last executing test programs:

57.23217649s ago: executing program 0 (id=273):
write$cgroup_devices(0xffffffffffffffff, 0x0, 0xffffffffffffffb2)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18050000000004000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000640)=r1, 0x4)
sendmsg$unix(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc000090)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000380)={0x24, &(0x7f0000000180)={0x60, 0x30, 0xe9, {0xe9, 0x22, "d21d89ef09f7e1b6b5bc35483154eefac46fe1b980325a41bbee6aa06e421e00101947bf853574d6dc005e5b6a3da71a0d306e6e1b95b5dd8e5f9d53f1a4440c97bd3502512b63e36b4c58dcf349106a537ce05e1a8e4d585b27e7f9cf40cfdb9068424548aa5d530c5194b9beed9f58fa9290e49cae216f81aaf58ce7a4a1f6e6fdf217c96b260ce148b23eb85a89df794539da53e4e8ed758ef8776f994105b44c3f13caaae5a6a3b06e646b9f16cac21071b9d3b8cf8564627e6092ee665436b1f9ce708776712f0dcd5e23c50aa97c02d05218da832deb27208a9f6d6824f91db01e4d97fb"}}, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xf0ff}}, &(0x7f0000000280)={0x0, 0x22, 0x12, {[@local=@item_012={0x0, 0x2, 0x3}, @global=@item_4={0x3, 0x1, 0x7, "ce272743"}, @global=@item_4={0x3, 0x1, 0x2, "a64f9d02"}, @global=@item_012={0x1, 0x1, 0x3, ';'}, @global=@item_012={0x1, 0x1, 0xb, "e6"}, @local=@item_012={0x2, 0x2, 0x1, "cf46"}]}}, &(0x7f0000000340)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8, 0x1, 0x1, {0x22, 0x480}}}}, &(0x7f0000000540)={0x2c, &(0x7f00000003c0)={0x20, 0x13, 0x2e, "7c5e466e4cd06da6dc36d3d1bf3cfd670ef17cc663728dd995b40ed4c8086c1c961ae91cfd037e81a968d95d0e11"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x7f}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000480)={0x20, 0x1, 0x43, "1ae7bb30f15af895c6feff7e1a8751ea16733e0cd5f89a844bac34601a1bf987760c6574d426961c4534c2c9d457c81741d79146b1e317e18c1268a6946ad85294f262"}, &(0x7f0000000500)={0x20, 0x3, 0x1, 0x3}})

54.05504171s ago: executing program 0 (id=285):
r0 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0500000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r3}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r2, @ANYRESHEX=r4, @ANYRES16, @ANYRES64=r4], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, &(0x7f0000000300)={'pcl812\x00', [0x83fb, 0x789b1c25, 0x29, 0x4, 0x5, 0xcc7, 0x8, 0x8d, 0x9, 0x0, 0x2, 0x1, 0x1, 0x1, 0x4000006, 0x81, 0x6, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x2, 0xb, 0xffc00004, 0x3c, 0x8, 0x100006, 0x3, 0xfffffff8]})
socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000480)=0x107e)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r9, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r9, &(0x7f0000000300)="ab", 0x1, 0x40000, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000280)='\x00', 0x1}], 0x1, &(0x7f00000001c0)=[@sndinfo={0x20, 0x84, 0x2, {0x6, 0x41, 0x5}}], 0x20, 0x4048800}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

53.141232698s ago: executing program 0 (id=288):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
close(r0)
fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_clone(0x2001100, 0x0, 0x0, 0x0, 0x0, 0x0)

51.671191281s ago: executing program 0 (id=292):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
socket(0x1e, 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000006a80), 0x1, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000008840), 0x0, 0x40000001, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000e207000700e00000020800020003000000080008"], 0x34}}, 0x0)

50.760041058s ago: executing program 0 (id=294):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
waitid(0x0, r1, &(0x7f0000000000), 0x2, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r2=>0x0})
r3 = syz_open_dev$loop(&(0x7f0000000c40), 0x4, 0x101200)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
setreuid(0xee00, 0xee00)
ioctl$IOC_PR_CLEAR(r3, 0x401070cd, 0x0)
sendto$packet(r0, &(0x7f0000000100)='\x00\x00\x00\x00', 0x4, 0x51, &(0x7f0000000080)={0x11, 0x8100, r2, 0x1, 0x6, 0x6, @multicast}, 0x14)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)

49.659028975s ago: executing program 0 (id=297):
fsopen(0x0, 0x1)
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_GET_TSC_KHZ_cpu(r0, 0xaea3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="180200000002000000000000000000008500000028000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7453c02000008000000b11da657b8230e4fd26466f53db70300000400000085000000060000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000600)={0x0, @sdr={0x3032344d, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
removexattr(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'ipvlan0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="740000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaabb000002000400d8928afb7028000008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r6], 0x74}}, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xfffffffd, 0x8, 0x0, 0x0, 0x0, 0x4, 0x200, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x8000000, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r7, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r7, 0x5501)

34.518540223s ago: executing program 32 (id=297):
fsopen(0x0, 0x1)
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_GET_TSC_KHZ_cpu(r0, 0xaea3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="180200000002000000000000000000008500000028000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7453c02000008000000b11da657b8230e4fd26466f53db70300000400000085000000060000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000600)={0x0, @sdr={0x3032344d, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
removexattr(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'ipvlan0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="740000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaabb000002000400d8928afb7028000008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r6], 0x74}}, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xfffffffd, 0x8, 0x0, 0x0, 0x0, 0x4, 0x200, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x8000000, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r7, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r7, 0x5501)

29.630708854s ago: executing program 3 (id=355):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r1}, @fd={0x66642a85, 0x0, r4}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000680)={0x8, 0x0, &(0x7f00000001c0)=[@decrefs={0x40046307, 0x1}], 0x1, 0x1000000000000, &(0x7f0000000340)="cb"})

29.287536201s ago: executing program 3 (id=357):
syz_open_dev$tty1(0xc, 0x4, 0x2)
socket$inet6(0xa, 0x1, 0xfffffffd)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = fcntl$getown(r1, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x4, 0x3}, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
chdir(&(0x7f0000000480)='./cgroup\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r4, 0x0, 0x0)
sendmsg$rds(r4, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000640), &(0x7f0000000680)=0x4)
r6 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x40b, 0x0, 0x0, {0xa}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @fwd={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x0, 0x1, 0x1, 0x0, 0xd}, @NFTA_FWD_SREG_DEV={0x0, 0x1, 0x1, 0x0, 0x9}, @NFTA_FWD_SREG_ADDR={0x0, 0x2, 0x1, 0x0, 0xe}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa9}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io(r6, 0x0, &(0x7f0000000380)={0x84, &(0x7f0000000000)={0x40, 0x3, 0x4, "000000d5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f00000001c0)=0x2)
unlinkat(0xffffffffffffffff, &(0x7f00000000c0)='./control\x00', 0x200)
rmdir(&(0x7f0000000040)='./control\x00')
setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, 0x0, 0x0)

25.377567358s ago: executing program 1 (id=367):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x202c3, 0x8)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f00000003c0)={0xd8, 0x0, 0xffffffff, 0x0, 0x4})
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000001"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x7, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0)
add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="050000007d00", @ANYBLOB], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x71, r5}, 0x38)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x26e1, 0x0)
r6 = syz_usb_connect$uac1(0x2, 0xb8, &(0x7f0000000100)=ANY=[@ANYBLOB="12010103000000106b1d01014000010203010902a600030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002200a000a00040c24020203020250800009010d2406050203078887000a00000924030101010505"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2000000000000046})
syz_usb_control_io(r6, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000980)=ANY=[@ANYBLOB="201532000000a530"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB="0000000014b4018321ee2d770000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

25.214755174s ago: executing program 3 (id=369):
syz_open_dev$tty1(0xc, 0x4, 0x2)
socket$inet6(0xa, 0x1, 0xfffffffd)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = fcntl$getown(r1, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x4, 0x3}, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
chdir(&(0x7f0000000480)='./cgroup\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r4, 0x0, 0x0)
sendmsg$rds(r4, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000640), &(0x7f0000000680)=0x4)
r6 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x40b, 0x0, 0x0, {0xa}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @fwd={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x0, 0x1, 0x1, 0x0, 0xd}, @NFTA_FWD_SREG_DEV={0x0, 0x1, 0x1, 0x0, 0x9}, @NFTA_FWD_SREG_ADDR={0x0, 0x2, 0x1, 0x0, 0xe}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa9}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io(r6, 0x0, &(0x7f0000000380)={0x84, &(0x7f0000000000)={0x40, 0x3, 0x4, "000000d5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f00000001c0)=0x2)
unlinkat(0xffffffffffffffff, &(0x7f00000000c0)='./control\x00', 0x200)
rmdir(&(0x7f0000000040)='./control\x00')
setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, 0x0, 0x0)

22.34236589s ago: executing program 1 (id=373):
socket$key(0xf, 0x3, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r2, 0x0, 0x0, 0x4008000, &(0x7f0000000040)={0x11, 0xe, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000030a030000000000000000000300000009000b0073797a30000000000900010073797a300000000014000480080002400000000008000140000000001c0008800c00024000000000000000000c0001"], 0xcc}}, 0x4)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000100)=0x60, 0x2)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000100)={@local})
ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, 0xffffffffffffffff)
ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000200))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x200000, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_usb_connect(0x5, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x92, 0xec, 0xc6, 0x20, 0x5ac, 0x77c2, 0xeb3a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x20, 0x0, [{{0x9, 0x4, 0xc4, 0x1, 0x2, 0xff, 0xfd, 0x1, 0x80, [], [{{0x9, 0x5, 0x2, 0x2, 0x210, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)

21.845414802s ago: executing program 2 (id=377):
r0 = syz_open_dev$loop(&(0x7f0000000280), 0xa4f, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_STATUS_ACCEL_DEV(0xffffffffffffffff, 0x40046103, &(0x7f0000000380)={0x1, 0x0, 0x4, 0x3, 0x2, 0xfe, 0x2, 0x40, 0x6, 0x3, 0x7, "2b6e0839ff06a368dea963f9cde886cdbe2b4fc87683c84088585b07693dc737"})
ioctl$PPPIOCSMRU(r3, 0x40047452, &(0x7f00000000c0)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r4, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000000)=0xc, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000004a00030000000000000000000a61"], 0x1c}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x1, 0x2000000000001]}})

21.307260886s ago: executing program 2 (id=378):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={0x20, 0x0, 0x1cf97d32b8445327, 0x9, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x38664066aeb96049}, 0x24000000)

21.024747211s ago: executing program 2 (id=379):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000094ae94405f0520c4336a000000010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=@framed={{0xc3, 0xa, 0xa, 0xfe00, 0x110, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0xe}, 0x94)

20.341793838s ago: executing program 3 (id=380):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket(0x1, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r3, &(0x7f0000000180), &(0x7f00000000c0)=@udp6=r2, 0x1}, 0x20)
bind$unix(r0, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x27)
sendmmsg$unix(r2, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000001580)=[{{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000980)=""/177, 0xb1}, {0x0}, {&(0x7f0000000dc0)=""/111, 0xf}, {0x0}, {&(0x7f0000000e40)=""/153, 0x99}], 0x5}, 0xd0000}, {{&(0x7f0000000f80)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f00000010c0)=""/233, 0xe9}, {&(0x7f0000000180)=""/191, 0xbf}], 0x2, &(0x7f0000001280)=""/210, 0xd2}, 0x7}], 0x2, 0x0, 0x0)
r4 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r5 = openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff)
close(r5)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r6 = memfd_secret(0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r6, 0xc0106434, &(0x7f0000000000)={0x14000, 0x0, 0x2})
sync_file_range(r0, 0xffffffffffffa525, 0x7, 0x3)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r8, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
futex(&(0x7f0000000400)=0x1, 0xb, 0x0, &(0x7f0000000200), &(0x7f0000000240)=0xfffffffe, 0x1)
semget$private(0x0, 0x1, 0x82)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r10, 0x6, 0x20, &(0x7f00000004c0)=0x8000, 0x4)

19.795536624s ago: executing program 4 (id=381):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0xffff0f00, 0x0, 0x0, 0x1, 0x5, 0x10, 0x0, 0x3, 0x1}]}}, 0x0, 0x2a, 0x0, 0x1}, 0x28)

18.831819611s ago: executing program 1 (id=382):
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000240)={0x0, ""/256, 0x0, 0x0, <r0=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000004c0)={"58a9d158ef1100", 0x0, r0, {0x9, 0x956}, {0x7fffffff, 0x1ff}, 0x6, [0xc4a8, 0x735, 0xffff, 0x2, 0x5, 0x2, 0x4, 0x6c74, 0x3, 0x85, 0x2, 0xe, 0x101, 0x3, 0xffffffff, 0x2]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000380)={0x1, 0x0, [{0x40000118, 0x0, 0x400}]})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x88000)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, &(0x7f0000000940))
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/clear_refs\x00', 0x1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x3e, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd64fde9e200080000fc01000000000000000000003b0000ffff"], 0x0)
close_range(r5, r4, 0x2)
sendmsg$NFNL_MSG_ACCT_NEW(r5, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c0000000007010400000000000000000a0000080c00034000000000000000050c000240000000000000000f0c00064000000000000001000c000640010000000000000000070900010073797a31000000004f38f13f385842d2e704e41c3ba78e02c00fb05c1ce0686612b0d8092f90b88f9d21a3332b6cd439597bb359553602ce8fb26f78921983bac146b7d7ca5c27c9e83e63"], 0x5c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

18.679143896s ago: executing program 4 (id=383):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000040)=[@ip_tos_u8={{0x11, 0x0, 0x7}}], 0x18}, 0x40010) (fail_nth: 1)

18.541662s ago: executing program 1 (id=384):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r0 = socket(0x11, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8918, &(0x7f0000000480)={'veth1_macvtap\x00', {0x2, 0x80, @multicast1}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0xffffffffffffffee)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x19, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3f00}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000020000008500000086", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r6, r3, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000380)={@link_local, @random='@\x00', @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "108114", 0x8, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)

18.04727237s ago: executing program 4 (id=385):
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000ffd000/0x3000)=nil, 0x1000, 0x0, 0x11, r0, 0x83000000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x18c)

17.88322526s ago: executing program 2 (id=386):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@newlink={0x64, 0x10, 0x1, 0x1070bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x42188, 0x2100}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x6, @broadcast}}]}]}]}, 0x64}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$peeksig(0x13, r1, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be5216344841", 0xe}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3", 0xa3}], 0x3}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

