
[ 1152.892413][ T5872] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.9a
[ 1152.901866][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1152.923006][ T5872] gspca_main: spca501-2.14.0 probing 0000:0000
[ 1153.638428][ T5872] gspca_spca501: reg write: error -110
[ 1153.646529][ T5872] spca501 3-1:1.0: Reg write failed for 0x02,0xa048,0x00
[ 1153.653899][ T5872] spca501 3-1:1.0: probe with driver spca501 failed with error -22
[ 1153.849608][T21423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1153.864929][T21423] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1153.877581][T21423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1153.888422][T21423] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1154.119017][T21417] syzkaller0: entered promiscuous mode
[ 1154.124558][T21417] syzkaller0: entered allmulticast mode
[ 1154.299072][T21434] netlink: 'syz.4.3909': attribute type 10 has an invalid length.
[ 1154.324304][T21434] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3909'.
[ 1154.530850][T21437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3910'.
[ 1155.587264][ T5887] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 1155.764130][ T5887] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1155.777479][ T5887] usb 4-1: config 247 has an invalid descriptor of length 0, skipping remainder of the config
[ 1155.796824][ T5887] usb 4-1: New USB device found, idVendor=0856, idProduct=bc03, bcdDevice=43.29
[ 1155.818561][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1155.836536][ T5887] usb 4-1: Product: syz
[ 1155.846292][ T5887] usb 4-1: Manufacturer: syz
[ 1155.855652][ T5887] usb 4-1: SerialNumber: syz
[ 1156.766753][  T793] usb 1-1: new full-speed USB device number 80 using dummy_hcd
[ 1156.920557][  T793] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1156.930789][  T793] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1156.940180][  T793] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1156.949599][  T793] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1156.957908][  T793] usb 1-1: Product: syz
[ 1156.962242][  T793] usb 1-1: Manufacturer: syz
[ 1156.967174][  T793] usb 1-1: SerialNumber: syz
[ 1156.975604][  T793] usb 1-1: config 0 descriptor??
[ 1156.987876][  T793] usb 1-1: selecting invalid altsetting 0
[ 1157.385024][T21451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1157.410303][T21451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1157.475925][T21451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1157.492093][T21451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1157.983480][ T5872] usb 1-1: USB disconnect, device number 80
[ 1158.006924][  T792] usb 3-1: USB disconnect, device number 96
[ 1158.265963][  T793] usb 5-1: new low-speed USB device number 63 using dummy_hcd
[ 1158.398568][ T5887] mos7840 4-1:247.0: required endpoints missing
[ 1158.473013][ T5887] usb 4-1: USB disconnect, device number 40
[ 1158.604356][   T29] audit: type=1326 audit(1773650558.598:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21483 comm="syz.1.3925" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4a7b59c799 code=0x0
[ 1158.661669][T21489] loop9: detected capacity change from 0 to 7
[ 1158.689137][T21490] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3926'.
[ 1158.698331][  T793] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1158.711721][  T793] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 65528, setting to 8
[ 1158.738600][  T793] usb 5-1: config 1 interface 1 has no altsetting 1
[ 1158.747983][T21489] Dev loop9: unable to read RDB block 7
[ 1158.753533][T21489]  loop9: unable to read partition table
[ 1158.786838][T21489] loop9: partition table beyond EOD, truncated
[ 1158.794778][T21489] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[ 1159.341381][   T29] audit: type=1326 audit(1773650559.339:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1159.372321][ T5872] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[ 1159.397043][T21500] netlink: 'syz.0.3927': attribute type 1 has an invalid length.
[ 1159.407220][   T29] audit: type=1326 audit(1773650559.339:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1159.466806][T21500] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1159.694661][ T5872] usb 4-1: Using ep0 maxpacket: 32
[ 1159.725569][ T5872] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1159.741939][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1159.753341][ T5872] usb 4-1: config 0 descriptor??
[ 1159.761551][ T5872] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1159.845391][   T29] audit: type=1326 audit(1773650559.339:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1160.035277][   T29] audit: type=1326 audit(1773650559.339:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1160.112472][T21507] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3926'.
[ 1160.514247][ T5872] gspca_vc032x: reg_r err -110
[ 1160.519154][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.524494][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.529912][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.535269][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.540601][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.545968][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.553157][   T29] audit: type=1326 audit(1773650559.339:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1160.578059][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.583361][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.613480][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.631098][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.642468][   T29] audit: type=1326 audit(1773650559.339:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1160.741209][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.754794][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.774661][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.787773][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.820299][   T29] audit: type=1326 audit(1773650559.799:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1160.845016][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.856333][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.867546][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.878419][ T5872] gspca_vc032x: I2c Bus Busy Wait 00
[ 1160.886099][ T5872] gspca_vc032x: Unknown sensor...