17.615070371s ago: executing program 4 (id=387):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000240)=[{0x0, 0x0, &(0x7f0000000000), 0x2, 0x0, 0x0, 0x4040}, {0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000004c0)="654daaa956ff4fe8021607c76fd5b67b2ebc4d1c07f1a2f6b64a10ee1a0f55116451c5406b96565ced0cf04f45c27e141ff62d079b2928634034edb72cd917689f00c78356635df2258eea05800095fb3d44deb960994a7901ef3ffade0eb195eb7c2a456cca6818e62ae26b648b51f84baeea2d85fe1a938d13a6cbf55d09268ea8fe7e1bed9ac94960d586e718c2eb64296e628416025d960944d6e1bd9f5dbf188f8c7fc5f583916bcca90ff0b0ef4563f544a9e44c24c62314963e6f7a0ef050bcad3af1cefebbc7506d1608a554e5503c9e57274d2072aaaedafa84a12ae8675045f87b5ad28efe73f81f0a4bf991c3aff5363744c95f00a46a4cd5023790b62fe2c4c85d42ee13eb2680160600df4893d74eda71fbff39c0b9de0e57947b634e5ee3133dfdf0adbaa1c7bbfdb8501a3136a9006546eda676dfe9c60d59d516bb0b1afd348316a83c55dead69a0fdb6df4d16eed0f0d431b6a765e2efc17dea32faee411f82a67690513037c094c5d17c86c0d0577cd047e46fb48351a3653008f5bc07f4b254a62a0ce705ca9cc9e832b8b30ffa81353e9d76c99a0622064b1fce68cb838854d38c9dcac159bd332ce19cf77ace3ab332f5442d8432c93e3ee911b01f385189ce8f604d088f1b9c254b5b087979ae18aaff0c54b9de181ad5fefed0c4a23447c86be09fe0920963b2ba237f36d57741e71fa95c3a7b0c72df015c85bb9cb2d51a7d70bd5588ce9834e53aae9b2354ca6053780cf81a703b66fa8f733874fb3837241b99848beba23ca18348aab3772b5f981f36f99786f830ad603639c0319878671b79f83f07e8a453cee4ab31e1a733b578b2b8cdcfeea860354d66d7d307dcf9257c1c5d1d7eca073aec9138d5cdb664aa60864925e68b12e71d162c4488c0972a313298709a9337a31ee56b35e7425d56e6fe6e6a9d916b881b1001201020431d775f964467e4057f67b245857893ce6aac7b56453a5d714e665f93b564969e5acf7e7c7d78296c6f10cbb3c6652f9984bd572e1dc39ba46649a343c30fed30e62517a4434289388214d222393d8c9e4d9e3f3d5222f23e39e874b967e20d902f990d29c06f6824aa40d1e062d5eab1bbe03764791f54e11f2c7c99de1b1bce6a80b14c00c0770551b6c058e7a5e6111f9f3aae7352f3819affa37d42769e58b72a81f32949a725e3987b0220313ce3b3f07b2fcfbe1786179742ed20f49259358fb9b8ad188280ae10bf62d60cc895d734d3b0d981cd29ea4e298e288387572c655d3e993f17c2bbe8835d19eaff9f81f03e8c6e87569e52a1526882de24973b034f9e6c207cdf8277ec01d652c6c7a8006721132e9adff4c08635ebfb08e5fea26c101c16b6e4321fbedb63fc490552dd2021e2ae801e2977047e086d8f3c808988f3f806f554577544247902ad64fa812b3aab8e6157a04e985b760cca29690ff8fd707f048f35b4b7ae6d99d851bdb3cbd767ff5979d4ca79236931654affc46f52009f6ab0ea99a62bb2881b2722245fca67d5be76d51659f5a0b010c7b1ff324411260c1601d0d51abe2a9547b5f1a58d66094a04ab9e342dd83baeada109794ac804a35234b2ba96b880480b662ea929f4131211f4e785ba9a0d31e32f5cbfbf52152251729402a1b9881ba78d26fce336caec78f8f5a9b4f592511a187a2f467512da2483fdd23310b6939c4af4d01f8d1580b22ce84ec009b24bec44c45d859fde35d4cc85f85c02a260b24684eb91f7a8299e02494b036424947336857591bc75e5243c0fe33a654acae5237ff8f2918a717d6f687764359945cadc591770a19093e1bf53931ed30ada35d5e5663d37cef152f695476d13033732203c30494f906cc889a07e408899cae90856f28d169c43d0f98ddc6a3a9fb9024c3ac8a20cf10e418aa83892332c4f5e66f03d8466036446ff768a3cfdccbbc5e1c31a66fdce2df5447c7f9703c2ec6a8dd86df3691ce6c37fb14c99b1d34eb38b187ba9ea6b1964c8b53f6c5f811f5182690a33114697bd501512441758e1d2d10f1a262ddef0cf1174f8c9e53276050a94a9fe048d99f2bcc5eaf328a210c82b03ad7e370f952fc2eb4a24ccd1472320187536066d082022f51421e08af98d17a3c285d10e6ae48785a665ee63c315637412e318121437c58f77651889e106e9721d64120d69f4f45c694db6fc61eeca437a2b9f3c7087a246897f19dbefd8d742f68354eeb22371b471ab695d088a0f415e12f7d0af953f8e1e86ad18d54b73904aeb940bf09b463eb2556ce704b483787474316e49af8f2303ae9ffd56b86d5eedae036a939afbb724f8d6d51d7978ad9a8266564802bfbea0e8c8680deb2efd2b6e92d3cdd05c25ddfe22cdfb71d7ebe2e27fa9e2ee7a22aae01c7048d050b5ae1c591e5d988e2530d16fada097c4779d802f77e29b6e45a2d10494df170f84df7103a8dfcea4765ba37370ad77f7d52da1914920891648a5e532feb57780e0d7c84b29be7ab42496cdaafb3187b31487f84fbd8763da30399cf83f7edc8f93bb87f6f337973598c3881cac262bfaba92ab7993c095dd421c720002e8a6b328c91a0ad4103c0d9ba38b217a8e355cc3d4ed2b7d8db46cbdb7d6cffed13f1085d31a88ddf5eca422c984d078fef9ca6c82db7506896003bda2e8efb2b2e00d9be91604c55008022241d7b979332c9ed39c257cf5bd8930432438fc0e083eb5a8f7e913d21fd2a23efe288293521542218b420bd6a4c75e398f179ddccf47aba08eefd38dea6d96b2b5de0c6cceaec08d391420bd655c0e19622e9d2a72815adfde9b4e5c6c2718eddda593f0ff6df07d77488ee96b5e80f1100d76c124398f727f170daaaee93f56b40566514f38e18a13e90ee2e60e90c769ae268bce0397cd3ab4d7408d98d7d2fa1fce6e4589713992c0148fe5f35c1f8bec2a2c75522fa838c9ba0ec283812867e944482609be285ecf8713f4333121bd83161b07a5d91f48a5fc9562153a1323a53a931434b42268ec2c9c15ba7b1c88e20eb27fe76be8d095e9defa7ebc6c0a59e450a07d2488c68852744df24f8ca15bb3a8520a6e9456f0132f182f3da2ee8e960598178013bbefbac2675e61c1c4ac4058dec6a68c0d1f4dfb71ea05118ffbffa29052c02014bf5e1d3d7a909a6154dc62243b0dae3b3d7fb358601433113804bba3eb2ff46144f1975e2ce5b8d6a50ea1dc2e6b1bec0a1c5bb9c8845def32da7233fb257254fec1ef99280be936d175ae219fed8fa76c086b7b7534c198d95bc622927a354e692cb9dbfbde79a3feb4ae85550d50ab9568f35d8a69b8c3ff5dd8a36c275c49ca13db98d9cb270d99e7f9bfa6ea96f0aaf8458da958c8ef677e47a2bbba6118986283f83c4574af1be5b870a3c86fa95edf63344a533fa4a48e34dd7aa1fe934928a974d7c1d9df0a5ccdf653a6eda3d15d63b05a8ef217c3d541deafce4282826da1e485edf578be8c6744a89c532e44cdafae0c812a4595253e51a83228678226d75b74a7a7f97fadb2829eeea9361984ae253f9dd2711acd0f8fc30fa9d3b8323d3d89a3386c0e470cfa589426de75161169016ae3e1583861b71e50f75ef7e0c022180213748d0ea9b9de9bb362288cac5c30dbc0c8433d435de12d27a4c72a6dc8898e96ef3603ce487d7258d09dc699e0f3e9bb1f37efb31c75d285993a7ed452dd7b7ac63ac1811233dea6745775c1c4d72f802c73eb3731a031fd7fff8ddf541e71c27715f34d4b3a89f416efd9ef1ccf0e3f947e892b41e1dd5a2fbdeec457916adf2bcfd103860d22d9c84d58eb2cf5ff28c2245282d7b57c04bc2ae45296e27b4b752ededde7b8ce17e87e17d0b61e98109ab251a09cf8cb053f5be1e26a2a280a0c5347a426bd9003bd5061205518e1b201ded04e30a627b531888ed1a175cb3e2d25c32019fd576699e7e74b6c7a2b92c70213e0237a6c4f1698387e6fcac22f9022b017285daa5d17abf351aa272a920f742f9ffc7afeb073c145c926edca3d14a4a6627f6a8f6964247b83cedcbca0cff4f1a6b97771d49dc23424c5c5acc0612dd8cce28791be8fb595389dd63a6baca0acf47c37a533a535460eead0c16652a2220cd71f2fd869876a085588e0099bd3db16dfc570d75e42a8b4ebfa48b13e482c0f804f3288ef98b14c4ec04a2dde88a8756fad696ca4db29f1c4f81d0cc2a91d1129c14b6cafb57072fbefab6ab2f4768199a119e6af4a020f0cfc92472b806bc144646874631ebf152cbd69cdaf9a88251ec7bb244de6fad6f716f1c1bc5dabc7a2d693ca868eeb3f2c2f67e3020366a1cfe740d9e80788cbd05970a35053695789c0ce9b94e348e68af1f507c4b56101bf5a8512e03d834fc652cf2311bd27b23eeb2434c9f76f6b09c3bf3c57e2b335258f1363219761b80c721528ae1600ebff4d9d4f49b3d39e2530a98d189a8f8fea327fefb57075b851a0eaaff8bb4a66d218eb085c32e1a33ec5908aa990e57fee0446d4a094f53391e31ecf3f9fa12393511e417424db89a8d5b668e92efc488553d4cbc26e6c0329ca3b10679f09bba84e54dec3199dedc9f478497fade14fb25abecb6c3c94c5916db12280a541c1bb22962fd5883a1edf1a3c26c6b5abaca222be983152e316a7979d959d809e0e3240a18372a5d127cbf63fb3e50fe0827c1edb50f56be08221a77add12e0e04d599dfe285800d73fe969690b56a1f4065054c50df675c5b211b3fc015b0c5987be505d4363425dd867a804d102e20b585865a055bd57c911e0d502ed621b02cd337df6ad4a08e2cd333704dc2bc2f624666c9db4e881314368e8603aafc9b1b7ec958f969ba9c220e07b32f924285b47e0d1c85ec9a2fc07910902a52e50f365ea7e6eabf81c17c30f4e84edc331455b9b0426bb04a949a14f55951895c1faded01711648058a70ada6435e8b1149386f34e81f9130a2787bd8b5acbeba1bab86ee1332853d644e94d71764df55bbb21862cfaf5727e3d261928cc7a6ff2c42cfbd5aaae30e39e31d7f1c47b1e45f50dbc9cad455f9b97961fe803025d03210a44c88b8a0566dddc72cd122dd1886179ef7384ae735b10e33b7cb1958bc163396ab8c8292cb58bf2707b81ab9ce331784f7a75aa2a5d1855ef5969c12eada9ae2eec2f27e4a996f54148b904f0c8bdd2b57357deb5d3d4b327a3db553094197fe4340732973068bc355ef025ef10cb711172a770d31ef88972b09f44b74bda993204069256390d05ca50465a88e18518f4fee18f4259d5233624763304c41d45a939546f6fd8476fd2f8e2aeb22451e4114f07c7d4f611f8aac4142ea3fb7a669fde56dd2bf5ae664d4e15045bd121a8bdb5b5d4bc480ad6cd6c40b6ec977f4f73a56d6f1a4e08e6fbd090b5a96c3b4a7fd0a06d1d9de7c8fb12012c1b28009e5b107a705efd89618a983283b03f52d3640293f7c69a2b6e4923ef92d313491d9c85a35a37ae79effe77a3774a376e065b2950fa7c0fcc32890d101e2c3af264b8f1fee750fb84e34c2e0d4fd00f3026cc0a3c2592c52cb89dbc25cbe4d1161770b49cb0df8d12be1c91af32f6259a6ad3aa42fea75ce27970315f4b3149988ac26fb60ab231f75f317681a126c3a433fed35ac4ea1f4aeedbcd3da8758bafb896eaab2c982527085b3a01a1f5fae884b147ed3cf1a01cb0573232927764dc3e79a1e5a2709716f274dcbe3956ff435b38673d1f7f27fd3f7050f443544e360b272b60adf0d30c1924525a04e832f31a539960711863ef"}]}], 0x1, 0x40800)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
r5 = pidfd_getfd(r4, r4, 0x0)
setns(r5, 0x66020000)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)=@o_path={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x18)

17.461416674s ago: executing program 4 (id=388):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffff274}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x3e, &(0x7f0000000300)=ANY=[@ANYBLOB="0180c20000002059249b379086dd60108114000811"], 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000005200010028bd700000020000020000000c0001000100000000000000c7ea40e07cf1ead91401c7848e7841fe6e438584b796940fe083c53724bcfbe62e12ae1dd03d02628b1d484247a162e9b61994f49a1e7c02e3a5ced7a477"], 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e20, @local}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e20, 0x4000b, @empty}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e0b06"], 0xe)
r5 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r6, 0x119, 0x1, &(0x7f0000000000)=0x2, 0x4)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x88004610}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x1404, 0x300, 0x70bd2d, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0xc0}, 0x34)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0x7, 0x4)
syz_emit_ethernet(0x2e, &(0x7f00000000c0)={@local, @random='\a\x00\x00\x00#{', @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0xc7, 0x11, 0x0, @empty, @empty, {[@rr={0x7, 0x3, 0xd}]}}, {0x1, 0x4e20, 0x8}}}}}, 0x0)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, 0xb, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x9}]}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x5}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x60000010}, 0x4000000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)

16.985993331s ago: executing program 4 (id=389):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1c, 0x0, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x50, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x0, 0x2e, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xfffffff7}]}, 0x33}, 0x1, 0x0, 0x0, 0x4084}, 0x4805)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = socket$unix(0x1, 0x2, 0x0)
shutdown(r4, 0xb403dc3ee651df83)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0x2, 0x2, 0x1)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r7, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8c, 0x870, 0x1, 0x2, 0xd59f82, 0x19f5, 0xacc, 0xb, 0x0, 0x8, 0x27fd, 0x2800, 0x440, 0x3, 0xd, 0x22, {0x45, 0x80}, 0xcd, 0x3}})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001840)=@bpf_ext={0x1c, 0x2, &(0x7f0000000300)=@raw=[@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}], &(0x7f0000000340)='GPL\x00', 0xfffffc00, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x3, 0x3, 0x9, 0xc}, 0x10, 0x2469, r9, 0x0, &(0x7f0000000480), 0x0, 0x10, 0x878}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000002000000000008000400"], 0x38}}, 0x10)

16.833926714s ago: executing program 1 (id=390):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x3}, 0x18)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x9, [0x9, 0xf, 0x7dc, 0x0, 0x6, 0x1]})
r1 = socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='devpts\x00', 0x10000, &(0x7f0000000180)='max')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES32=r2], 0x7c}}, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x400000000000235, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x15)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r5, 0x6, 0x0, 0x0, &(0x7f0000000bc0))
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000006c0)="5c00ff0013006bcd9e3fe3dc6e48aa310b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4014)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x400c084)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
fstat(r6, 0x0)

16.500104869s ago: executing program 3 (id=391):
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x81, 0x0, 0x9, 0xfffffffffffffffd, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000140)={0xc})
add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="d80000001b0001000000000000000000fc00000000000000", @ANYRES32=0x0, @ANYBLOB], 0xd8}, 0x1, 0x0, 0x0, 0x4044001}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r5, @ANYBLOB="08002600851600000a00180000000000000000001c005a"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc0044}, 0x4040005)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
munmap(&(0x7f0000001000/0x1000)=nil, 0x1000)
connect$vsock_stream(r6, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

16.435646333s ago: executing program 2 (id=392):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, 0x0, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x3921)
ioctl$BLKRRPART(r2, 0x125f, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120020000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@setneightbl={0x14, 0x43, 0x1, 0xffff7ffe, 0x0, {0xa}}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000080)='./file0\x00')
setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000200)=0x3, 0x4)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
r7 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
utime(&(0x7f0000000240)='./bus\x00', &(0x7f0000000340)={0x1, 0x100})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000005c0)={r8, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

15.754710641s ago: executing program 2 (id=393):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)

15.742580262s ago: executing program 1 (id=394):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x8004e500, &(0x7f0000000040)={0x0, 0x85, 0x5, 0x1000000, 0x3})

15.251176934s ago: executing program 3 (id=395):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf000000)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000003c0)={0x0, 0x94a, 0x0, 0x0})

1.500993815s ago: executing program 33 (id=389):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1c, 0x0, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x50, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x0, 0x2e, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xfffffff7}]}, 0x33}, 0x1, 0x0, 0x0, 0x4084}, 0x4805)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = socket$unix(0x1, 0x2, 0x0)
shutdown(r4, 0xb403dc3ee651df83)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0x2, 0x2, 0x1)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r7, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8c, 0x870, 0x1, 0x2, 0xd59f82, 0x19f5, 0xacc, 0xb, 0x0, 0x8, 0x27fd, 0x2800, 0x440, 0x3, 0xd, 0x22, {0x45, 0x80}, 0xcd, 0x3}})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001840)=@bpf_ext={0x1c, 0x2, &(0x7f0000000300)=@raw=[@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}], &(0x7f0000000340)='GPL\x00', 0xfffffc00, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x3, 0x3, 0x9, 0xc}, 0x10, 0x2469, r9, 0x0, &(0x7f0000000480), 0x0, 0x10, 0x878}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000002000000000008000400"], 0x38}}, 0x10)

498.399092ms ago: executing program 34 (id=394):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x8004e500, &(0x7f0000000040)={0x0, 0x85, 0x5, 0x1000000, 0x3})

467.195165ms ago: executing program 35 (id=393):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)

0s ago: executing program 36 (id=395):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf000000)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000003c0)={0x0, 0x94a, 0x0, 0x0})

kernel console output (not intermixed with test programs):

   77.592647][   T30] audit: type=1400 audit(1758270609.277:184): avc:  denied  { setopt } for  pid=6110 comm="syz.2.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   77.699029][ T1539] usb 4-1: USB disconnect, device number 2
[   77.956605][   T30] audit: type=1400 audit(1758270609.437:185): avc:  denied  { create } for  pid=6116 comm="syz.0.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   78.005560][ T5923] usb 5-1: Using ep0 maxpacket: 32
[   78.027797][ T5923] usb 5-1: too many configurations: 17, using maximum allowed: 8
[   78.063755][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   78.101455][ T5923] usb 5-1: config 0 has no interface number 0
[   78.138831][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.186206][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   78.234926][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   78.265055][ T5923] usb 5-1: config 0 has no interface number 0
[   78.266624][ T1539] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[   78.293394][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.333939][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   78.368712][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   78.398969][ T5923] usb 5-1: config 0 has no interface number 0
[   78.430026][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.456041][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   78.495662][ T5863] Bluetooth: hci2: Opcode 0x0401 failed: -110
[   78.500095][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   78.519293][ T5863] Bluetooth: hci2: command 0x0401 tx timeout
[   78.531877][ T5923] usb 5-1: config 0 has no interface number 0
[   78.686459][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.699367][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   78.714669][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   78.782335][ T5923] usb 5-1: config 0 has no interface number 0
[   78.809714][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.834361][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   79.273777][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   79.301937][ T5923] usb 5-1: config 0 has no interface number 0
[   79.310106][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   79.355575][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   79.420161][ T5923] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   79.566280][ T5923] usb 5-1: config 0 has no interface number 0
[   79.572421][ T5923] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   79.885601][ T5916] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   79.925734][ T5923] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   80.055534][   T44] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[   80.159559][ T5916] usb 3-1: Using ep0 maxpacket: 16
[   80.165004][ T5923] usb 5-1: unable to read config index 7 descriptor/start: -71
[   80.195596][ T5923] usb 5-1: can't read configurations, error -71
[   80.222198][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.256390][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.269329][ T5916] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   80.288196][   T44] usb 4-1: unable to get BOS descriptor or descriptor too short
[   80.302455][   T44] usb 4-1: not running at top speed; connect to a high speed hub
[   80.338982][ T6142] kvm: pic: non byte read
[   80.344654][ T6142] kvm: pic: non byte read
[   80.350082][ T6142] kvm: pic: non byte read
[   80.356085][   T44] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   80.387097][ T5916] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   80.407292][ T6142] kvm: pic: non byte read
[   80.411852][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.430249][ T6142] kvm: pic: non byte read
[   80.438221][ T6142] kvm: pic: non byte read
[   80.442612][   T44] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   80.465952][ T5916] usb 3-1: config 0 descriptor??
[   80.475816][ T6142] kvm: pic: non byte read
[   80.491488][ T6142] kvm: pic: non byte read
[   80.511200][ T6142] kvm: pic: non byte read
[   80.516663][ T6142] kvm: pic: non byte read
[   80.587185][ T5863] Bluetooth: hci2: command 0x0401 tx timeout
[   80.643591][   T44] usb 4-1: string descriptor 0 read error: -22
[   80.661303][   T44] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   80.726794][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.876635][   T44] usb 4-1: 0:2 : does not exist
[   81.033510][   T30] kauditd_printk_skb: 7 callbacks suppressed
[   81.033544][   T30] audit: type=1400 audit(1758270612.757:193): avc:  denied  { ioctl } for  pid=6144 comm="syz.0.45" path="socket:[8938]" dev="sockfs" ino=8938 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   81.076756][ T6145] veth0: entered promiscuous mode
[   81.277464][ T6146] block nbd2: Attempted send on invalid socket
[   81.283778][ T6146] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   81.293920][ T6146] SQUASHFS error: Failed to read block 0x0: -5
[   81.302148][ T6146] unable to read squashfs_super_block
[   81.541088][ T6147] netlink: 33932 bytes leftover after parsing attributes in process `syz.0.45'.
[   81.555621][ T6147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.579073][   T92] cfg80211: failed to load regulatory.db
[   81.585632][ T6147] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.604195][ T5916] usbhid 3-1:0.0: can't add hid device: -71
[   81.610928][ T5916] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   81.620350][   T30] audit: type=1400 audit(1758270613.347:194): avc:  denied  { create } for  pid=6144 comm="syz.0.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   81.631002][ T5916] usb 3-1: USB disconnect, device number 2
[   81.776299][ T6147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.789341][ T6147] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.937014][ T6152] netlink: 'syz.1.46': attribute type 21 has an invalid length.
[   82.240524][ T6152] netlink: 144 bytes leftover after parsing attributes in process `syz.1.46'.
[   82.275546][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   82.328435][   T44] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[   82.343158][   T44] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[   82.361619][   T44] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[   82.409501][   T44] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[   82.440856][   T44] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[   82.483784][    T9] usb 1-1: Using ep0 maxpacket: 32
[   82.500108][    T9] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[   82.516668][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   82.531618][    T9] usb 1-1: config 0 has no interface number 0
[   82.548976][   T44] usb 4-1: USB disconnect, device number 3
[   82.563040][    T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   82.586730][   T30] audit: type=1400 audit(1758270614.307:195): avc:  denied  { write } for  pid=6153 comm="syz.1.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   82.605816][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.605841][    T9] usb 1-1: Product: syz
[   82.605855][    T9] usb 1-1: Manufacturer: syz
[   82.605868][    T9] usb 1-1: SerialNumber: syz
[   82.610783][    T9] usb 1-1: config 0 descriptor??
[   82.701911][    T9] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   82.727280][   T30] audit: type=1400 audit(1758270614.457:196): avc:  denied  { bind } for  pid=6156 comm="syz.2.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   82.750592][ T6157] Unsupported ieee802154 address type: 0
[   82.947449][   T30] audit: type=1400 audit(1758270614.677:197): avc:  denied  { write } for  pid=6144 comm="syz.0.45" name="video3" dev="devtmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   83.123401][   T30] audit: type=1400 audit(1758270614.847:198): avc:  denied  { mounton } for  pid=6163 comm="syz.3.51" path="/9/file0" dev="tmpfs" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   83.205796][   T30] audit: type=1400 audit(1758270614.927:199): avc:  denied  { setopt } for  pid=6167 comm="syz.1.53" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.261820][ T6169] process 'syz.3.51' launched './file0' with NULL argv: empty string added
[   83.314950][   T30] audit: type=1400 audit(1758270614.927:200): avc:  denied  { read append } for  pid=6167 comm="syz.1.53" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   83.370118][    T9] usb 1-1: qt2_attach - failed to power on unit: -71
[   83.372918][   T30] audit: type=1400 audit(1758270614.927:201): avc:  denied  { open } for  pid=6167 comm="syz.1.53" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   83.378358][ T6144] veth0: left promiscuous mode
[   83.420717][    T9] quatech2 1-1:0.51: probe with driver quatech2 failed with error -71
[   83.461325][    T9] usb 1-1: USB disconnect, device number 3
[   83.479520][   T30] audit: type=1400 audit(1758270614.927:202): avc:  denied  { ioctl } for  pid=6167 comm="syz.1.53" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x7006 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   84.256482][ T1539] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   84.617428][ T1539] usb 2-1: Using ep0 maxpacket: 32
[   84.912852][ T1539] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   84.948256][ T1539] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[   84.965532][ T1539] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.973862][ T1539] usb 2-1: Product: syz
[   84.994675][ T1539] usb 2-1: Manufacturer: syz
[   85.019654][ T6188] input: syz1 as /devices/virtual/input/input6
[   85.039082][ T1539] usb 2-1: SerialNumber: syz
[   85.082447][ T1539] usb 2-1: config 0 descriptor??
[   85.144610][ T6193] netlink: 'syz.0.60': attribute type 1 has an invalid length.
[   85.219199][ T1539] plusb 2-1:0.0: probe with driver plusb failed with error -22
[   85.439665][ T6195] can0: slcan on ptm0.
[   85.894850][ T6196] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.944736][ T6180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.958558][ T6180] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.135866][ T6189] can0 (unregistered): slcan off ptm0.
[   86.819080][   T30] kauditd_printk_skb: 17 callbacks suppressed
[   86.819110][   T30] audit: type=1400 audit(1758270618.547:220): avc:  denied  { append } for  pid=6198 comm="syz.3.61" name="001" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   87.150441][   T44] usb 2-1: USB disconnect, device number 2
[   87.316551][ T1539] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[   87.333748][ T6212] netlink: 12 bytes leftover after parsing attributes in process `syz.2.64'.
[   87.498100][ T1539] usb 5-1: unable to get BOS descriptor or descriptor too short
[   87.518442][ T1539] usb 5-1: not running at top speed; connect to a high speed hub
[   87.538979][ T1539] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   87.555864][ T1539] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   87.573894][ T1539] usb 5-1: string descriptor 0 read error: -22
[   87.582589][ T1539] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   87.607097][ T1539] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.645557][ T5909] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   87.735909][ T1539] usb 5-1: 0:2 : does not exist
[   87.845614][ T5909] usb 4-1: Using ep0 maxpacket: 16
[   87.853690][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.865417][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.882791][ T5909] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   87.905560][ T5909] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   87.931439][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.297116][ T5909] usb 4-1: config 0 descriptor??
[   88.484990][ T1539] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[   88.487688][   T30] audit: type=1400 audit(1758270620.207:221): avc:  denied  { create } for  pid=6230 comm="syz.0.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   88.502098][ T1539] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[   88.521167][   T30] audit: type=1400 audit(1758270620.217:222): avc:  denied  { getopt } for  pid=6230 comm="syz.0.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   88.540509][ T1539] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[   88.605590][   T30] audit: type=1400 audit(1758270620.317:223): avc:  denied  { ioctl } for  pid=6234 comm="syz.2.71" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   88.657978][ T1539] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[   88.681165][ T1539] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[   88.802384][ T1539] usb 5-1: USB disconnect, device number 5
[   89.303798][ T6241] block nbd3: Attempted send on invalid socket
[   89.310157][ T6241] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[   89.319455][ T6241] SQUASHFS error: Failed to read block 0x0: -5
[   89.325658][ T6241] unable to read squashfs_super_block
[   89.425236][ T6242] block nbd2: Attempted send on invalid socket
[   89.431605][ T6242] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   89.442410][ T6242] SQUASHFS error: Failed to read block 0x0: -5
[   89.452991][ T6242] unable to read squashfs_super_block
[   89.563674][   T30] audit: type=1400 audit(1758270621.277:224): avc:  denied  { mount } for  pid=6243 comm="syz.4.73" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   89.790158][   T30] audit: type=1400 audit(1758270621.287:225): avc:  denied  { block_suspend } for  pid=6243 comm="syz.4.73" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   89.824266][ T5909] usbhid 4-1:0.0: can't add hid device: -71
[   89.830364][ T5909] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[   89.840767][ T5909] usb 4-1: USB disconnect, device number 4
[   90.048119][   T30] audit: type=1400 audit(1758270621.767:226): avc:  denied  { mount } for  pid=6230 comm="syz.0.70" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   90.061796][ T6236] netlink: 12 bytes leftover after parsing attributes in process `syz.0.70'.
[   90.305687][   T30] audit: type=1400 audit(1758270622.017:227): avc:  denied  { setattr } for  pid=6250 comm="syz.1.74" path="/dev/mixer" dev="devtmpfs" ino=1293 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[   90.707194][ T6257] netlink: 36 bytes leftover after parsing attributes in process `syz.4.76'.
[   90.904275][   T30] audit: type=1400 audit(1758270622.627:228): avc:  denied  { ioctl } for  pid=6256 comm="syz.4.76" path="socket:[10013]" dev="sockfs" ino=10013 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[   91.413895][ T6262] netlink: 'syz.3.77': attribute type 11 has an invalid length.
[   91.457220][   T30] audit: type=1400 audit(1758270623.137:229): avc:  denied  { write } for  pid=6254 comm="syz.3.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   91.495958][ T6262] omfs: Invalid superblock (0)
[   91.775566][ T5871] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   92.289519][ T5871] usb 4-1: Using ep0 maxpacket: 32
[   92.324485][ T5871] usb 4-1: config 0 has an invalid interface number: 196 but max is 0
[   92.338218][ T5871] usb 4-1: config 0 has no interface number 0
[   92.353727][ T5871] usb 4-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[   92.375725][   T30] kauditd_printk_skb: 1 callbacks suppressed
[   92.375739][   T30] audit: type=1400 audit(1758270624.097:231): avc:  denied  { write } for  pid=6272 comm="syz.0.78" name="001" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   92.440831][ T5871] usb 4-1: config 0 interface 196 has no altsetting 0
[   92.464162][ T5871] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[   92.478727][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.504088][ T5871] usb 4-1: Product: syz
[   92.514591][ T5871] usb 4-1: Manufacturer: syz
[   92.520548][ T5871] usb 4-1: SerialNumber: syz
[   92.530834][ T5871] usb 4-1: config 0 descriptor??
[   92.544356][ T6262] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   92.666460][ T6278] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   92.729311][ T6286] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=6286 comm=syz.1.84
[   93.510100][   T30] audit: type=1400 audit(1758270625.137:232): avc:  denied  { name_bind } for  pid=6280 comm="syz.2.83" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   93.687474][ T6299] block nbd4: Attempted send on invalid socket
[   93.694087][ T6299] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   93.703805][ T6299] SQUASHFS error: Failed to read block 0x0: -5
[   93.710116][ T6299] unable to read squashfs_super_block
[   94.049332][   T30] audit: type=1400 audit(1758270625.137:233): avc:  denied  { node_bind } for  pid=6280 comm="syz.2.83" saddr=172.20.20.170 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   94.176212][ T6303] block nbd1: Attempted send on invalid socket
[   94.182457][ T6303] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   94.192026][ T6303] SQUASHFS error: Failed to read block 0x0: -5
[   94.198399][ T6303] unable to read squashfs_super_block
[   94.501657][ T5871] ipheth 4-1:0.196: ipheth_get_macaddr: usb_control_msg: -71
[   94.615826][ T5871] ipheth 4-1:0.196: probe with driver ipheth failed with error -71
[   94.682923][ T5871] usb 4-1: USB disconnect, device number 5
[   94.795550][ T5863] Bluetooth: hci4: command tx timeout
[   95.066312][   T30] audit: type=1400 audit(1758270626.637:234): avc:  denied  { create } for  pid=6309 comm="syz.4.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   95.388411][   T30] audit: type=1400 audit(1758270627.027:235): avc:  denied  { create } for  pid=6315 comm="syz.1.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   95.465726][ T5871] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   95.626292][ T5871] usb 4-1: Using ep0 maxpacket: 8
[   95.703373][ T5871] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[   95.760381][ T5871] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   95.787097][ T6325] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.834503][ T5871] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   95.932900][ T5871] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   96.212892][ T5871] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   96.237433][   T30] audit: type=1400 audit(1758270627.817:236): avc:  denied  { create } for  pid=6324 comm="syz.2.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   96.279636][ T5871] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   96.342125][ T5871] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.358850][   T30] audit: type=1400 audit(1758270627.837:237): avc:  denied  { connect } for  pid=6324 comm="syz.2.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   96.441633][   T30] audit: type=1400 audit(1758270628.117:238): avc:  denied  { listen } for  pid=6324 comm="syz.2.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   97.348725][   T30] audit: type=1400 audit(1758270628.607:239): avc:  denied  { create } for  pid=6332 comm="syz.2.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   97.579678][   T30] audit: type=1400 audit(1758270628.687:240): avc:  denied  { connect } for  pid=6332 comm="syz.2.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   97.670662][ T6308] netlink: 196 bytes leftover after parsing attributes in process `syz.3.89'.
[   97.679806][ T6308] openvswitch: netlink: Flow key attr not present in new flow.
[   97.698451][ T5871] usb 4-1: usb_control_msg returned -71
[   97.704005][ T5871] usbtmc 4-1:16.0: can't read capabilities
[   97.774822][   T30] audit: type=1400 audit(1758270628.767:241): avc:  denied  { shutdown } for  pid=6332 comm="syz.2.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   97.806699][ T5871] usb 4-1: USB disconnect, device number 6