[ 1160.891209][   T29] audit: type=1326 audit(1773650559.799:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21491 comm="syz.0.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218599c799 code=0x7ffc0000
[ 1160.916628][ T5872] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[ 1161.017536][  T793] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1161.027261][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1161.069177][  T793] usb 5-1: can't set config #1, error -71
[ 1161.079518][T21516] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3933'.
[ 1161.090237][  T793] usb 5-1: USB disconnect, device number 63
[ 1161.098759][T21516] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3933'.
[ 1161.147010][   T29] audit: type=1400 audit(1773650561.149:1694): avc:  denied  { read } for  pid=21515 comm="syz.4.3933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1161.489296][T21526] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21526 comm=syz.4.3936
[ 1161.805755][ T5887] usb 4-1: USB disconnect, device number 41
[ 1164.104164][T21564] netlink: 'syz.0.3947': attribute type 10 has an invalid length.
[ 1164.150269][T21564] team0: Failed to send options change via netlink (err -105)
[ 1164.167657][T21564] team0: Port device dummy0 added
[ 1164.207933][T21564] netlink: 'syz.0.3947': attribute type 10 has an invalid length.
[ 1164.703639][ T5858] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1164.743609][T21571] netlink: 108 bytes leftover after parsing attributes in process `syz.4.3949'.
[ 1164.851886][T21574] netlink: 'syz.0.3950': attribute type 4 has an invalid length.
[ 1165.029793][  T793] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1165.047785][ T5858] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1165.150048][ T5858] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[ 1165.185027][ T5858] usb 3-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[ 1165.201902][ T5858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1165.220350][ T5858] usb 3-1: Product: syz
[ 1165.230447][ T5858] usb 3-1: Manufacturer: syz
[ 1165.231130][  T793] usb 5-1: Using ep0 maxpacket: 32
[ 1165.252913][ T5858] usb 3-1: SerialNumber: syz
[ 1165.258739][  T793] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1165.278078][  T793] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1165.295147][  T793] usb 5-1: config 0 descriptor??
[ 1165.318226][  T793] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1165.494949][T21560] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3945'.
[ 1165.504018][T21560] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3945'.
[ 1165.513056][T21560] netlink: 'syz.2.3945': attribute type 6 has an invalid length.
[ 1165.521596][T21560] netlink: 'syz.2.3945': attribute type 5 has an invalid length.
[ 1165.529762][T21560] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3945'.
[ 1165.555284][ T5858] usb 3-1: unit 4 not found!
[ 1165.589865][T21582] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3949'.
[ 1165.631900][ T5858] usb 3-1: USB disconnect, device number 97
[ 1165.823043][T15513] udevd[15513]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1165.844864][  T793] gspca_vc032x: reg_r err -110
[ 1165.850111][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.855484][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.859583][T21591] netlink: 108 bytes leftover after parsing attributes in process `syz.1.3953'.
[ 1165.860853][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.876092][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.881385][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.886733][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.892044][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.897366][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.902652][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1165.908021][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.352487][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.371662][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.391741][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.431912][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.454291][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.466979][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.472591][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.481399][  T793] gspca_vc032x: I2c Bus Busy Wait 00
[ 1166.487085][  T793] gspca_vc032x: Unknown sensor...
[ 1166.492381][  T793] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1166.814006][T21600] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1166.996235][T21604] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1167.448374][ T5887] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1167.583404][   T51] Bluetooth: hci2: unknown advertising packet type: 0x75
[ 1167.583448][   T51] Bluetooth: hci2: unknown advertising packet type: 0x20
[ 1167.590584][   T51] Bluetooth: hci2: Malformed LE Event: 0x02
[ 1168.462977][ T5887] usb 2-1: Using ep0 maxpacket: 32
[ 1168.567687][ T5887] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1168.592012][  T793] usb 5-1: USB disconnect, device number 64
[ 1168.604071][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.741594][ T5887] usb 2-1: config 0 descriptor??
[ 1169.136059][T21617] trusted_key: encrypted_key: master key parameter '��.�����d�W�OQ����L뢐Fbb�䋩' is invalid
[ 1169.141955][ T5887] usb 2-1: can't set config #0, error -71
[ 1169.153738][T21617] trusted_key: encrypted_key: master key parameter '��.�����d�W�OQ����L뢐Fbb�䋩' is invalid
[ 1169.252318][ T5887] usb 2-1: USB disconnect, device number 54
[ 1171.547702][T21630] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1171.584102][T21628] syzkaller1: entered promiscuous mode
[ 1171.812258][T21628] syzkaller1: entered allmulticast mode
[ 1171.864890][ T5872] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 1172.401095][ T5872] usb 4-1: Using ep0 maxpacket: 32
[ 1172.422200][ T5872] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[ 1172.529195][T21630] usb usb8: usbfs: process 21630 (syz.2.3964) did not claim interface 0 before use
[ 1172.544600][ T5872] usb 4-1: config 0 has no interface number 0
[ 1172.569250][ T5872] usb 4-1: config 0 interface 184 has no altsetting 0
[ 1172.611943][ T5872] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1173.092492][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1173.143802][ T5872] usb 4-1: Product: syz
[ 1173.148002][ T5872] usb 4-1: Manufacturer: syz
[ 1173.203504][ T5872] usb 4-1: SerialNumber: syz
[ 1173.270936][ T5872] usb 4-1: config 0 descriptor??