[   97.858939][   T30] audit: type=1400 audit(1758270629.167:242): avc:  denied  { ioctl } for  pid=6307 comm="syz.3.89" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   97.884133][   T30] audit: type=1400 audit(1758270629.247:243): avc:  denied  { create } for  pid=6339 comm="syz.2.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   97.923748][ T6342] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5124 sclass=netlink_route_socket pid=6342 comm=syz.4.95
[   97.936412][   T30] audit: type=1400 audit(1758270629.417:244): avc:  denied  { create } for  pid=6307 comm="syz.3.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   97.955858][    C0] vkms_vblank_simulate: vblank timer overrun
[   97.963195][ T6342] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=6342 comm=syz.4.95
[   98.201523][ T6349] FAULT_INJECTION: forcing a failure.
[   98.201523][ T6349] name failslab, interval 1, probability 0, space 0, times 1
[   98.231037][ T6349] CPU: 1 UID: 0 PID: 6349 Comm: syz.4.96 Not tainted syzkaller #0 PREEMPT(full) 
[   98.231057][ T6349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   98.231064][ T6349] Call Trace:
[   98.231068][ T6349]  <TASK>
[   98.231073][ T6349]  dump_stack_lvl+0x16c/0x1f0
[   98.231091][ T6349]  should_fail_ex+0x512/0x640
[   98.231106][ T6349]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   98.231121][ T6349]  should_failslab+0xc2/0x120
[   98.231134][ T6349]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   98.231145][ T6349]  ? find_held_lock+0x2b/0x80
[   98.231158][ T6349]  ? __alloc_skb+0x2b2/0x380
[   98.231173][ T6349]  __alloc_skb+0x2b2/0x380
[   98.231185][ T6349]  ? __pfx___alloc_skb+0x10/0x10
[   98.231199][ T6349]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   98.231217][ T6349]  netlink_alloc_large_skb+0x69/0x130
[   98.231233][ T6349]  netlink_sendmsg+0x6a1/0xdd0
[   98.231249][ T6349]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.231269][ T6349]  __sys_sendto+0x4a0/0x520
[   98.231282][ T6349]  ? __pfx___sys_sendto+0x10/0x10
[   98.231298][ T6349]  ? find_held_lock+0x2b/0x80
[   98.231320][ T6349]  __x64_sys_sendto+0xe0/0x1c0
[   98.231332][ T6349]  ? do_syscall_64+0x91/0x4e0
[   98.231346][ T6349]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.231360][ T6349]  do_syscall_64+0xcd/0x4e0
[   98.231375][ T6349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.231386][ T6349] RIP: 0033:0x7ffb54f90a3c
[   98.231396][ T6349] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[   98.231406][ T6349] RSP: 002b:00007ffb55e5eec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[   98.231417][ T6349] RAX: ffffffffffffffda RBX: 00007ffb55e5efc0 RCX: 00007ffb54f90a3c
[   98.231424][ T6349] RDX: 0000000000000020 RSI: 00007ffb55e5f010 RDI: 0000000000000009
[   98.231430][ T6349] RBP: 0000000000000000 R08: 00007ffb55e5ef14 R09: 000000000000000c
[   98.231436][ T6349] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009
[   98.231442][ T6349] R13: 00007ffb55e5ef68 R14: 00007ffb55e5f010 R15: 0000000000000000
[   98.231455][ T6349]  </TASK>
[   99.429119][   T30] audit: type=1400 audit(1758270631.067:245): avc:  denied  { open } for  pid=6346 comm="syz.4.96" path="/dev/ttyqc" dev="devtmpfs" ino=387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   99.546438][ T5859] Bluetooth: hci4: command 0x0405 tx timeout
[   99.606245][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   99.634158][   T30] audit: type=1400 audit(1758270631.347:246): avc:  denied  { mounton } for  pid=6364 comm="syz.0.101" path="/16/file0" dev="tmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   99.738027][ T5909] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   99.746612][ T6370] netlink: 'syz.4.100': attribute type 11 has an invalid length.
[   99.785612][    T9] usb 2-1: Using ep0 maxpacket: 32
[   99.801332][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.874020][ T6370] omfs: Invalid superblock (0)
[   99.883562][    T9] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[   99.918475][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.927026][    T9] usb 2-1: Product: syz
[   99.931290][    T9] usb 2-1: Manufacturer: syz
[   99.936550][ T5863] Bluetooth: hci3: command tx timeout
[   99.951734][ T5909] usb 3-1: Using ep0 maxpacket: 8
[   99.964832][ T5909] usb 3-1: no configurations
[  100.005166][ T6375] netlink: 28 bytes leftover after parsing attributes in process `syz.3.103'.
[  100.419057][   T30] audit: type=1400 audit(1758270631.727:247): avc:  denied  { ioctl } for  pid=6372 comm="syz.3.103" path="socket:[10222]" dev="sockfs" ino=10222 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  100.443595][    C1] vkms_vblank_simulate: vblank timer overrun
[  100.444020][ T5909] usb 3-1: can't read configurations, error -22
[  100.457497][    T9] usb 2-1: SerialNumber: syz
[  100.471069][    T9] usb 2-1: config 0 descriptor??
[  100.481871][    T9] plusb 2-1:0.0: probe with driver plusb failed with error -22
[  100.585558][ T1539] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  100.615555][ T5909] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  100.685232][ T6352] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.693827][ T6352] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.760079][ T1539] usb 5-1: Using ep0 maxpacket: 32
[  100.774083][ T1539] usb 5-1: config 0 has an invalid interface number: 196 but max is 0
[  100.785930][ T5909] usb 3-1: Using ep0 maxpacket: 8
[  100.791872][ T1539] usb 5-1: config 0 has no interface number 0
[  100.796626][ T5909] usb 3-1: no configurations
[  100.802830][ T5909] usb 3-1: can't read configurations, error -22
[  100.802850][ T1539] usb 5-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  100.823497][ T1539] usb 5-1: config 0 interface 196 has no altsetting 0
[  100.832762][ T1539] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  100.832822][ T5909] usb usb3-port1: attempt power cycle
[  100.848645][ T1539] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.858635][ T1539] usb 5-1: Product: syz
[  100.862802][ T1539] usb 5-1: Manufacturer: syz
[  100.867762][ T1539] usb 5-1: SerialNumber: syz
[  100.883234][ T1539] usb 5-1: config 0 descriptor??
[  100.892842][ T6371] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  101.102963][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.104'.
[  101.165339][   T30] audit: type=1400 audit(1758270632.887:248): avc:  denied  { accept } for  pid=6376 comm="syz.3.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  101.185268][   T30] audit: type=1400 audit(1758270632.897:249): avc:  denied  { ioctl } for  pid=6376 comm="syz.3.104" path="socket:[10573]" dev="sockfs" ino=10573 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  101.225628][ T5909] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  101.256183][ T5909] usb 3-1: Using ep0 maxpacket: 8
[  101.261820][ T5909] usb 3-1: no configurations
[  101.266688][ T5909] usb 3-1: can't read configurations, error -22
[  101.396366][ T5909] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  101.416068][ T5909] usb 3-1: Using ep0 maxpacket: 8
[  101.421641][ T5909] usb 3-1: no configurations
[  101.426363][ T5909] usb 3-1: can't read configurations, error -22
[  101.433634][ T5909] usb usb3-port1: unable to enumerate USB device
[  101.785324][   T44] usb 2-1: USB disconnect, device number 3
[  103.036312][   T30] audit: type=1400 audit(1758270634.677:250): avc:  denied  { mount } for  pid=6389 comm="syz.2.107" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  103.058352][    C1] vkms_vblank_simulate: vblank timer overrun
[  103.179289][ T1539] ipheth 5-1:0.196: ipheth_get_macaddr: usb_control_msg: -71
[  103.395849][ T1539] ipheth 5-1:0.196: probe with driver ipheth failed with error -71
[  103.404028][   T30] audit: type=1400 audit(1758270635.007:251): avc:  denied  { getopt } for  pid=6389 comm="syz.2.107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  103.455327][ T1539] usb 5-1: USB disconnect, device number 6
[  104.136814][   T30] audit: type=1400 audit(1758270635.867:252): avc:  denied  { ioctl } for  pid=6414 comm="syz.3.113" path="socket:[10628]" dev="sockfs" ino=10628 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  104.161269][    C1] vkms_vblank_simulate: vblank timer overrun
[  104.245242][ T5863] Bluetooth: hci1: ACL packet for unknown connection handle 3574
[  104.267760][   T30] audit: type=1400 audit(1758270635.967:253): avc:  denied  { lock } for  pid=6414 comm="syz.3.113" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  104.292770][    C1] vkms_vblank_simulate: vblank timer overrun
[  104.299985][   T30] audit: type=1400 audit(1758270636.027:254): avc:  denied  { sys_module } for  pid=6414 comm="syz.3.113" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  104.708934][ T6421] program syz.0.112 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  104.726482][   T30] audit: type=1400 audit(1758270636.417:255): avc:  denied  { ioctl } for  pid=6418 comm="syz.0.112" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=11403 ioctlcmd=0xaa08 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  104.756037][   T30] audit: type=1400 audit(1758270636.437:256): avc:  denied  { write } for  pid=6418 comm="syz.0.112" name="sg0" dev="devtmpfs" ino=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  104.946129][   T30] audit: type=1400 audit(1758270636.437:257): avc:  denied  { open } for  pid=6418 comm="syz.0.112" path="/dev/sg0" dev="devtmpfs" ino=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  104.970058][ T5909] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  105.125836][ T5909] usb 4-1: Using ep0 maxpacket: 32
[  105.142563][ T5909] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  105.151444][ T5909] usb 4-1: config 0 has no interface number 0
[  105.161547][ T5909] usb 4-1: config 0 interface 184 has no altsetting 0
[  105.185573][   T30] audit: type=1400 audit(1758270636.907:258): avc:  denied  { ioctl } for  pid=6430 comm="syz.0.115" path="socket:[10636]" dev="sockfs" ino=10636 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  105.253390][ T5909] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  105.272655][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.299430][ T5909] usb 4-1: Product: syz
[  105.317138][ T5909] usb 4-1: Manufacturer: syz
[  105.323878][ T5909] usb 4-1: SerialNumber: syz
[  106.303668][   T30] audit: type=1400 audit(1758270638.027:259): avc:  denied  { read write } for  pid=6437 comm="syz.4.117" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  106.328965][ T5909] usb 4-1: config 0 descriptor??
[  106.385183][ T5909] smsc75xx v1.0.0
[  107.086477][   T44] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  107.452943][ T5909] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  107.476190][ T5909] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  107.492233][ T5909] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  107.503895][ T5909] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -32
[  107.835623][   T44] usb 2-1: Using ep0 maxpacket: 32
[  107.882284][   T44] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  107.902323][ T5916] usb 4-1: USB disconnect, device number 7
[  108.089717][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  108.089731][   T30] audit: type=1400 audit(1758270639.807:262): avc:  denied  { create } for  pid=6456 comm="syz.2.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  108.090621][   T44] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[  108.144124][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.622910][   T30] audit: type=1400 audit(1758270640.347:263): avc:  denied  { write } for  pid=6463 comm="syz.4.123" name="binder1" dev="binder" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  108.660753][   T44] usb 2-1: Product: syz
[  108.668398][   T44] usb 2-1: Manufacturer: syz
[  108.692036][   T44] usb 2-1: SerialNumber: syz
[  108.739865][   T44] usb 2-1: config 0 descriptor??
[  108.740054][ T6466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.124'.
[  108.751992][   T30] audit: type=1400 audit(1758270640.377:264): avc:  denied  { open } for  pid=6463 comm="syz.4.123" path="/dev/binderfs/binder1" dev="binder" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  108.895319][   T44] usb 2-1: can't set config #0, error -71
[  109.050305][   T44] usb 2-1: USB disconnect, device number 4
[  109.192042][   T30] audit: type=1400 audit(1758270640.397:265): avc:  denied  { ioctl } for  pid=6463 comm="syz.4.123" path="/dev/binderfs/binder1" dev="binder" ino=14 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  109.262363][   T30] audit: type=1400 audit(1758270640.397:266): avc:  denied  { set_context_mgr } for  pid=6463 comm="syz.4.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  109.369590][   T30] audit: type=1400 audit(1758270640.437:267): avc:  denied  { read } for  pid=6463 comm="syz.4.123" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  109.440459][   T30] audit: type=1400 audit(1758270640.797:268): avc:  denied  { map } for  pid=6456 comm="syz.2.120" path="/dev/comedi4" dev="devtmpfs" ino=1280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  109.738701][ T6486] program syz.0.127 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.791512][   T30] audit: type=1400 audit(1758270641.337:269): avc:  denied  { read } for  pid=6483 comm="syz.0.127" name="sg0" dev="devtmpfs" ino=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  109.915845][ T5916] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  109.943647][ T6486] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  110.165722][ T5916] usb 4-1: Using ep0 maxpacket: 32
[  110.222008][   T30] audit: type=1400 audit(1758270641.467:270): avc:  denied  { ioctl } for  pid=6483 comm="syz.0.127" path="/dev/sg0" dev="devtmpfs" ino=768 ioctlcmd=0x6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  110.283988][ T5916] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  111.096075][ T5916] usb 4-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[  111.354258][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.385346][   T30] audit: type=1326 audit(1758270642.857:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6484 comm="syz.1.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bff78eba9 code=0x7ffc0000
[  111.415574][ T5916] usb 4-1: Product: syz
[  111.425375][ T5916] usb 4-1: Manufacturer: syz
[  111.433342][ T5916] usb 4-1: SerialNumber: syz
[  111.471393][ T5916] usb 4-1: config 0 descriptor??
[  111.484392][ T5916] plusb 4-1:0.0: probe with driver plusb failed with error -22
[  111.967228][ T6482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.976360][ T6482] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.190424][ T6508] program syz.2.126 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  112.378867][ T5909] IPVS: starting estimator thread 0...
[  112.433478][ T6510] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  112.841218][ T6515] IPVS: using max 73 ests per chain, 175200 per kthread
[  112.905692][ T5909] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  113.184776][    T9] usb 4-1: USB disconnect, device number 8
[  113.265708][ T5909] usb 2-1: Using ep0 maxpacket: 16
[  113.281634][ T5909] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  113.340439][ T5909] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  113.393189][   T30] kauditd_printk_skb: 50 callbacks suppressed
[  113.393204][   T30] audit: type=1400 audit(1758270645.117:322): avc:  denied  { connect } for  pid=6520 comm="syz.3.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  113.421064][ T5909] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  113.591993][ T5909] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  113.849320][   T30] audit: type=1400 audit(1758270645.477:323): avc:  denied  { read } for  pid=6520 comm="syz.3.135" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  114.032093][ T5909] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.046061][ T5909] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  114.055195][ T5909] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  114.960291][ T5909] usb 2-1: Manufacturer: syz
[  115.956259][ T5909] usb 2-1: config 0 descriptor??
[  116.205609][   T44] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  116.233428][   T30] audit: type=1400 audit(1758270645.477:324): avc:  denied  { open } for  pid=6520 comm="syz.3.135" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  116.263516][ T6535] loop2: detected capacity change from 0 to 7
[  116.365266][ T6535] Dev loop2: unable to read RDB block 7
[  116.407070][ T6535]  loop2: unable to read partition table
[  116.424240][ T5909] usb 2-1: can't set config #0, error -71
[  116.431589][ T5909] usb 2-1: USB disconnect, device number 5
[  116.455834][ T6535] loop2: partition table beyond EOD, truncated
[  116.462032][ T6535] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  116.478142][   T44] usb 3-1: Using ep0 maxpacket: 32
[  116.598301][ T6540] block nbd3: Attempted send on invalid socket
[  116.604575][ T6540] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  116.614461][ T6540] SQUASHFS error: Failed to read block 0x0: -5
[  116.620954][ T6540] unable to read squashfs_super_block
[  117.027131][ T6542] binder: Bad value for 'max'
[  117.185070][   T44] usb 3-1: device descriptor read/all, error -71
[  117.202362][   T30] audit: type=1400 audit(1758270648.757:325): avc:  denied  { remount } for  pid=6538 comm="syz.1.138" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  117.480027][ T6554] netlink: 28 bytes leftover after parsing attributes in process `syz.1.142'.
[  119.650759][ T6573] netlink: 'syz.3.147': attribute type 1 has an invalid length.
[  120.700936][   T30] audit: type=1400 audit(1758270652.337:326): avc:  denied  { setopt } for  pid=6581 comm="syz.0.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  121.925621][   T44] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  121.971001][   T30] audit: type=1400 audit(1758270653.697:327): avc:  denied  { bind } for  pid=6595 comm="syz.1.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.505552][   T30] audit: type=1400 audit(1758270653.697:328): avc:  denied  { name_bind } for  pid=6595 comm="syz.1.154" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  122.508243][   T44] usb 3-1: Using ep0 maxpacket: 32
[  122.609578][   T44] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.649266][   T44] usb 3-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[  122.665884][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.694207][   T44] usb 3-1: Product: syz
[  122.698703][   T44] usb 3-1: Manufacturer: syz
[  122.736738][   T30] audit: type=1400 audit(1758270653.697:329): avc:  denied  { node_bind } for  pid=6595 comm="syz.1.154" saddr=::ffff:0.0.0.0 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  122.764869][   T30] audit: type=1400 audit(1758270654.157:330): avc:  denied  { write } for  pid=6595 comm="syz.1.154" path="socket:[10878]" dev="sockfs" ino=10878 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.788085][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.810137][   T44] usb 3-1: SerialNumber: syz
[  122.863979][   T30] audit: type=1400 audit(1758270654.157:331): avc:  denied  { read } for  pid=6595 comm="syz.1.154" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  122.888091][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.895211][   T44] usb 3-1: config 0 descriptor??
[  122.915268][   T44] plusb 3-1:0.0: probe with driver plusb failed with error -22
[  122.952689][ T6609] sctp: [Deprecated]: syz.4.156 (pid 6609) Use of struct sctp_assoc_value in delayed_ack socket option.
[  122.952689][ T6609] Use struct sctp_sack_info instead
[  123.044116][   T30] audit: type=1400 audit(1758270654.157:332): avc:  denied  { open } for  pid=6595 comm="syz.1.154" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  123.110113][   T30] audit: type=1400 audit(1758270654.197:333): avc:  denied  { ioctl } for  pid=6595 comm="syz.1.154" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  123.136145][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.160141][ T6589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.168700][ T6589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.235984][ T5871] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  123.266487][   T30] audit: type=1400 audit(1758270654.517:334): avc:  denied  { listen } for  pid=6601 comm="syz.3.155" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  123.287693][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.440392][   T30] audit: type=1400 audit(1758270654.667:335): avc:  denied  { shutdown } for  pid=6607 comm="syz.4.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  123.505684][ T5871] usb 2-1: Using ep0 maxpacket: 32
[  123.534767][ T5871] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  123.967639][ T5871] usb 2-1: config 0 has no interface number 0
[  123.983079][ T5871] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  124.617435][ T6622] loop9: detected capacity change from 0 to 7
[  124.707907][ T6622] Dev loop9: unable to read RDB block 7
[  124.713740][ T6622]  loop9: unable to read partition table
[  124.720388][ T6622] loop9: partition table beyond EOD, truncated
[  124.726750][ T6622] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  124.800329][ T5871] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.808513][ T5871] usb 2-1: Product: syz
[  124.812713][ T5871] usb 2-1: Manufacturer: syz
[  124.818229][ T5871] usb 2-1: SerialNumber: syz
[  124.923540][ T5871] usb 2-1: config 0 descriptor??
[  124.981197][ T5909] usb 3-1: USB disconnect, device number 9
[  125.011764][ T5871] smsc95xx v2.0.0
[  125.446581][ T5871] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  125.506309][ T5871] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  125.770569][ T6648] netlink: 20 bytes leftover after parsing attributes in process `syz.2.168'.
[  125.779713][ T5871] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  125.791344][ T5871] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -61
[  125.922862][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  125.922879][   T30] audit: type=1400 audit(1758270657.647:339): avc:  denied  { read } for  pid=6633 comm="syz.4.164" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  126.243714][   T30] audit: type=1400 audit(1758270657.647:340): avc:  denied  { open } for  pid=6633 comm="syz.4.164" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  126.270142][   T30] audit: type=1400 audit(1758270657.647:341): avc:  denied  { ioctl } for  pid=6633 comm="syz.4.164" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  126.477096][   T30] audit: type=1400 audit(1758270658.207:342): avc:  denied  { ioctl } for  pid=6658 comm="syz.3.170" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  126.608283][   T30] audit: type=1400 audit(1758270658.327:343): avc:  denied  { watch watch_reads } for  pid=6660 comm="syz.0.171" path="/30" dev="tmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  126.935526][   T44] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  127.147488][ T5909] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  127.702201][   T92] usb 2-1: USB disconnect, device number 6
[  127.813232][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  127.844556][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.860151][   T44] usb 1-1: New USB device found, idVendor=056a, idProduct=023b, bcdDevice= 0.00
[  127.884442][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.953247][ T6673] ieee802154 phy0 wpan0: encryption failed: -22
[  127.965604][   T30] audit: type=1400 audit(1758270659.677:344): avc:  denied  { write } for  pid=6668 comm="syz.1.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  128.020864][ T6671] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  128.033109][   T30] audit: type=1400 audit(1758270659.717:345): avc:  denied  { mount } for  pid=6670 comm="syz.2.174" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  128.054889][    C0] vkms_vblank_simulate: vblank timer overrun
[  128.064219][ T5909] usb 4-1: Using ep0 maxpacket: 32
[  128.070429][   T44] usb 1-1: config 0 descriptor??
[  128.080471][ T5909] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  128.081894][   T30] audit: type=1400 audit(1758270659.747:346): avc:  denied  { create } for  pid=6670 comm="syz.2.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.184876][ T5909] usb 4-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[  128.559454][   T30] audit: type=1400 audit(1758270659.747:347): avc:  denied  { setopt } for  pid=6670 comm="syz.2.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.561776][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.605960][   T30] audit: type=1400 audit(1758270659.747:348): avc:  denied  { mounton } for  pid=6670 comm="syz.2.174" path="/36/file1/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  128.804976][ T5909] usb 4-1: Product: syz
[  128.820834][ T5909] usb 4-1: Manufacturer: syz
[  128.825776][ T5909] usb 4-1: SerialNumber: syz
[  128.890902][ T5909] usb 4-1: config 0 descriptor??
[  128.950284][ T5909] plusb 4-1:0.0: probe with driver plusb failed with error -22
[  129.114710][ T6665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.123336][ T6665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.217711][ T6684] block nbd1: Attempted send on invalid socket
[  129.224146][ T6684] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  129.234214][ T6684] SQUASHFS error: Failed to read block 0x0: -5
[  129.241097][ T6684] unable to read squashfs_super_block
[  130.347669][   T44] usbhid 1-1:0.0: can't add hid device: -71
[  130.432517][   T44] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  130.451391][   T44] usb 1-1: USB disconnect, device number 4
[  130.480901][ T5909] usb 4-1: USB disconnect, device number 9
[  131.283433][ T5863] Bluetooth: hci1: unexpected Set CIG Parameters response data
[  131.363879][ T6704] netlink: 830 bytes leftover after parsing attributes in process `syz.2.184'.
[  131.374089][ T6704] bond_slave_0: entered promiscuous mode
[  131.379901][ T6704] bond_slave_1: entered promiscuous mode
[  131.440765][ T6707] netlink: 830 bytes leftover after parsing attributes in process `syz.1.183'.
[  131.481009][ T6707] bond_slave_0: entered promiscuous mode
[  131.486765][ T6707] bond_slave_1: entered promiscuous mode
[  131.510272][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  131.510287][   T30] audit: type=1400 audit(1758270663.237:351): avc:  denied  { ioctl } for  pid=6708 comm="syz.3.185" path="socket:[11195]" dev="sockfs" ino=11195 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  131.548416][   T30] audit: type=1400 audit(1758270663.277:352): avc:  denied  { write } for  pid=6708 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  132.050277][ T6721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.114439][ T6721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.140406][   T30] audit: type=1400 audit(1758270663.677:353): avc:  denied  { create } for  pid=6713 comm="syz.4.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  132.195647][   T30] audit: type=1400 audit(1758270663.677:354): avc:  denied  { write } for  pid=6713 comm="syz.4.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  132.245527][ T5871] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  132.307441][   T30] audit: type=1400 audit(1758270663.687:355): avc:  denied  { getopt } for  pid=6713 comm="syz.4.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  132.331131][ T6723] capability: warning: `syz.0.189' uses deprecated v2 capabilities in a way that may be insecure
[  132.385851][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  132.401142][ T5871] usb 5-1: config 0 has an invalid interface number: 29 but max is 0
[  132.459715][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  132.466123][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  132.539792][    T9] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  132.560170][ T5871] usb 5-1: config 0 has no interface number 0
[  132.561522][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.575563][ T5871] usb 5-1: config 0 interface 29 has no altsetting 0
[  132.588163][   T92] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  132.612112][ T5871] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  132.614743][    T9] usb 4-1: Product: syz
[  132.636019][    T9] usb 4-1: Manufacturer: syz
[  132.645528][ T5871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.654943][    T9] usb 4-1: SerialNumber: syz
[  132.710537][    T9] usb 4-1: config 0 descriptor??
[  132.847455][ T5871] usb 5-1: Product: syz
[  132.851656][ T5871] usb 5-1: Manufacturer: syz
[  132.856417][ T5871] usb 5-1: SerialNumber: syz
[  132.863136][ T5871] usb 5-1: config 0 descriptor??
[  132.872115][   T92] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.937718][    T9] cx82310_eth 4-1:0.0: probe with driver cx82310_eth failed with error -22
[  132.946952][ T6725] FAULT_INJECTION: forcing a failure.
[  132.946952][ T6725] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  132.960055][ T6725] CPU: 1 UID: 0 PID: 6725 Comm: syz.1.183 Not tainted syzkaller #0 PREEMPT(full) 
[  132.960070][ T6725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  132.960077][ T6725] Call Trace:
[  132.960081][ T6725]  <TASK>
[  132.960085][ T6725]  dump_stack_lvl+0x16c/0x1f0
[  132.960103][ T6725]  should_fail_ex+0x512/0x640
[  132.960121][ T6725]  _copy_from_user+0x2e/0xd0
[  132.960138][ T6725]  copy_msghdr_from_user+0x98/0x160
[  132.960152][ T6725]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  132.960176][ T6725]  ___sys_sendmsg+0xfe/0x1d0
[  132.960190][ T6725]  ? __pfx____sys_sendmsg+0x10/0x10
[  132.960220][ T6725]  __sys_sendmsg+0x16d/0x220
[  132.960234][ T6725]  ? __pfx___sys_sendmsg+0x10/0x10
[  132.960256][ T6725]  do_syscall_64+0xcd/0x4e0
[  132.960272][ T6725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.960283][ T6725] RIP: 0033:0x7f2bff78eba9
[  132.960292][ T6725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.960303][ T6725] RSP: 002b:00007f2c0065b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.960314][ T6725] RAX: ffffffffffffffda RBX: 00007f2bff9d6180 RCX: 00007f2bff78eba9
[  132.960321][ T6725] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000009
[  132.960327][ T6725] RBP: 00007f2c0065b090 R08: 0000000000000000 R09: 0000000000000000
[  132.960333][ T6725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.960339][ T6725] R13: 00007f2bff9d6218 R14: 00007f2bff9d6180 R15: 00007ffdb83d2bc8
[  132.960353][ T6725]  </TASK>
[  132.970747][   T92] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.070811][    C0] vkms_vblank_simulate: vblank timer overrun
[  133.129024][ T6727] fuse: Bad value for 'group_id'
[  133.152454][ T6727] fuse: Bad value for 'group_id'
[  133.186834][ T6717] netlink: 16 bytes leftover after parsing attributes in process `syz.4.187'.
[  133.196560][    T9] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[  133.203982][ T6717] netlink: 12 bytes leftover after parsing attributes in process `syz.4.187'.
[  133.215027][    T9] usb 4-1: USB disconnect, device number 10
[  133.239435][ T5871] peak_usb 5-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  133.270016][   T92] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  133.605715][   T30] audit: type=1400 audit(1758270665.297:356): avc:  denied  { setopt } for  pid=6713 comm="syz.4.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  133.688127][   T92] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.768633][   T92] usb 1-1: Product: syz
[  133.783129][   T92] usb 1-1: Manufacturer: syz
[  133.796953][   T30] audit: type=1400 audit(1758270665.527:357): avc:  denied  { getopt } for  pid=6730 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  133.827668][   T92] usb 1-1: SerialNumber: syz
[  133.936510][   T92] usb 1-1: config 0 descriptor??
[  133.996937][ T6739] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  134.006329][ T6739] (syz.1.191,6739,1):ocfs2_get_sector:1714 ERROR: status = -5
[  134.013854][ T6739] (syz.1.191,6739,1):ocfs2_sb_probe:753 ERROR: status = -5
[  134.021302][ T6739] (syz.1.191,6739,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  134.029842][ T6739] (syz.1.191,6739,1):ocfs2_fill_super:1177 ERROR: status = -5
[  134.041725][ T6739] netlink: 16 bytes leftover after parsing attributes in process `syz.1.191'.
[  134.098348][   T30] audit: type=1400 audit(1758270665.717:358): avc:  denied  { write } for  pid=6730 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  134.127765][   T92] usb 1-1: Found UVC 0.00 device syz (18ec:3288)
[  134.134255][   T92] usb 1-1: No valid video chain found.
[  134.144258][   T30] audit: type=1400 audit(1758270665.777:359): avc:  denied  { ioctl } for  pid=6730 comm="syz.1.191" path="socket:[11246]" dev="sockfs" ino=11246 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  134.175839][ T5909] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  134.218129][ T6740] mkiss: ax0: crc mode is auto.
[  134.329168][   T30] audit: type=1400 audit(1758270666.047:360): avc:  denied  { search } for  pid=5521 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  134.382473][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.403677][ T5909] usb 4-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[  134.422232][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.489038][ T6743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.511876][ T6743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.780813][ T5909] usb 4-1: config 0 descriptor??
[  135.009659][ T5871] peak_usb 5-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[  135.062609][ T5871] peak_usb 5-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[  135.129338][ T6746] block nbd1: Attempted send on invalid socket
[  135.136368][ T6746] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  135.147151][ T6746] SQUASHFS error: Failed to read block 0x0: -5
[  135.154123][ T6746] unable to read squashfs_super_block
[  135.263459][ T5909] hid_mf 0003:0079:1846.0002: unknown main item tag 0x1
[  135.282748][ T5909] hid_mf 0003:0079:1846.0002: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.3-1/input0
[  135.295539][ T5909] hid_mf 0003:0079:1846.0002: Invalid report, this should never happen!
[  135.296570][ T5863] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  135.312874][ T5863] Bluetooth: hci1: Injecting HCI hardware error event
[  135.320521][ T5863] Bluetooth: hci1: hardware error 0x00
[  135.418741][ T5909] hid_mf 0003:0079:1846.0002: Force feedback init failed.
[  135.455718][ T5871] peak_usb 5-1:0.29: probe with driver peak_usb failed with error -71
[  135.571183][ T5909] usb 4-1: USB disconnect, device number 11
[  135.572651][ T5871] usb 5-1: USB disconnect, device number 7
[  136.124149][ T6763] netlink: 44 bytes leftover after parsing attributes in process `syz.2.198'.
[  136.134114][ T6763] netlink: 43 bytes leftover after parsing attributes in process `syz.2.198'.
[  136.144524][ T6763] netlink: 'syz.2.198': attribute type 5 has an invalid length.
[  136.152507][ T6763] netlink: 43 bytes leftover after parsing attributes in process `syz.2.198'.
[  136.796427][ T5916] usb 1-1: USB disconnect, device number 5
[  137.060823][ T6774] bridge1: entered promiscuous mode
[  137.076744][ T6774] bridge1: entered allmulticast mode
[  137.211192][ T6779] comedi comedi4: comedi_config --init_data is deprecated
[  137.218434][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  137.218447][   T30] audit: type=1400 audit(1758270668.937:370): avc:  denied  { map } for  pid=6768 comm="syz.3.201" path="/dev/comedi4" dev="devtmpfs" ino=1280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  137.247403][    C0] vkms_vblank_simulate: vblank timer overrun
[  137.404008][ T6782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  137.804955][ T5863] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  138.061981][   T30] audit: type=1400 audit(1758270668.947:371): avc:  denied  { ioctl } for  pid=6778 comm="syz.4.204" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  138.086584][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.130713][ T6798] tmpfs: Unknown parameter ''
[  139.700585][ T6804] netlink: 24 bytes leftover after parsing attributes in process `syz.4.207'.
[  139.903637][   T30] audit: type=1400 audit(1758270671.627:372): avc:  denied  { setopt } for  pid=6793 comm="syz.4.207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  139.946867][ T5871] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  139.971472][ T6804] netlink: 4 bytes leftover after parsing attributes in process `syz.4.207'.
[  140.003635][ T6804] dummy0: entered promiscuous mode
[  140.018151][ T6804] macsec1: entered promiscuous mode
[  140.028912][ T6804] macsec1: entered allmulticast mode
[  140.036176][ T6804] dummy0: entered allmulticast mode
[  140.074424][ T6804] dummy0: left allmulticast mode
[  140.083581][ T6804] dummy0: left promiscuous mode
[  140.225714][ T5871] usb 3-1: Using ep0 maxpacket: 16
[  140.237514][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.386530][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.398806][ T5871] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  140.411968][ T5871] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  140.422596][ T5871] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.442371][ T5871] usb 3-1: config 0 descriptor??
[  141.167247][ T6821] block nbd2: Attempted send on invalid socket
[  141.176246][ T6821] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  141.185794][ T6821] SQUASHFS error: Failed to read block 0x0: -5
[  141.192660][ T6821] unable to read squashfs_super_block
[  141.270588][ T6818] loop9: detected capacity change from 0 to 7
[  141.820260][ T5871] usbhid 3-1:0.0: can't add hid device: -71
[  141.826492][ T5871] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  141.845776][ T6818] Dev loop9: unable to read RDB block 7
[  141.891056][ T5871] usb 3-1: USB disconnect, device number 10
[  141.903413][ T6818]  loop9: unable to read partition table
[  141.975723][ T6818] loop9: partition table beyond EOD, truncated
[  142.073535][ T6818] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  142.878799][   T30] audit: type=1400 audit(1758270674.607:373): avc:  denied  { read } for  pid=6837 comm="syz.2.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  143.819068][   T92] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  143.885720][   T30] audit: type=1400 audit(1758270675.617:374): avc:  denied  { bind } for  pid=6846 comm="syz.1.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  143.938820][ T6848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.221'.
[  143.986474][   T92] usb 4-1: Using ep0 maxpacket: 16
[  143.997613][   T92] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.008862][   T92] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.019526][   T92] usb 4-1: config 0 interface 0 has no altsetting 0
[  144.029179][   T92] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  144.038442][   T92] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.048493][   T92] usb 4-1: config 0 descriptor??
[  144.825985][ T6853] netlink: 24 bytes leftover after parsing attributes in process `syz.4.223'.
[  144.923203][ T6853] netem: invalid attributes len -4
[  144.929697][ T6853] netem: change failed
[  146.152971][ T6866] netlink: 14 bytes leftover after parsing attributes in process `syz.4.223'.
[  147.002216][   T30] audit: type=1326 audit(1758270678.637:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.2.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67d9f8eba9 code=0x7fc00000