[ 1173.998513][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1174.072993][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1181.129962][    C0] sched: DL replenish lagged too much
[ 1184.378049][ T5858] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1199.287744][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[ 1314.212841][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1314.219819][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5179/1:b..l P18366/1:b..l P2/1:b..l
[ 1314.230398][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=101097, q=1523440 ncpus=2)
[ 1314.238550][    C0] task:kthreadd        state:R  running task     stack:26504 pid:2     tgid:2     ppid:0      task_flags:0x208040 flags:0x00080000
[ 1314.253447][    C0] Call Trace:
[ 1314.256738][    C0]  <TASK>
[ 1314.259669][    C0]  __schedule+0xfee/0x6120
[ 1314.264105][    C0]  ? __pfx___schedule+0x10/0x10
[ 1314.268974][    C0]  ? mark_held_locks+0x40/0x70
[ 1314.273724][    C0]  preempt_schedule_irq+0x50/0x90
[ 1314.278746][    C0]  irqentry_exit+0x17b/0x670
[ 1314.283341][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1314.289322][    C0] RIP: 0010:lock_acquire+0x5e/0x380
[ 1314.294518][    C0] Code: 05 7b eb 28 12 83 f8 07 0f 87 f0 00 00 00 48 0f a3 05 46 9c f4 0e 0f 82 c2 02 00 00 8b 35 2e d0 f4 0e 85 f6 0f 85 dd 00 00 00 <48> 8b 44 24 30 65 48 2b 05 1d eb 28 12 0f 85 02 03 00 00 48 83 c4
[ 1314.314124][    C0] RSP: 0018:ffffc900000772f0 EFLAGS: 00000206
[ 1314.320213][    C0] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000001
[ 1314.328169][    C0] RDX: 0000000000000000 RSI: ffffffff8de50b8b RDI: ffffffff8c1b06a0
[ 1314.336144][    C0] RBP: ffffffff8e7e76a0 R08: 0000000002c048e3 R09: 0000000000000007
[ 1314.344118][    C0] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
[ 1314.352086][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1314.360075][    C0]  ? unwind_next_frame+0x3be/0x1ea0
[ 1314.365278][    C0]  ? unwind_next_frame+0x3be/0x1ea0
[ 1314.370474][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1314.376613][    C0]  unwind_next_frame+0xd1/0x1ea0
[ 1314.381549][    C0]  ? unwind_next_frame+0xbd/0x1ea0
[ 1314.386663][    C0]  ? __kasan_slab_alloc+0x69/0x90
[ 1314.391698][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1314.397854][    C0]  arch_stack_walk+0x94/0xf0
[ 1314.402451][    C0]  ? __kasan_slab_alloc+0x69/0x90
[ 1314.407482][    C0]  stack_trace_save+0x8e/0xc0
[ 1314.412159][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1314.417532][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1314.422461][    C0]  save_stack+0x162/0x1e0
[ 1314.426775][    C0]  ? __pfx_save_stack+0x10/0x10
[ 1314.431626][    C0]  ? __free_frozen_pages+0x7e1/0x10d0
[ 1314.436996][    C0]  ? qlist_free_all+0x47/0xe0
[ 1314.441684][    C0]  ? kasan_quarantine_reduce+0x1a0/0x1f0
[ 1314.447320][    C0]  ? __kasan_slab_alloc+0x69/0x90
[ 1314.452365][    C0]  ? page_ext_put+0x3e/0xd0
[ 1314.456881][    C0]  __reset_page_owner+0x84/0x190
[ 1314.461827][    C0]  __free_frozen_pages+0x7e1/0x10d0
[ 1314.467034][    C0]  qlist_free_all+0x47/0xe0
[ 1314.471534][    C0]  kasan_quarantine_reduce+0x1a0/0x1f0
[ 1314.476978][    C0]  __kasan_slab_alloc+0x69/0x90
[ 1314.481837][    C0]  kmem_cache_alloc_noprof+0x241/0x6e0
[ 1314.487307][    C0]  ? alloc_pid+0x1bd/0x1890
[ 1314.491787][    C0]  alloc_pid+0x1bd/0x1890
[ 1314.496087][    C0]  ? __pfx_alloc_pid+0x10/0x10
[ 1314.500833][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1314.505750][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1314.511531][    C0]  ? fpu_clone+0x226/0x7c0
[ 1314.515916][    C0]  ? __asan_memset+0x23/0x50
[ 1314.520476][    C0]  ? copy_thread+0x6ce/0xb60
[ 1314.525045][    C0]  copy_process+0x40e7/0x7a40
[ 1314.529699][    C0]  ? __pfx_copy_process+0x10/0x10
[ 1314.534703][    C0]  ? trace_pelt_se_tp+0x159/0x1b0