[  147.173770][   T30] audit: type=1326 audit(1758270678.897:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.2.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f67d9f8eba9 code=0x7fc00000
[  147.217576][   T92] usbhid 4-1:0.0: can't add hid device: -71
[  147.230976][   T92] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  147.257893][ T6866] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.335517][    T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  147.419120][   T92] usb 4-1: USB disconnect, device number 12
[  147.446795][ T6866] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.822997][    T9] usb 1-1: Using ep0 maxpacket: 32
[  147.844854][    T9] usb 1-1: too many configurations: 21, using maximum allowed: 8
[  147.864874][    T9] usb 1-1: unable to read config index 0 descriptor/start: -61
[  147.882472][    T9] usb 1-1: can't read configurations, error -61
[  147.933855][ T6866] bond0 (unregistering): Released all slaves
[  148.025540][    T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  148.176115][    T9] usb 1-1: Using ep0 maxpacket: 32
[  148.905141][    T9] usb 1-1: device descriptor read/all, error -71
[  148.912707][    T9] usb usb1-port1: attempt power cycle
[  149.446913][   T30] audit: type=1400 audit(1758270681.177:377): avc:  denied  { shutdown } for  pid=6906 comm="syz.0.235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  149.469269][ T6907] 9pnet_fd: Insufficient options for proto=fd
[  149.525542][   T30] audit: type=1400 audit(1758270681.197:378): avc:  denied  { read } for  pid=6906 comm="syz.0.235" dev="sockfs" ino=12689 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  151.082124][ T6915] openvswitch: netlink: Key type 334 is out of range max 32
[  151.109163][ T6920] kvm: Disabled LAPIC found during irq injection
[  151.194443][ T6927] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  151.225161][ T6927] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  151.305543][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  151.355552][ T1539] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  151.505306][   T30] audit: type=1400 audit(1758270683.227:379): avc:  denied  { shutdown } for  pid=6935 comm="syz.0.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  151.525531][    T9] usb 3-1: Using ep0 maxpacket: 16
[  151.542856][    T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.965600][ T1539] usb 4-1: Using ep0 maxpacket: 16
[  151.979733][ T1539] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.990753][    T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.993406][   T30] audit: type=1400 audit(1758270683.717:380): avc:  denied  { name_bind } for  pid=6935 comm="syz.0.245" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  152.000806][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.027784][ T1539] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.053154][ T1539] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  152.053594][    T9] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  152.166640][ T1539] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  152.179182][ T1539] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.200792][ T1539] usb 4-1: config 0 descriptor??
[  152.288261][ T6940] FAULT_INJECTION: forcing a failure.
[  152.288261][ T6940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.304019][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.324776][    T9] usb 3-1: config 0 descriptor??
[  152.374751][ T6940] CPU: 1 UID: 0 PID: 6940 Comm: syz.0.246 Not tainted syzkaller #0 PREEMPT(full) 
[  152.374776][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  152.374784][ T6940] Call Trace:
[  152.374789][ T6940]  <TASK>
[  152.374793][ T6940]  dump_stack_lvl+0x16c/0x1f0
[  152.374819][ T6940]  should_fail_ex+0x512/0x640
[  152.374848][ T6940]  _copy_from_user+0x2e/0xd0
[  152.374872][ T6940]  do_sock_getsockopt+0x3ca/0x440
[  152.374893][ T6940]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  152.374908][ T6940]  ? __fget_files+0x204/0x3c0
[  152.374928][ T6940]  __sys_getsockopt+0x12f/0x260
[  152.374945][ T6940]  __x64_sys_getsockopt+0xbd/0x160
[  152.374963][ T6940]  ? do_syscall_64+0x91/0x4e0
[  152.374989][ T6940]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.375008][ T6940]  do_syscall_64+0xcd/0x4e0
[  152.375028][ T6940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.375039][ T6940] RIP: 0033:0x7fe01b78eba9
[  152.375049][ T6940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.375060][ T6940] RSP: 002b:00007fe01c6b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  152.375070][ T6940] RAX: ffffffffffffffda RBX: 00007fe01b9d5fa0 RCX: 00007fe01b78eba9
[  152.375078][ T6940] RDX: 0000000000000074 RSI: 0000000000000084 RDI: 0000000000000003
[  152.375084][ T6940] RBP: 00007fe01c6b4090 R08: 0000200000000080 R09: 0000000000000000
[  152.375093][ T6940] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  152.375103][ T6940] R13: 00007fe01b9d6038 R14: 00007fe01b9d5fa0 R15: 00007ffca132ea28
[  152.375126][ T6940]  </TASK>
[  152.670250][ T6943] netlink: 24 bytes leftover after parsing attributes in process `syz.0.248'.
[  152.756187][ T6943] netem: invalid attributes len -4
[  152.761367][ T6943] netem: change failed
[  152.843705][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  152.851336][ T1539] microsoft 0003:045E:07DA.0003: ignoring exceeding usage max
[  153.315185][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.322524][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.325059][    T9] hid (null): nested delimiters
[  153.342109][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.358345][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.365823][    T9] hid (null): bogus close delimiter
[  153.371789][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.371819][    T9] hid (null): unknown global tag 0xd
[  153.391481][    T9] hid (null): unknown global tag 0xd
[  153.417521][ T6951] netlink: 14 bytes leftover after parsing attributes in process `syz.0.248'.
[  153.451829][    T9] hid (null): report_id 0 is invalid
[  153.479577][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.489062][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.506393][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.524456][ T1539] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  153.544341][ T1539] microsoft 0003:045E:07DA.0003: unsupported Resolution Multiplier 0
[  153.747518][ T1539] microsoft 0003:045E:07DA.0003: unsupported Resolution Multiplier 0
[  154.100595][ T1539] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  154.192399][ T1539] microsoft 0003:045E:07DA.0003: no inputs found
[  154.246990][ T1539] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway
[  154.257758][    T9] usb 3-1: USB disconnect, device number 11
[  154.313167][ T6951] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.341993][ T6951] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.354357][ T6951] bond0 (unregistering): Released all slaves
[  154.390824][ T5909] usb 4-1: USB disconnect, device number 13
[  154.452475][ T6958] fido_id[6958]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  155.100818][ T6968] netlink: 8 bytes leftover after parsing attributes in process `syz.0.253'.
[  155.527336][ T5985] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  155.679538][   T30] audit: type=1400 audit(1758270687.407:381): avc:  denied  { listen } for  pid=6972 comm="syz.2.254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  155.795709][ T5985] usb 1-1: Using ep0 maxpacket: 8
[  156.344629][ T5985] usb 1-1: config 0 has an invalid interface number: 96 but max is 0
[  156.353235][ T5985] usb 1-1: config 0 has no interface number 0
[  156.360066][ T5985] usb 1-1: config 0 interface 96 altsetting 3 endpoint 0x88 has an invalid bInterval 254, changing to 11
[  156.388621][ T5985] usb 1-1: config 0 interface 96 has no altsetting 0
[  156.421663][ T5985] usb 1-1: New USB device found, idVendor=0b57, idProduct=2a8d, bcdDevice=33.74
[  156.431467][ T5985] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.439952][ T5985] usb 1-1: Product: syz
[  156.514494][ T5985] usb 1-1: Manufacturer: syz
[  156.538771][ T5985] usb 1-1: SerialNumber: syz
[  156.550313][ T5985] usb 1-1: config 0 descriptor??
[  156.631898][ T6989] netlink: 'syz.4.256': attribute type 1 has an invalid length.
[  157.170331][ T5985] usb 1-1: USB disconnect, device number 9
[  158.564936][ T7007] netlink: 12 bytes leftover after parsing attributes in process `syz.2.261'.
[  158.704745][ T6990] Bluetooth: MGMT ver 1.23
[  158.716897][ T6990] netlink: 40 bytes leftover after parsing attributes in process `syz.3.258'.
[  158.996565][ T7013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.262'.
[  159.005380][ T7013] netlink: 12 bytes leftover after parsing attributes in process `syz.0.262'.
[  159.014270][ T7013] netlink: 'syz.0.262': attribute type 11 has an invalid length.
[  159.110168][   T30] audit: type=1400 audit(1758270690.827:382): avc:  denied  { getopt } for  pid=6988 comm="syz.3.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  159.196941][ T7012] netlink: 24 bytes leftover after parsing attributes in process `syz.1.264'.
[  159.295617][ T7012] netem: invalid attributes len -4
[  159.300782][ T7012] netem: change failed
[  159.438659][ T7016] netlink: 48 bytes leftover after parsing attributes in process `syz.4.265'.
[  159.768125][ T7020] netlink: 14 bytes leftover after parsing attributes in process `syz.1.264'.
[  159.922500][ T7020] bond_slave_0: left promiscuous mode
[  159.988261][ T7020] bond_slave_1: left promiscuous mode
[  160.111682][ T7022] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  160.532110][ T7020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.713877][   T30] audit: type=1400 audit(1758270692.437:383): avc:  denied  { mounton } for  pid=7030 comm="syz.4.269" path="/dev/sequencer2" dev="devtmpfs" ino=1287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  160.745613][ T7032] block nbd4: Attempted send on invalid socket
[  160.751991][ T7032] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  160.761918][ T7032] SQUASHFS error: Failed to read block 0x0: -5
[  160.768614][ T7032] unable to read squashfs_super_block
[  160.875052][ T7020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.896688][ T7020] bond0 (unregistering): Released all slaves
[  160.990102][   T30] audit: type=1400 audit(1758270692.717:384): avc:  denied  { read append } for  pid=7034 comm="syz.0.270" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  161.172142][   T30] audit: type=1400 audit(1758270692.717:385): avc:  denied  { open } for  pid=7034 comm="syz.0.270" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  161.221062][   T30] audit: type=1400 audit(1758270692.727:386): avc:  denied  { ioctl } for  pid=7034 comm="syz.0.270" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9372 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  161.722315][   T30] audit: type=1400 audit(1758270693.137:387): avc:  denied  { setopt } for  pid=7036 comm="syz.3.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  161.744518][   T30] audit: type=1400 audit(1758270693.147:388): avc:  denied  { audit_write } for  pid=7036 comm="syz.3.271" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  162.215541][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  162.439373][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.473403][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.478737][   T30] audit: type=1400 audit(1758270694.187:389): avc:  denied  { getopt } for  pid=7047 comm="syz.2.275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  162.561980][ T5909] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  162.674704][    T9] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  162.895323][   T30] audit: type=1400 audit(1758270694.617:390): avc:  denied  { create } for  pid=7053 comm="syz.4.277" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  162.903337][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.015536][ T5909] usb 4-1: Using ep0 maxpacket: 16
[  163.045591][ T5909] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.062389][ T5909] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  163.118816][    T9] usb 1-1: config 0 descriptor??
[  163.458740][ T5909] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  163.468433][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.517621][ T5909] usb 4-1: config 0 descriptor??
[  163.528136][   T30] audit: type=1400 audit(1758270695.257:391): avc:  denied  { append } for  pid=7062 comm="syz.1.279" name="comedi3" dev="devtmpfs" ino=1279 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  163.565141][ T5909] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  163.580866][   T30] audit: type=1400 audit(1758270695.287:392): avc:  denied  { unlink } for  pid=5857 comm="syz-executor" name="file1" dev="tmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  163.702071][    T9] cm6533_jd 0003:0D8C:0022.0005: item fetching failed at offset 1/5
[  163.710622][    T9] cm6533_jd 0003:0D8C:0022.0005: parse failed
[  163.719408][    T9] cm6533_jd 0003:0D8C:0022.0005: probe with driver cm6533_jd failed with error -22
[  163.736078][   T92] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  163.898116][   T92] usb 3-1: config index 0 descriptor too short (expected 1042, got 18)
[  163.906488][   T92] usb 3-1: config 0 has an invalid interface descriptor of length 8, skipping
[  163.915348][   T92] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  163.922686][   T92] usb 3-1: config 0 has no interfaces?
[  163.931057][ T1539] usb 1-1: USB disconnect, device number 10
[  163.931478][   T92] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  163.949670][   T92] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.957888][   T92] usb 3-1: Product: syz
[  163.962228][   T92] usb 3-1: Manufacturer: syz
[  163.966942][   T92] usb 3-1: SerialNumber: syz
[  163.973121][   T92] usb 3-1: config 0 descriptor??
[  164.218677][ T7080] block nbd1: Attempted send on invalid socket
[  164.224925][ T7080] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  164.235146][ T7080] SQUASHFS error: Failed to read block 0x0: -5
[  164.241642][ T7080] unable to read squashfs_super_block
[  164.431946][ T1539] usb 3-1: USB disconnect, device number 12
[  164.555862][ T7083] block nbd3: Attempted send on invalid socket
[  164.562075][ T7083] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  164.571653][ T7083] SQUASHFS error: Failed to read block 0x0: -5
[  164.578174][ T7083] unable to read squashfs_super_block
[  165.745697][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  165.745741][   T30] audit: type=1400 audit(1758270697.387:394): avc:  denied  { ioctl } for  pid=7096 comm="syz.2.287" path="socket:[14053]" dev="sockfs" ino=14053 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  166.096534][   T30] audit: type=1400 audit(1758270697.797:395): avc:  denied  { read open } for  pid=7101 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1836 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  166.230182][   T30] audit: type=1400 audit(1758270697.797:396): avc:  denied  { getattr } for  pid=7101 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1836 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  167.004756][    T9] usb 4-1: USB disconnect, device number 14
[  167.227785][ T7116] block device autoloading is deprecated and will be removed.
[  167.635846][ T7134] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0
[  167.701499][ T7135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.292'.
[  168.153362][   T30] audit: type=1400 audit(1758270699.427:397): avc:  denied  { write } for  pid=7123 comm="syz.0.292" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  168.274283][   T30] audit: type=1400 audit(1758270699.427:398): avc:  denied  { open } for  pid=7123 comm="syz.0.292" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  168.314587][   T30] audit: type=1400 audit(1758270700.037:399): avc:  denied  { add_name } for  pid=7098 comm="dhcpcd-run-hook" name="resolv.conf.lapb4.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  168.344854][   T30] audit: type=1400 audit(1758270700.067:400): avc:  denied  { create } for  pid=7098 comm="dhcpcd-run-hook" name="resolv.conf.lapb4.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  168.379341][   T30] audit: type=1400 audit(1758270700.067:401): avc:  denied  { write } for  pid=7098 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb4.link" dev="tmpfs" ino=3446 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  168.407988][   T30] audit: type=1400 audit(1758270700.067:402): avc:  denied  { append } for  pid=7098 comm="dhcpcd-run-hook" name="resolv.conf.lapb4.link" dev="tmpfs" ino=3446 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  168.524491][ T7139] loop9: detected capacity change from 0 to 7
[  168.532683][ T7139] Dev loop9: unable to read RDB block 7
[  168.538361][ T7139]  loop9: unable to read partition table
[  168.544053][ T7139] loop9: partition table beyond EOD, truncated
[  168.550259][ T7139] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  168.771495][   T30] audit: type=1400 audit(1758270700.477:403): avc:  denied  { remove_name } for  pid=7142 comm="rm" name="resolv.conf.lapb4.link" dev="tmpfs" ino=3446 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  168.907296][ T7150] block nbd3: Attempted send on invalid socket
[  168.913914][ T7150] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  168.924163][ T7150] SQUASHFS error: Failed to read block 0x0: -5
[  168.930865][ T7150] unable to read squashfs_super_block
[  169.508853][ T7160] input: syz0 as /devices/virtual/input/input8
[  170.041568][ T7169] netlink: 'syz.2.298': attribute type 1 has an invalid length.
[  170.907913][ T5909] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  171.308203][ T5909] usb 5-1: Using ep0 maxpacket: 16
[  171.329706][ T5909] usb 5-1: config 28 has an invalid interface number: 40 but max is 0
[  171.349794][ T5909] usb 5-1: config 28 has no interface number 0
[  171.369784][ T5909] usb 5-1: config 28 interface 40 has no altsetting 0
[  171.775629][ T5863] Bluetooth: hci0: command 0x0c1a tx timeout
[  171.775707][   T92] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  171.799613][   T92] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  172.101106][ T7209] loop9: detected capacity change from 0 to 7
[  172.861742][ T7209] Dev loop9: unable to read RDB block 7
[  172.867637][ T7209]  loop9: unable to read partition table
[  172.873493][ T7209] loop9: partition table beyond EOD, truncated
[  172.935065][ T7209] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  173.936929][ T5863] Bluetooth: hci2: command 0x0401 tx timeout
[  174.059902][   T92] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  174.066066][   T92] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  174.203614][ T5909] usb 5-1: string descriptor 0 read error: -71
[  174.229316][ T5909] usb 5-1: New USB device found, idVendor=1608, idProduct=000e, bcdDevice=ed.b1
[  174.343192][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.404197][ T5909] usb 5-1: rejected 1 configuration due to insufficient available bus power
[  174.455576][ T5909] usb 5-1: no configuration chosen from 1 choice
[  174.498637][ T5909] usb 5-1: USB disconnect, device number 8
[  174.517373][ T5871] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  175.387785][ T5871] usb 2-1: Using ep0 maxpacket: 16
[  175.394633][ T5871] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.417148][ T5871] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.452151][ T5871] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  175.483107][ T5871] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  175.498821][ T5871] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.583581][ T5871] usb 2-1: config 0 descriptor??
[  175.782152][ T7250] netlink: 'syz.4.312': attribute type 1 has an invalid length.
[  175.794508][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.4.312'.
[  176.101764][ T7259] overlayfs: failed to resolve './file0': -2
[  176.257931][ T5863] Bluetooth: hci3: command 0x0c1a tx timeout
[  176.261818][   T92] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  176.314195][ T7267] block nbd1: Attempted send on invalid socket
[  176.320576][ T7267] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  176.332082][ T7267] SQUASHFS error: Failed to read block 0x0: -5
[  176.338707][ T7267] unable to read squashfs_super_block
[  176.359263][   T92] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  176.926790][ T5871] usbhid 2-1:0.0: can't add hid device: -71
[  176.945237][ T5871] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  176.973223][ T5871] usb 2-1: USB disconnect, device number 7
[  177.054225][ T7280] loop9: detected capacity change from 0 to 7
[  177.069828][ T7280] Dev loop9: unable to read RDB block 7
[  177.075876][ T7280]  loop9: unable to read partition table
[  177.082771][ T7280] loop9: partition table beyond EOD, truncated
[  177.089197][ T7280] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  178.023454][ T7283] block nbd2: Attempted send on invalid socket
[  178.029847][ T7283] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  178.040492][ T7283] SQUASHFS error: Failed to read block 0x0: -5
[  178.047810][ T7283] unable to read squashfs_super_block
[  178.627143][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  178.627158][   T30] audit: type=1400 audit(1758270710.357:406): avc:  denied  { unmount } for  pid=5850 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  178.667899][ T5909] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  178.675809][   T44] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  178.736537][ T5863] Bluetooth: hci4: command 0x0405 tx timeout
[  178.742773][   T92] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  178.751769][   T92] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[  178.839267][   T44] usb 5-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  178.840445][ T5909] usb 2-1: Using ep0 maxpacket: 16
[  178.848597][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.862977][ T5909] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  178.883899][ T5909] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  178.892919][   T44] usb 5-1: config 0 descriptor??
[  178.895118][   T44] gspca_main: sunplus-2.14.0 probing 055f:c420
[  178.918690][ T5909] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  178.937073][ T5909] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.956567][ T5909] usb 2-1: config 0 descriptor??
[  179.155595][ T5871] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  179.393628][ T5871] usb 4-1: Using ep0 maxpacket: 8
[  179.400989][ T5871] usb 4-1: unable to get BOS descriptor or descriptor too short
[  179.410135][ T5871] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  179.425574][ T5871] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  179.439648][ T5871] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  179.450593][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.893302][   T44] gspca_sunplus: reg_w_riv err -110
[  179.898644][ T5871] usb 4-1: Product: syz
[  179.902934][   T44] sunplus 5-1:0.0: probe with driver sunplus failed with error -110
[  179.911042][ T5871] usb 4-1: Manufacturer: syz
[  179.917307][ T5871] usb 4-1: SerialNumber: syz
[  180.615115][ T7326] block nbd1: Attempted send on invalid socket
[  180.622240][ T7326] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  180.632290][ T7326] SQUASHFS error: Failed to read block 0x0: -5
[  180.638899][ T7326] unable to read squashfs_super_block
[  180.640554][ T5871] usb 4-1: USB disconnect, device number 15
[  180.967455][   T30] audit: type=1400 audit(1758270712.687:407): avc:  denied  { mount } for  pid=7327 comm="syz.2.325" name="/" dev="hugetlbfs" ino=15514 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  180.968886][ T6322] udevd[6322]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  181.043890][   T30] audit: type=1400 audit(1758270712.727:408): avc:  denied  { create } for  pid=7327 comm="syz.2.325" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=blk_file permissive=1
[  181.075072][   T30] audit: type=1400 audit(1758270712.797:409): avc:  denied  { getopt } for  pid=7327 comm="syz.2.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  181.476614][ T5909] usb 5-1: USB disconnect, device number 9
[  181.773945][ T7333] block nbd4: Attempted send on invalid socket
[  181.793146][ T7333] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  181.809964][ T7333] SQUASHFS error: Failed to read block 0x0: -5
[  181.818571][ T7333] unable to read squashfs_super_block
[  181.897770][ T7336] syz.3.327 uses obsolete (PF_INET,SOCK_PACKET)
[  182.096268][ T7344] loop9: detected capacity change from 0 to 7
[  182.134286][ T5871] usb 2-1: USB disconnect, device number 8
[  182.663178][ T7344] Dev loop9: unable to read RDB block 7
[  182.677702][ T7344]  loop9: unable to read partition table
[  182.716747][ T7344] loop9: partition table beyond EOD, truncated
[  182.724485][ T7344] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  182.783215][ T7349] block nbd3: Attempted send on invalid socket
[  182.789624][ T7349] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  182.799943][ T7349] SQUASHFS error: Failed to read block 0x0: -5
[  182.806370][ T7349] unable to read squashfs_super_block
[  182.824302][   T30] audit: type=1400 audit(1758270714.507:410): avc:  denied  { getopt } for  pid=7346 comm="syz.1.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  184.864639][ T7373] fuse: Unknown parameter '	ÿ0x0000000000000006'
[  185.475513][ T5971] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  185.838901][ T5971] usb 3-1: unable to get BOS descriptor or descriptor too short
[  185.878274][ T5971] usb 3-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  185.896534][ T7382] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  185.932178][ T5971] usb 3-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  185.946091][ T5971] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.954415][ T5971] usb 3-1: Product: syz
[  185.967200][ T5971] usb 3-1: Manufacturer: syz
[  185.971969][ T5971] usb 3-1: SerialNumber: syz
[  186.060388][ T7384] veth0: entered promiscuous mode
[  186.076303][ T7384] netlink: 33932 bytes leftover after parsing attributes in process `syz.4.341'.
[  186.088016][ T7384] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.098859][ T7384] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.132782][ T7384] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.151235][ T7384] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.299718][ T7391] loop9: detected capacity change from 0 to 7
[  186.385534][ T5916] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  187.107920][ T7391] Dev loop9: unable to read RDB block 7
[  187.113489][ T7391]  loop9: unable to read partition table
[  187.119407][ T7391] loop9: partition table beyond EOD, truncated
[  187.158010][   T30] audit: type=1400 audit(1758270718.877:411): avc:  denied  { map } for  pid=7392 comm="syz.3.344" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  187.182591][ T7391] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  187.251805][ T7394] FAULT_INJECTION: forcing a failure.
[  187.251805][ T7394] name failslab, interval 1, probability 0, space 0, times 0
[  187.274839][ T7394] CPU: 0 UID: 0 PID: 7394 Comm: syz.3.344 Not tainted syzkaller #0 PREEMPT(full) 
[  187.274864][ T7394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  187.274873][ T7394] Call Trace:
[  187.274878][ T7394]  <TASK>
[  187.274885][ T7394]  dump_stack_lvl+0x16c/0x1f0
[  187.274911][ T7394]  should_fail_ex+0x512/0x640
[  187.274937][ T7394]  should_failslab+0xc2/0x120
[  187.274959][ T7394]  __kmalloc_cache_noprof+0x6a/0x3e0
[  187.274985][ T7394]  ? __pfx_sctp_get_port_local+0x10/0x10
[  187.275006][ T7394]  ? sctp_bind_addr_match+0x193/0x300
[  187.275022][ T7394]  ? sctp_add_bind_addr+0xae/0x3f0
[  187.275042][ T7394]  sctp_add_bind_addr+0xae/0x3f0
[  187.275064][ T7394]  sctp_do_bind+0x2d6/0x700
[  187.275094][ T7394]  sctp_bindx_add+0x99/0x1e0
[  187.275122][ T7394]  sctp_setsockopt_bindx+0x242/0x290
[  187.275151][ T7394]  sctp_setsockopt+0x196b/0xb870
[  187.275177][ T7394]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  187.275208][ T7394]  ? __pfx_sctp_setsockopt+0x10/0x10
[  187.275233][ T7394]  ? find_held_lock+0x2b/0x80
[  187.275260][ T7394]  ? selinux_socket_setsockopt+0x6a/0x80
[  187.275282][ T7394]  ? sock_common_setsockopt+0x2e/0xf0
[  187.275307][ T7394]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  187.275335][ T7394]  do_sock_setsockopt+0xf3/0x1d0
[  187.275363][ T7394]  __sys_setsockopt+0x1a0/0x230
[  187.275386][ T7394]  __x64_sys_setsockopt+0xbd/0x160
[  187.275403][ T7394]  ? do_syscall_64+0x91/0x4e0
[  187.275428][ T7394]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.275447][ T7394]  do_syscall_64+0xcd/0x4e0
[  187.275469][ T7394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.275488][ T7394] RIP: 0033:0x7f346838eba9
[  187.275503][ T7394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.275519][ T7394] RSP: 002b:00007f3469232038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  187.275535][ T7394] RAX: ffffffffffffffda RBX: 00007f34685d6090 RCX: 00007f346838eba9
[  187.275547][ T7394] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000005
[  187.275557][ T7394] RBP: 00007f3469232090 R08: 0000000000000010 R09: 0000000000000000
[  187.275567][ T7394] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  187.275576][ T7394] R13: 00007f34685d6128 R14: 00007f34685d6090 R15: 00007ffc85692958
[  187.275596][ T7394]  </TASK>
[  187.546497][ T5916] usb 5-1: Using ep0 maxpacket: 32
[  187.627571][ T5916] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  187.687269][ T5916] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  187.725585][ T5916] usb 5-1: config 0 has no interface number 0
[  187.781410][ T5916] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  187.790544][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.798553][ T5916] usb 5-1: Product: syz
[  187.802697][ T5916] usb 5-1: Manufacturer: syz
[  187.807275][ T5916] usb 5-1: SerialNumber: syz
[  187.813409][ T5971] usb 3-1: reset high-speed USB device number 13 using dummy_hcd
[  187.823050][ T5916] usb 5-1: config 0 descriptor??
[  187.830337][ T5916] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  187.886234][ T7396] overlayfs: failed to resolve './file1': -2
[  188.006902][ T5971] usb 3-1: unable to get BOS descriptor or descriptor too short
[  188.135242][ T5971] usb 3-1: USB disconnect, device number 13
[  188.287984][ T5916] usb 5-1: qt2_attach - failed to power on unit: -71
[  188.294806][ T5916] quatech2 5-1:0.51: probe with driver quatech2 failed with error -71
[  188.306264][ T7383] veth0: left promiscuous mode
[  188.333673][ T5916] usb 5-1: USB disconnect, device number 10
[  188.444487][   T30] audit: type=1400 audit(1758270720.167:412): avc:  denied  { create } for  pid=7407 comm="syz.2.348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  188.935119][   T30] audit: type=1400 audit(1758270720.657:413): avc:  denied  { getopt } for  pid=7407 comm="syz.2.348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  188.954591][    C0] vkms_vblank_simulate: vblank timer overrun
[  189.156303][ T7415] netlink: 64 bytes leftover after parsing attributes in process `syz.2.350'.
[  189.435866][   T44] usb 2-1: new low-speed USB device number 9 using dummy_hcd
[  189.450856][ T7423] loop9: detected capacity change from 0 to 7
[  189.459977][ T7423] Dev loop9: unable to read RDB block 7
[  189.465605][ T7423]  loop9: unable to read partition table
[  189.471295][ T7423] loop9: partition table beyond EOD, truncated
[  189.477457][ T7423] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  189.531084][ T7425] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5124 sclass=netlink_route_socket pid=7425 comm=syz.4.353
[  189.544706][ T7425] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=7425 comm=syz.4.353
[  189.618688][   T30] audit: type=1400 audit(1758270721.347:414): avc:  denied  { map } for  pid=7424 comm="syz.3.355" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  189.628973][ T7426] binder: transaction release 7 bad handle 1, ret = -22
[  189.659332][   T44] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  189.701215][   T44] usb 2-1: config 0 has no interface number 0
[  189.720849][   T30] audit: type=1400 audit(1758270721.347:415): avc:  denied  { call } for  pid=7424 comm="syz.3.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  189.739631][   T44] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  189.761133][   T44] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  189.780096][   T30] audit: type=1400 audit(1758270721.347:416): avc:  denied  { transfer } for  pid=7424 comm="syz.3.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  189.811484][ T7432] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[  189.839937][   T44] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  189.859238][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.941111][   T44] usb 2-1: config 0 descriptor??
[  189.947353][ T7417] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  189.960555][   T44] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  190.232681][   T30] audit: type=1400 audit(1758270721.957:417): avc:  denied  { execute } for  pid=7416 comm="syz.1.351" name="file0" dev="tmpfs" ino=415 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  190.254686][    C0] vkms_vblank_simulate: vblank timer overrun
[  190.277432][ T7440] block nbd4: Attempted send on invalid socket
[  190.339449][ T7440] I/O error, dev nbd4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.375661][ T5971] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  190.403640][ T7440] block nbd4: Attempted send on invalid socket
[  190.474270][   T30] audit: type=1400 audit(1758270721.957:418): avc:  denied  { execute_no_trans } for  pid=7416 comm="syz.1.351" path="/76/file0" dev="tmpfs" ino=415 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  190.495565][ T7440] I/O error, dev nbd4, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.500893][   T30] audit: type=1400 audit(1758270721.987:419): avc:  denied  { name_bind } for  pid=7416 comm="syz.1.351" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  190.516560][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  190.633546][ T5971] usb 4-1: config 0 has an invalid interface number: 29 but max is 0
[  190.641893][ T5971] usb 4-1: config 0 has no interface number 0
[  190.649587][ T5971] usb 4-1: config 0 interface 29 has no altsetting 0
[  190.659458][ T7440] block nbd4: Attempted send on invalid socket
[  190.661790][ T5971] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  190.665899][ T7440] I/O error, dev nbd4, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.685123][ T5971] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.693470][ T5971] usb 4-1: Product: syz
[  190.700530][ T5971] usb 4-1: Manufacturer: syz
[  190.717921][ T5971] usb 4-1: SerialNumber: syz
[  190.724073][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  190.753387][ T7440] block nbd4: Attempted send on invalid socket
[  190.762812][ T7440] I/O error, dev nbd4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.776379][ T7440] block nbd4: Attempted send on invalid socket
[  190.782674][ T7440] I/O error, dev nbd4, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.793836][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  190.810550][ T7440] block nbd4: Attempted send on invalid socket
[  190.817188][ T7440] I/O error, dev nbd4, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.830338][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  190.890016][ T5971] usb 4-1: config 0 descriptor??
[  190.973761][ T7440] block nbd4: Attempted send on invalid socket
[  190.982695][ T7440] I/O error, dev nbd4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  190.992363][ T7440] block nbd4: Attempted send on invalid socket
[  191.000858][ T7440] I/O error, dev nbd4, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  191.011989][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  191.023071][ T7440] block nbd4: Attempted send on invalid socket
[  191.029734][ T7440] I/O error, dev nbd4, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  191.040442][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  191.059656][ T7440] block nbd4: Attempted send on invalid socket
[  191.080974][ T7440] I/O error, dev nbd4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  191.109224][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  191.123546][ T7440] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  191.133580][ T7440] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  191.232296][ T7438] netlink: 16 bytes leftover after parsing attributes in process `syz.3.357'.
[  191.243188][ T7438] netlink: 12 bytes leftover after parsing attributes in process `syz.3.357'.
[  191.263933][ T5971] peak_usb 4-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  191.921113][ T7449] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  191.927811][ T7449] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  191.936950][ T7449] vhci_hcd vhci_hcd.0: Device attached
[  192.209422][ T5916] usb 2-1: USB disconnect, device number 9
[  192.246273][    T9] usb 38-1: SetAddress Request (2) to port 0
[  192.265136][    T9] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  192.275358][ T7451] vhci_hcd: connection closed
[  192.303652][ T3649] vhci_hcd: stop threads
[  192.345579][ T3649] vhci_hcd: release socket
[  192.383418][ T3649] vhci_hcd: disconnect device
[  192.455167][ T7459] veth0: entered promiscuous mode
[  192.523714][ T7461] netlink: 33932 bytes leftover after parsing attributes in process `syz.4.362'.
[  192.795517][   T44] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  192.985858][   T44] usb 5-1: Using ep0 maxpacket: 32
[  192.993405][   T44] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  193.002954][   T44] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.021514][   T44] usb 5-1: config 0 has no interface number 0
[  193.031114][   T44] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  193.040608][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.042215][   T30] audit: type=1400 audit(1758270724.777:420): avc:  denied  { watch } for  pid=7465 comm="syz.2.364" path="/92/file0" dev="tmpfs" ino=505 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  193.052135][   T44] usb 5-1: Product: syz
[  193.071458][    C0] vkms_vblank_simulate: vblank timer overrun
[  193.071713][   T30] audit: type=1400 audit(1758270724.777:421): avc:  denied  { watch_sb watch_reads } for  pid=7465 comm="syz.2.364" path="/92/file0" dev="tmpfs" ino=505 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  193.105232][    C0] vkms_vblank_simulate: vblank timer overrun
[  193.117334][   T44] usb 5-1: Manufacturer: syz
[  193.122154][   T44] usb 5-1: SerialNumber: syz
[  193.168038][   T44] usb 5-1: config 0 descriptor??
[  193.169407][   T30] audit: type=1400 audit(1758270724.837:422): avc:  denied  { write } for  pid=7465 comm="syz.2.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  193.212126][   T44] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  193.452170][ T7469] loop9: detected capacity change from 0 to 7
[  193.459240][ T7469] Dev loop9: unable to read RDB block 7