[ 1314.539695][    C0]  ? __update_load_avg_se+0x5c7/0xe80
[ 1314.545050][    C0]  kernel_clone+0xfc/0x9a0
[ 1314.549435][    C0]  ? find_held_lock+0x2b/0x80
[ 1314.554083][    C0]  ? __pfx_kernel_clone+0x10/0x10
[ 1314.559079][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1314.563813][    C0]  ? trace_sched_exit_tp+0x13a/0x180
[ 1314.569070][    C0]  ? __pfx_kthread+0x10/0x10
[ 1314.573628][    C0]  kernel_thread+0xdb/0x120
[ 1314.578103][    C0]  ? __pfx_kernel_thread+0x10/0x10
[ 1314.583189][    C0]  ? __pfx_kthread+0x10/0x10
[ 1314.587745][    C0]  ? do_raw_spin_lock+0x128/0x260
[ 1314.592738][    C0]  ? find_held_lock+0x2b/0x80
[ 1314.597397][    C0]  ? kthreadd+0x433/0x7a0
[ 1314.601693][    C0]  ? kthreadd+0x433/0x7a0
[ 1314.606003][    C0]  kthreadd+0x498/0x7a0
[ 1314.610130][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1314.615294][    C0]  ? __pfx_kthreadd+0x10/0x10
[ 1314.619939][    C0]  ret_from_fork+0x754/0xd80
[ 1314.624499][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1314.629579][    C0]  ? __switch_to+0x7b4/0x1120
[ 1314.634227][    C0]  ? __pfx_kthreadd+0x10/0x10
[ 1314.638903][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1314.643684][    C0]  </TASK>
[ 1314.646686][    C0] task:syz-executor    state:R  running task     stack:23832 pid:18366 tgid:18366 ppid:18359  task_flags:0x400140 flags:0x00080000
[ 1314.660126][    C0] Call Trace:
[ 1314.663378][    C0]  <TASK>
[ 1314.666280][    C0]  ? pv_hash+0xf0/0x1b0
[ 1314.670406][    C0]  ? __pfx_pv_hash+0x10/0x10
[ 1314.674966][    C0]  ? native_halt+0x1c/0x30
[ 1314.679365][    C0]  ? kvm_wait+0x112/0x160
[ 1314.683663][    C0]  ? __pv_queued_spin_lock_slowpath+0x4b0/0xc00
[ 1314.689877][    C0]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1314.696449][    C0]  ? do_raw_spin_lock+0x1e0/0x260
[ 1314.701447][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1314.706792][    C0]  ? rcu_preempt_deferred_qs_irqrestore+0x1b4/0xb90
[ 1314.713354][    C0]  ? __rcu_read_unlock+0x26a/0x5e0
[ 1314.718437][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1314.723174][    C0]  ? __rcu_read_unlock+0x27f/0x5e0
[ 1314.728257][    C0]  ? unwind_next_frame+0x3c8/0x1ea0
[ 1314.733422][    C0]  ? qlist_free_all+0x47/0xe0
[ 1314.738083][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1314.744206][    C0]  ? arch_stack_walk+0x94/0xf0
[ 1314.748939][    C0]  ? kasan_quarantine_reduce+0x1a0/0x1f0
[ 1314.754556][    C0]  ? stack_trace_save+0x8e/0xc0
[ 1314.759375][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1314.764717][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1314.769623][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1314.774528][    C0]  ? save_stack+0x162/0x1e0
[ 1314.779014][    C0]  ? __pfx_save_stack+0x10/0x10
[ 1314.783834][    C0]  ? __free_frozen_pages+0x7e1/0x10d0
[ 1314.789185][    C0]  ? qlist_free_all+0x47/0xe0
[ 1314.793835][    C0]  ? page_ext_put+0x3e/0xd0
[ 1314.798311][    C0]  ? __reset_page_owner+0x84/0x190
[ 1314.803402][    C0]  ? __free_frozen_pages+0x7e1/0x10d0
[ 1314.808743][    C0]  ? __free_slab+0xd0/0x220
[ 1314.813218][    C0]  ? tomoyo_encode2+0xfb/0x3c0
[ 1314.817950][    C0]  ? qlist_free_all+0x47/0xe0
[ 1314.822597][    C0]  ? kasan_quarantine_reduce+0x1a0/0x1f0
[ 1314.828201][    C0]  ? __kasan_slab_alloc+0x69/0x90
[ 1314.833205][    C0]  ? __kmalloc_noprof+0x2b9/0x850
[ 1314.838210][    C0]  ? tomoyo_encode2+0xfb/0x3c0
[ 1314.842945][    C0]  ? tomoyo_encode+0x29/0x50
[ 1314.847515][    C0]  ? tomoyo_realpath_from_path+0x18c/0x690
[ 1314.853293][    C0]  ? tomoyo_path_perm+0x276/0x460
[ 1314.858284][    C0]  ? tomoyo_path_perm+0x262/0x460
[ 1314.863286][    C0]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1314.868639][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[ 1314.873808][    C0]  ? putname+0xb1/0x110
[ 1314.877932][    C0]  ? kmem_cache_free+0x124/0x6a0
[ 1314.882839][    C0]  ? security_inode_getattr+0x116/0x280
[ 1314.888364][    C0]  ? vfs_fstat+0x4b/0xe0
[ 1314.892589][    C0]  ? __do_sys_newfstat+0x8b/0x110
[ 1314.897581][    C0]  ? __pfx___do_sys_newfstat+0x10/0x10
[ 1314.903020][    C0]  ? do_syscall_64+0x106/0xf80
[ 1314.907752][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1314.912409][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1314.918449][    C0]  </TASK>
[ 1314.921442][    C0] task:udevd           state:R  running task     stack:23688 pid:5179  tgid:5179  ppid:1      task_flags:0x400140 flags:0x00080000
[ 1314.934889][    C0] Call Trace:
[ 1314.938151][    C0]  <TASK>
[ 1314.941054][    C0]  __schedule+0xfee/0x6120
[ 1314.945451][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1314.951584][    C0]  ? __pfx___schedule+0x10/0x10
[ 1314.956403][    C0]  ? mark_held_locks+0x40/0x70
[ 1314.961137][    C0]  preempt_schedule_irq+0x50/0x90
[ 1314.966141][    C0]  irqentry_exit+0x17b/0x670
[ 1314.970714][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1314.976669][    C0] RIP: 0010:__orc_find+0x7e/0xf0
[ 1314.981575][    C0] Code: ea 3f 48 c1 fe 02 48 01 f2 48 d1 fa 48 8d 5c 95 00 48 89 da 48 c1 ea 03 0f b6 34 0a 48 89 da 83 e2 07 83 c2 03 40 38 f2 7c 05 <40> 84 f6 75 4b 48 63 13 48 01 da 49 39 d5 73 af 4c 8d 63 fc 49 39
[ 1315.001149][    C0] RSP: 0018:ffffc9000425f558 EFLAGS: 00000206
[ 1315.007182][    C0] RAX: ffffffff91871554 RBX: ffffffff90fb7ad8 RCX: dffffc0000000000
[ 1315.015120][    C0] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff90fb7a9c
[ 1315.023058][    C0] RBP: ffffffff90fb7ad8 R08: ffffffff918715ba R09: 0000000000000007
[ 1315.030996][    C0] R10: 0000000000000200 R11: 0000000000017560 R12: ffffffff90fb7adc
[ 1315.038936][    C0] R13: ffffffff827560c6 R14: ffffffff90fb7a9c R15: ffffffff90fb7ad4
[ 1315.046884][    C0]  ? qlist_free_all+0x46/0xe0
[ 1315.051538][    C0]  ? qlist_free_all+0x46/0xe0
[ 1315.056192][    C0]  unwind_next_frame+0x2ec/0x1ea0
[ 1315.061185][    C0]  ? qlist_free_all+0x47/0xe0
[ 1315.065831][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1315.071953][    C0]  arch_stack_walk+0x94/0xf0
[ 1315.076513][    C0]  ? qlist_free_all+0x47/0xe0
[ 1315.081171][    C0]  stack_trace_save+0x8e/0xc0
[ 1315.085818][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1315.091162][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1315.096079][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1315.101009][    C0]  save_stack+0x162/0x1e0
[ 1315.105325][    C0]  ? __pfx_save_stack+0x10/0x10
[ 1315.110164][    C0]  ? __free_frozen_pages+0x7e1/0x10d0
[ 1315.115527][    C0]  ? qlist_free_all+0x47/0xe0
[ 1315.120188][    C0]  ? page_ext_put+0x3e/0xd0
[ 1315.124669][    C0]  __reset_page_owner+0x84/0x190
[ 1315.129595][    C0]  __free_frozen_pages+0x7e1/0x10d0
[ 1315.134764][    C0]  ? __free_slab+0xd0/0x220
[ 1315.139243][    C0]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1315.144935][    C0]  qlist_free_all+0x47/0xe0
[ 1315.149411][    C0]  kasan_quarantine_reduce+0x1a0/0x1f0
[ 1315.154862][    C0]  __kasan_slab_alloc+0x69/0x90
[ 1315.159686][    C0]  __kmalloc_noprof+0x2b9/0x850
[ 1315.164509][    C0]  tomoyo_realpath_from_path+0xb6/0x690
[ 1315.170028][    C0]  tomoyo_path_perm+0x276/0x460
[ 1315.174856][    C0]  ? tomoyo_path_perm+0x262/0x460
[ 1315.179849][    C0]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1315.185213][    C0]  ? find_held_lock+0x2b/0x80
[ 1315.189860][    C0]  ? __might_fault+0xc5/0x140
[ 1315.194517][    C0]  ? __might_fault+0xc5/0x140
[ 1315.199173][    C0]  security_inode_getattr+0x116/0x280
[ 1315.204526][    C0]  vfs_statx+0x11f/0x3f0
[ 1315.208738][    C0]  ? __pfx_vfs_statx+0x10/0x10
[ 1315.213481][    C0]  ? do_getname+0x191/0x390
[ 1315.217955][    C0]  vfs_fstatat+0x77/0xe0
[ 1315.222168][    C0]  __do_sys_newfstatat+0x9d/0x120
[ 1315.227162][    C0]  ? __pfx___do_sys_newfstatat+0x10/0x10
[ 1315.232775][    C0]  do_syscall_64+0x106/0xf80
[ 1315.237346][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1315.241992][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1315.247862][    C0] RIP: 0033:0x7fcac9b11b0a
[ 1315.252255][    C0] RSP: 002b:00007ffda74c7d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[ 1315.260644][    C0] RAX: ffffffffffffffda RBX: 000056138fb24418 RCX: 00007fcac9b11b0a
[ 1315.268608][    C0] RDX: 00007ffda74c7d60 RSI: 000056138fb12ef3 RDI: 00000000ffffff9c
[ 1315.276576][    C0] RBP: 00005613a69cf668 R08: 00064d1e3510523a R09: 0000000000000000
[ 1315.284538][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1315.292495][    C0] R13: 00007ffda74c7d60 R14: 0000000000000000 R15: 00064d1e3510523a
[ 1315.300463][    C0]  </TASK>
[ 1315.303471][    C0] rcu: rcu_preempt kthread starved for 7601 jiffies! g101097 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1315.314660][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1315.324632][    C0] rcu: RCU grace-period kthread stack dump:
[ 1315.330524][    C0] task:rcu_preempt     state:I stack:27832 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1315.342456][    C0] Call Trace:
[ 1315.345744][    C0]  <TASK>
[ 1315.348677][    C0]  __schedule+0xfee/0x6120
[ 1315.353101][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1315.358047][    C0]  ? __pfx___schedule+0x10/0x10
[ 1315.362898][    C0]  ? find_held_lock+0x2b/0x80
[ 1315.367578][    C0]  ? schedule+0x2bf/0x390
[ 1315.371912][    C0]  schedule+0xdd/0x390
[ 1315.375980][    C0]  schedule_timeout+0x127/0x280
[ 1315.380827][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1315.386197][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1315.391493][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1315.397295][    C0]  ? prepare_to_swait_event+0xdf/0x4a0
[ 1315.402756][    C0]  rcu_gp_fqs_loop+0x1a9/0x900
[ 1315.407523][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1315.412811][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1315.417744][    C0]  ? __pfx_rcu_gp_cleanup+0x10/0x10
[ 1315.422941][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1315.427701][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1315.433506][    C0]  rcu_gp_kthread+0x179/0x230
[ 1315.438183][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1315.443380][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1315.449187][    C0]  ? __kthread_parkme+0x18c/0x230
[ 1315.454214][    C0]  ? kthread+0x13a/0x450
[ 1315.458447][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1315.463646][    C0]  kthread+0x370/0x450
[ 1315.467711][    C0]  ? __pfx_kthread+0x10/0x10
[ 1315.472301][    C0]  ret_from_fork+0x754/0xd80
[ 1315.476889][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1315.481998][    C0]  ? __switch_to+0x7b4/0x1120
[ 1315.486676][    C0]  ? __pfx_kthread+0x10/0x10
[ 1315.491267][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1315.496043][    C0]  </TASK>
[ 1315.499054][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1315.505366][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1315.510567][    C1] NMI backtrace for cpu 1
[ 1315.510582][    C1] CPU: 1 UID: 0 PID: 1295 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1315.510602][    C1] Tainted: [L]=SOFTLOCKUP
[ 1315.510607][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1315.510615][    C1] RIP: 0010:unwind_next_frame+0xc08/0x1ea0
[ 1315.510636][    C1] Code: 0f 9e c7 40 84 f6 40 0f 95 c6 40 84 f7 0f 85 0a 0d 00 00 83 e0 07 38 c2 40 0f 9e c6 84 d2 0f 95 c0 40 84 c6 0f 85 f3 0c 00 00 <0f> b6 41 04 c0 e8 04 3c 01 0f 84 5f 08 00 00 3c 04 0f 84 7f 07 00
[ 1315.510649][    C1] RSP: 0018:ffffc90000a07cf0 EFLAGS: 00000246
[ 1315.510661][    C1] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffff920e088e
[ 1315.510671][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 1315.510679][    C1] RBP: ffffc90000a07da8 R08: ffffffff920e0892 R09: 0000000000000007
[ 1315.510688][    C1] R10: 0000000000000200 R11: 000000000008aa93 R12: ffffc90000a07db0
[ 1315.510697][    C1] R13: ffffc90000a07d60 R14: ffffc90000a08a90 R15: ffffc90000a07d94
[ 1315.510707][    C1] FS:  0000000000000000(0000) GS:ffff888124442000(0000) knlGS:0000000000000000
[ 1315.510722][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1315.510732][    C1] CR2: 000020000001a000 CR3: 000000005eaf5000 CR4: 00000000003526f0
[ 1315.510741][    C1] Call Trace:
[ 1315.510745][    C1]  <IRQ>
[ 1315.510751][    C1]  ? nf_hook_slow+0xbf/0x220
[ 1315.510770][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1315.510788][    C1]  arch_stack_walk+0x94/0xf0
[ 1315.510805][    C1]  ? nf_hook.constprop.0+0x2a6/0x750
[ 1315.510822][    C1]  stack_trace_save+0x8e/0xc0
[ 1315.510838][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1315.510857][    C1]  ? __lock_acquire+0x4a5/0x2630
[ 1315.510870][    C1]  kasan_save_stack+0x30/0x50
[ 1315.510889][    C1]  ? kasan_save_stack+0x30/0x50
[ 1315.510905][    C1]  ? kasan_save_track+0x14/0x30
[ 1315.510922][    C1]  ? __kasan_slab_alloc+0x89/0x90
[ 1315.510941][    C1]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1315.510959][    C1]  ? dst_alloc+0x99/0x1a0
[ 1315.510972][    C1]  ? rt_dst_alloc+0x35/0x3a0
[ 1315.510993][    C1]  ? ip_route_output_key_hash_rcu+0x87a/0x2870
[ 1315.511007][    C1]  ? ip_route_output_key_hash+0x118/0x2b0
[ 1315.511020][    C1]  ? ip_route_output_flow+0x27/0x150
[ 1315.511033][    C1]  ? ip_route_me_harder+0x562/0x1260
[ 1315.511049][    C1]  ? synproxy_send_tcp.isra.0+0x341/0x680
[ 1315.511067][    C1]  ? synproxy_send_client_synack+0x6ea/0x970
[ 1315.511085][    C1]  ? nft_synproxy_do_eval+0xa73/0xd50
[ 1315.511103][    C1]  ? nft_do_chain+0x2e8/0x1930
[ 1315.511122][    C1]  ? nft_do_chain_inet+0xee/0x340
[ 1315.511139][    C1]  ? nf_hook_slow+0xbf/0x220
[ 1315.511165][    C1]  kasan_save_track+0x14/0x30
[ 1315.511183][    C1]  __kasan_slab_alloc+0x89/0x90
[ 1315.511202][    C1]  kmem_cache_alloc_noprof+0x241/0x6e0
[ 1315.511219][    C1]  ? dst_alloc+0x99/0x1a0
[ 1315.511234][    C1]  dst_alloc+0x99/0x1a0
[ 1315.511248][    C1]  rt_dst_alloc+0x35/0x3a0
[ 1315.511265][    C1]  ip_route_output_key_hash_rcu+0x87a/0x2870
[ 1315.511282][    C1]  ip_route_output_key_hash+0x118/0x2b0
[ 1315.511296][    C1]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 1315.511312][    C1]  ? lock_acquire+0x1cf/0x380
[ 1315.511324][    C1]  ? find_held_lock+0x2b/0x80
[ 1315.511342][    C1]  ip_route_output_flow+0x27/0x150
[ 1315.511356][    C1]  ip_route_me_harder+0x562/0x1260
[ 1315.511374][    C1]  ? __pfx_ip_route_me_harder+0x10/0x10
[ 1315.511389][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1315.511406][    C1]  ? kmem_cache_alloc_node_noprof+0x2a9/0x6f0
[ 1315.511423][    C1]  ? kmalloc_reserve+0x148/0x350
[ 1315.511442][    C1]  ? __kasan_slab_alloc+0x50/0x90
[ 1315.511463][    C1]  ? __pfx_cookie_hash+0x10/0x10
[ 1315.511484][    C1]  synproxy_send_tcp.isra.0+0x341/0x680
[ 1315.511504][    C1]  synproxy_send_client_synack+0x6ea/0x970
[ 1315.511523][    C1]  ? find_held_lock+0x2b/0x80
[ 1315.511539][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 1315.511557][    C1]  ? net_generic+0xea/0x2a0
[ 1315.511577][    C1]  nft_synproxy_do_eval+0xa73/0xd50
[ 1315.511598][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1315.511616][    C1]  ? lock_acquire+0x1cf/0x380
[ 1315.511629][    C1]  ? unwind_next_frame+0x3be/0x1ea0
[ 1315.511647][    C1]  ? __pfx_nft_synproxy_eval+0x10/0x10
[ 1315.511667][    C1]  nft_do_chain+0x2e8/0x1930
[ 1315.511689][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[ 1315.511706][    C1]  ? ipt_do_table+0xd4f/0x1b00
[ 1315.511724][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1315.511739][    C1]  ? __local_bh_enable_ip+0x9e/0x120
[ 1315.511758][    C1]  ? __local_bh_enable_ip+0x9e/0x120
[ 1315.511774][    C1]  ? lockdep_hardirqs_on+0x78/0x100
[ 1315.511797][    C1]  nft_do_chain_inet+0xee/0x340
[ 1315.511814][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1315.511833][    C1]  ? __pfx_ipt_do_table+0x10/0x10
[ 1315.511852][    C1]  ? nf_nat_ipv4_local_in+0x181/0x730
[ 1315.511869][    C1]  nf_hook_slow+0xbf/0x220
[ 1315.511886][    C1]  nf_hook.constprop.0+0x2a6/0x750
[ 1315.511899][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1315.511915][    C1]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[ 1315.511928][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1315.511944][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1315.511960][    C1]  ? ip_rcv_finish_core+0x80a/0x2220
[ 1315.511980][    C1]  ip_local_deliver+0x163/0x1f0
[ 1315.511994][    C1]  ? __pfx_ip_local_deliver+0x10/0x10
[ 1315.512009][    C1]  ip_rcv+0x33a/0x3c0
[ 1315.512023][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 1315.512036][    C1]  __netif_receive_skb_one_core+0x197/0x1e0
[ 1315.512051][    C1]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 1315.512066][    C1]  ? lock_acquire+0x1cf/0x380
[ 1315.512079][    C1]  ? process_backlog+0x32a/0x1580
[ 1315.512094][    C1]  ? process_backlog+0x32a/0x1580
[ 1315.512106][    C1]  __netif_receive_skb+0x1f/0x120
[ 1315.512120][    C1]  process_backlog+0x37a/0x1580
[ 1315.512136][    C1]  __napi_poll.constprop.0+0xaf/0x450
[ 1315.512151][    C1]  net_rx_action+0xa40/0xf20
[ 1315.512167][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1315.512182][    C1]  ? sched_balance_domains+0x26c/0xd20
[ 1315.512205][    C1]  ? run_timer_base+0x121/0x190
[ 1315.512223][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1315.512239][    C1]  handle_softirqs+0x1eb/0x9e0
[ 1315.512257][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1315.512274][    C1]  ? __dev_queue_xmit+0x8a0/0x4800
[ 1315.512287][    C1]  do_softirq+0xac/0xe0
[ 1315.512302][    C1]  </IRQ>
[ 1315.512306][    C1]  <TASK>
[ 1315.512311][    C1]  __local_bh_enable_ip+0xf8/0x120
[ 1315.512327][    C1]  ? __dev_queue_xmit+0x8a0/0x4800
[ 1315.512339][    C1]  __dev_queue_xmit+0x8b5/0x4800
[ 1315.512354][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1315.512368][    C1]  ? finish_task_switch.isra.0+0x205/0xb80
[ 1315.512387][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1315.512402][    C1]  ? __lock_acquire+0x4a5/0x2630
[ 1315.512415][    C1]  ? ref_tracker_free+0x37e/0x6c0
[ 1315.512431][    C1]  ? do_raw_spin_lock+0x128/0x260
[ 1315.512446][    C1]  ? find_held_lock+0x2b/0x80
[ 1315.512462][    C1]  ? skb_dequeue+0x126/0x180
[ 1315.512479][    C1]  ? skb_dequeue+0x126/0x180
[ 1315.512497][    C1]  ? find_held_lock+0x2b/0x80
[ 1315.512513][    C1]  ? tx+0xa4/0x130
[ 1315.512527][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1315.512543][    C1]  ? __pfx_tx+0x10/0x10
[ 1315.512555][    C1]  tx+0xc4/0x130
[ 1315.512568][    C1]  kthread+0x1d8/0x3c0
[ 1315.512587][    C1]  ? __kthread_parkme+0xbb/0x230
[ 1315.512605][    C1]  ? __pfx_kthread+0x10/0x10
[ 1315.512623][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1315.512637][    C1]  ? __pfx_default_wake_function+0x10/0x10
[ 1315.512656][    C1]  ? __kthread_parkme+0x18c/0x230
[ 1315.512674][    C1]  ? kthread+0x13a/0x450
[ 1315.512686][    C1]  ? __pfx_kthread+0x10/0x10
[ 1315.512704][    C1]  kthread+0x370/0x450
[ 1315.512716][    C1]  ? __pfx_kthread+0x10/0x10
[ 1315.512729][    C1]  ret_from_fork+0x754/0xd80
[ 1315.512743][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1315.512757][    C1]  ? __switch_to+0x7b4/0x1120
[ 1315.512773][    C1]  ? __pfx_kthread+0x10/0x10
[ 1315.512786][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1315.512807][    C1]  </TASK>