[  193.465120][ T7469]  loop9: unable to read partition table
[  193.471078][ T7469] loop9: partition table beyond EOD, truncated
[  193.477272][ T7469] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  193.604587][ T7458] veth0: left promiscuous mode
[  193.613330][   T44] usb 5-1: qt2_attach - failed to power on unit: -71
[  193.648009][   T44] quatech2 5-1:0.51: probe with driver quatech2 failed with error -71
[  193.692250][   T44] usb 5-1: USB disconnect, device number 11
[  193.793924][ T5971] peak_usb 4-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[  193.812715][ T5971] peak_usb 4-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[  193.845979][   T30] audit: type=1400 audit(1758270725.567:423): avc:  denied  { append } for  pid=7475 comm="syz.2.368" name="video6" dev="devtmpfs" ino=938 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  193.886056][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  193.896345][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.097793][ T5971] peak_usb 4-1:0.29: probe with driver peak_usb failed with error -71
[  194.520726][ T5971] usb 4-1: USB disconnect, device number 16
[  194.535847][ T5985] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  194.742899][ T5985] usb 2-1: unable to get BOS descriptor or descriptor too short
[  194.752106][ T5985] usb 2-1: not running at top speed; connect to a high speed hub
[  194.762399][ T5985] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  194.784133][ T5985] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  194.806061][ T5985] usb 2-1: string descriptor 0 read error: -22
[  194.819375][ T7487] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  194.831673][ T5985] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  194.882988][ T5985] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.985943][ T5971] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  195.080116][ T5985] usb 2-1: 0:2 : does not exist
[  195.226597][ T5971] usb 4-1: config 0 has an invalid interface number: 29 but max is 0
[  195.234857][ T5971] usb 4-1: config 0 has no interface number 0
[  195.241905][ T5971] usb 4-1: config 0 interface 29 has no altsetting 0
[  195.290564][ T5971] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  195.299854][ T5971] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.659396][ T5971] usb 4-1: Product: syz
[  195.677656][ T5971] usb 4-1: Manufacturer: syz
[  195.770597][ T5971] usb 4-1: SerialNumber: syz
[  195.833559][ T5971] usb 4-1: config 0 descriptor??
[  196.128839][ T5985] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[  196.140662][ T5985] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[  196.152596][ T7493] program syz.4.371 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  196.170527][ T5985] usb 2-1: 5:0: failed to get current value for ch 1 (-22)
[  196.221227][ T5985] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[  196.233890][ T5985] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[  196.257461][ T7483] netlink: 16 bytes leftover after parsing attributes in process `syz.3.369'.
[  196.266458][ T7483] netlink: 12 bytes leftover after parsing attributes in process `syz.3.369'.
[  196.315554][ T5971] peak_usb 4-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  196.326504][ T5985] usb 2-1: USB disconnect, device number 10
[  196.615617][ T7495] netlink: 'syz.4.372': attribute type 10 has an invalid length.
[  196.632883][ T7495] team0: Port device netdevsim0 added
[  196.936418][ T7504] netlink: 'syz.1.373': attribute type 11 has an invalid length.
[  197.326010][ T5985] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  197.335955][ T1539] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  197.395337][    T9] usb 38-1: device descriptor read/8, error -110
[  197.480244][ T7513] loop9: detected capacity change from 0 to 7
[  197.487392][ T7513] Dev loop9: unable to read RDB block 7
[  197.492950][ T7513]  loop9: unable to read partition table
[  197.498727][ T7513] loop9: partition table beyond EOD, truncated
[  197.504880][ T7513] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  197.520035][ T5985] usb 2-1: Using ep0 maxpacket: 32
[  197.528055][ T1539] usb 5-1: unable to get BOS descriptor or descriptor too short
[  197.549252][ T1539] usb 5-1: not running at top speed; connect to a high speed hub
[  197.558645][ T5985] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  197.569857][ T5985] usb 2-1: config 0 has no interface number 0
[  197.578724][ T5985] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  197.590877][ T1539] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  197.637648][ T1539] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  197.669418][ T5985] usb 2-1: config 0 interface 196 has no altsetting 0
[  197.683966][ T1539] usb 5-1: string descriptor 0 read error: -22
[  197.702339][ T5985] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  197.715531][ T5985] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.737113][ T1539] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  197.755533][ T5985] usb 2-1: Product: syz
[  197.762816][ T5985] usb 2-1: Manufacturer: syz
[  197.771088][ T1539] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.781416][ T5985] usb 2-1: SerialNumber: syz
[  197.818196][ T5985] usb 2-1: config 0 descriptor??
[  197.834197][ T1539] usb 5-1: 0:2 : does not exist
[  197.854747][ T7509] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  197.866669][    T9] usb usb38-port1: attempt power cycle
[  198.279463][ T1539] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  198.309743][ T1539] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  198.321828][ T1539] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  198.353216][ T1539] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  198.365138][ T1539] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  198.378049][   T10] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  198.378516][ T1539] usb 5-1: USB disconnect, device number 12
[  198.446926][    T9] usb usb38-port1: unable to enumerate USB device
[  198.579855][   T10] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  198.589984][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.617893][   T10] usb 3-1: config 0 descriptor??
[  198.643177][ T5971] peak_usb 4-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[  198.666120][ T5971] peak_usb 4-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[  198.763145][   T10] gspca_main: sunplus-2.14.0 probing 055f:c420
[  198.825990][ T5971] peak_usb 4-1:0.29: probe with driver peak_usb failed with error -71
[  199.164007][ T5971] usb 4-1: USB disconnect, device number 17
[  199.719333][   T10] gspca_sunplus: reg_w_riv err -110
[  199.731768][   T10] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  200.122945][ T5985] ipheth 2-1:0.196: ipheth_get_macaddr: usb_control_msg: -71
[  200.176410][ T5985] ipheth 2-1:0.196: probe with driver ipheth failed with error -71
[  200.227512][ T5985] usb 2-1: USB disconnect, device number 11
[  200.356612][ T7530] netlink: 24 bytes leftover after parsing attributes in process `syz.1.382'.
[  200.432496][ T7532] FAULT_INJECTION: forcing a failure.
[  200.432496][ T7532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.489836][ T7532] CPU: 0 UID: 0 PID: 7532 Comm: syz.4.383 Not tainted syzkaller #0 PREEMPT(full) 
[  200.489863][ T7532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  200.489874][ T7532] Call Trace:
[  200.489880][ T7532]  <TASK>
[  200.489887][ T7532]  dump_stack_lvl+0x16c/0x1f0
[  200.489914][ T7532]  should_fail_ex+0x512/0x640
[  200.489941][ T7532]  _copy_from_user+0x2e/0xd0
[  200.489967][ T7532]  copy_msghdr_from_user+0x98/0x160
[  200.489990][ T7532]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  200.490023][ T7532]  ___sys_sendmsg+0xfe/0x1d0
[  200.490046][ T7532]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.490100][ T7532]  __sys_sendmsg+0x16d/0x220
[  200.490122][ T7532]  ? __pfx___sys_sendmsg+0x10/0x10
[  200.490160][ T7532]  do_syscall_64+0xcd/0x4e0
[  200.490185][ T7532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.490203][ T7532] RIP: 0033:0x7ffb54f8eba9
[  200.490217][ T7532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.490234][ T7532] RSP: 002b:00007ffb55e81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.490251][ T7532] RAX: ffffffffffffffda RBX: 00007ffb551d5fa0 RCX: 00007ffb54f8eba9
[  200.490262][ T7532] RDX: 0000000000040010 RSI: 0000200000000080 RDI: 0000000000000003
[  200.490272][ T7532] RBP: 00007ffb55e81090 R08: 0000000000000000 R09: 0000000000000000
[  200.490282][ T7532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.490292][ T7532] R13: 00007ffb551d6038 R14: 00007ffb551d5fa0 R15: 00007fffabfe7728
[  200.490317][ T7532]  </TASK>
[  201.122832][ T5971] usb 3-1: USB disconnect, device number 14
[  201.955206][ T7552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5124 sclass=netlink_route_socket pid=7552 comm=syz.4.388
[  201.982935][ T7549] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=7549 comm=syz.4.388
[  202.377856][ T7559] netlink: 20 bytes leftover after parsing attributes in process `syz.4.389'.
[  202.497524][ T7561] devpts: Bad value for 'max'
[  202.581690][ T7561] netlink: 'syz.1.390': attribute type 4 has an invalid length.
[  202.600286][ T7561] netlink: 32 bytes leftover after parsing attributes in process `syz.1.390'.
[  202.928434][ T7568] overlayfs: failed lookup in lower (newroot/100, name='bus', err=-40): overlapping layers
[  203.156286][ T7570] netlink: 24 bytes leftover after parsing attributes in process `syz.3.391'.
[  203.171397][   T30] audit: type=1400 audit(1758270734.897:424): avc:  denied  { bind } for  pid=7563 comm="syz.3.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  203.260600][   T30] audit: type=1400 audit(1758270734.897:425): avc:  denied  { listen } for  pid=7563 comm="syz.3.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  203.298680][   T30] audit: type=1400 audit(1758270735.017:426): avc:  denied  { connect } for  pid=7563 comm="syz.3.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  203.435940][   T30] audit: type=1400 audit(1758270735.047:427): avc:  denied  { write } for  pid=7563 comm="syz.3.391" path="socket:[16470]" dev="sockfs" ino=16470 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  255.308025][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  255.314332][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  316.741979][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  316.748340][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  323.137148][   T31] INFO: task kworker/0:2:92 blocked for more than 143 seconds.
[  323.144702][   T31]       Not tainted syzkaller #0
[  323.149696][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  323.158461][   T31] task:kworker/0:2     state:D stack:25576 pid:92    tgid:92    ppid:2      task_flags:0x4208060 flags:0x00004000
[  323.170553][   T31] Workqueue: events rfkill_op_handler
[  323.175974][   T31] Call Trace:
[  323.179255][   T31]  <TASK>
[  323.182173][   T31]  __schedule+0x1190/0x5de0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  323.186862][   T31]  ? __pfx___schedule+0x10/0x10
[  323.191722][   T31]  ? find_held_lock+0x2b/0x80
[  323.196501][   T31]  ? schedule+0x2d7/0x3a0
[  323.201060][   T31]  ? nfc_dev_down+0x2d/0x2e0
[  323.205752][   T31]  schedule+0xe7/0x3a0
[  323.215453][   T31]  schedule_preempt_disabled+0x13/0x30
[  323.220940][   T31]  __mutex_lock+0x81b/0x1060
[  323.265528][   T31]  ? nfc_dev_down+0x2d/0x2e0
[  323.270757][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  323.276240][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  323.281275][   T31]  ? netif_close+0xa2/0x230
[  323.286085][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[  323.291117][   T31]  ? nfc_dev_down+0x2d/0x2e0
[  323.296023][   T31]  nfc_dev_down+0x2d/0x2e0
[  323.300428][   T31]  nfc_rfkill_set_block+0x39/0xe0
[  323.305466][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  323.311183][   T31]  rfkill_set_block+0x1fb/0x550
[  323.316098][   T31]  rfkill_epo+0x8e/0x1d0
[  323.320335][   T31]  rfkill_op_handler+0x262/0x280
[  323.325251][   T31]  process_one_work+0x9cc/0x1b70
[  323.330258][   T31]  ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10
[  323.336803][   T31]  ? __pfx_process_one_work+0x10/0x10
[  323.342175][   T31]  ? assign_work+0x1a0/0x250
[  323.346818][   T31]  worker_thread+0x6c8/0xf10
[  323.351421][   T31]  ? __kthread_parkme+0x19e/0x250
[  323.356482][   T31]  ? __pfx_worker_thread+0x10/0x10
[  323.361606][   T31]  kthread+0x3c2/0x780
[  323.365778][   T31]  ? __pfx_kthread+0x10/0x10
[  323.370376][   T31]  ? rcu_is_watching+0x12/0xc0
[  323.375125][   T31]  ? __pfx_kthread+0x10/0x10
[  323.379822][   T31]  ret_from_fork+0x56a/0x730
[  323.384415][   T31]  ? __pfx_kthread+0x10/0x10
[  323.389062][   T31]  ret_from_fork_asm+0x1a/0x30
[  323.393845][   T31]  </TASK>
[  323.397046][   T31] INFO: task kworker/0:6:5923 blocked for more than 143 seconds.
[  323.404751][   T31]       Not tainted syzkaller #0
[  323.409897][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  323.418593][   T31] task:kworker/0:6     state:D stack:24600 pid:5923  tgid:5923  ppid:2      task_flags:0x4208060 flags:0x00004000
[  323.430594][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  323.437321][   T31] Call Trace:
[  323.440585][   T31]  <TASK>
[  323.443506][   T31]  __schedule+0x1190/0x5de0
[  323.448078][   T31]  ? find_held_lock+0x2b/0x80
[  323.452756][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  323.458725][   T31]  ? __pfx___schedule+0x10/0x10
[  323.463590][   T31]  ? find_held_lock+0x2b/0x80
[  323.468307][   T31]  ? schedule+0x2d7/0x3a0
[  323.472636][   T31]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[  323.479008][   T31]  schedule+0xe7/0x3a0
[  323.483073][   T31]  schedule_preempt_disabled+0x13/0x30
[  323.488579][   T31]  __mutex_lock+0x81b/0x1060
[  323.493166][   T31]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[  323.499539][   T31]  ? __lock_acquire+0xb97/0x1ce0
[  323.504478][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  323.509531][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  323.515354][   T31]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[  323.521863][   T31]  rfkill_global_led_trigger_worker+0x1b/0x160
[  323.528097][   T31]  process_one_work+0x9cc/0x1b70
[  323.533034][   T31]  ? __pfx_defense_work_handler+0x10/0x10
[  323.538794][   T31]  ? __pfx_process_one_work+0x10/0x10
[  323.544162][   T31]  ? assign_work+0x1a0/0x250
[  323.548774][   T31]  worker_thread+0x6c8/0xf10
[  323.553368][   T31]  ? __pfx_worker_thread+0x10/0x10
[  323.558555][   T31]  kthread+0x3c2/0x780
[  323.562618][   T31]  ? __pfx_kthread+0x10/0x10
[  323.567264][   T31]  ? rcu_is_watching+0x12/0xc0
[  323.572026][   T31]  ? __pfx_kthread+0x10/0x10
[  323.576644][   T31]  ret_from_fork+0x56a/0x730
[  323.581225][   T31]  ? __pfx_kthread+0x10/0x10
[  323.585832][   T31]  ret_from_fork_asm+0x1a/0x30
[  323.590598][   T31]  </TASK>
[  323.593610][   T31] INFO: task syz.0.297:7153 blocked for more than 143 seconds.
[  323.601204][   T31]       Not tainted syzkaller #0
[  323.606172][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  323.614836][   T31] task:syz.0.297       state:D stack:26264 pid:7153  tgid:7153  ppid:5849   task_flags:0x400040 flags:0x00004004
[  323.626902][   T31] Call Trace:
[  323.630171][   T31]  <TASK>
[  323.633078][   T31]  __schedule+0x1190/0x5de0
[  323.637648][   T31]  ? __pfx___schedule+0x10/0x10
[  323.642497][   T31]  ? find_held_lock+0x2b/0x80
[  323.647225][   T31]  ? schedule+0x2d7/0x3a0
[  323.651554][   T31]  ? rfkill_unregister+0xec/0x2c0
[  323.656630][   T31]  schedule+0xe7/0x3a0
[  323.660701][   T31]  schedule_preempt_disabled+0x13/0x30
[  323.666222][   T31]  __mutex_lock+0x81b/0x1060
[  323.670806][   T31]  ? class_to_subsys+0x10f/0x160
[  323.675757][   T31]  ? rfkill_unregister+0xec/0x2c0
[  323.680782][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  323.685851][   T31]  ? device_del+0x6b6/0x9f0
[  323.690363][   T31]  ? __pfx_device_del+0x10/0x10
[  323.695193][   T31]  ? rfkill_unregister+0xec/0x2c0
[  323.700237][   T31]  rfkill_unregister+0xec/0x2c0
[  323.705087][   T31]  nfc_unregister_device+0x94/0x330
[  323.710348][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  323.716107][   T31]  virtual_ncidev_close+0x4b/0xa0
[  323.721135][   T31]  __fput+0x3ff/0xb70
[  323.725125][   T31]  task_work_run+0x150/0x240
[  323.729784][   T31]  ? __pfx_task_work_run+0x10/0x10
[  323.734914][   T31]  ? __pfx___do_sys_close_range+0x10/0x10
[  323.740851][   T31]  exit_to_user_mode_loop+0xeb/0x110
[  323.746203][   T31]  do_syscall_64+0x41c/0x4e0
[  323.750800][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.756720][   T31] RIP: 0033:0x7fe01b78eba9
[  323.761122][   T31] RSP: 002b:00007ffca132eb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  323.769565][   T31] RAX: 0000000000000000 RBX: 00007fe01b9d7da0 RCX: 00007fe01b78eba9
[  323.777629][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  323.785650][   T31] RBP: 00007fe01b9d7da0 R08: 0000000000000234 R09: 0000001ea132ee7f
[  323.793626][   T31] R10: 00000000003ffba8 R11: 0000000000000246 R12: 00000000000298cf
[  323.801644][   T31] R13: 00007ffca132ec80 R14: ffffffffffffffff R15: 00007ffca132eca0
[  323.809652][   T31]  </TASK>
[  323.812670][   T31] 
[  323.812670][   T31] Showing all locks held in the system:
[  323.822130][   T31] 1 lock held by ksoftirqd/0/15:
[  323.828509][   T31]  #0: ffff8880b843a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  323.838555][   T31] 1 lock held by khungtaskd/31:
[  323.843407][   T31]  #0: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  323.853407][   T31] 4 locks held by kworker/0:2/92:
[  323.858501][   T31]  #0: ffff88801b878d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  323.869089][   T31]  #1: ffffc900025efd10 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  323.879585][   T31]  #2: ffffffff90822768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x55/0x1d0
[  323.889084][   T31]  #3: ffff8880308b7100 (&dev->mutex){....}-{4:4}, at: nfc_dev_down+0x2d/0x2e0
[  323.898099][   T31] 2 locks held by getty/5612:
[  323.902746][   T31]  #0: ffff888035db70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  323.912516][   T31]  #1: ffffc900036c32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  323.922673][   T31] 3 locks held by kworker/0:6/5923:
[  323.927905][   T31]  #0: ffff88801b878d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  323.938442][   T31]  #1: ffffc9000511fd10 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  323.951375][   T31]  #2: ffffffff90822768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x1b/0x160
[  323.962819][   T31] 2 locks held by syz.0.297/7153:
[  323.967979][   T31]  #0: ffff8880308b7100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x60/0x330
[  323.978229][   T31]  #1: ffffffff90822768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xec/0x2c0
[  323.988394][   T31] 2 locks held by syz-executor/7378:
[  323.993663][   T31]  #0: ffff888058f43918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[  324.003065][   T31]  #1: ffffffff90822768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[  324.013007][   T31] 2 locks held by syz.4.389/7554:
[  324.018032][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.026518][   T31]  #1: ffffffff90822768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x136/0x750
[  324.036559][   T31] 1 lock held by syz.1.394/7573:
[  324.041477][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.049946][   T31] 1 lock held by syz.2.393/7576:
[  324.054863][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.063355][   T31] 1 lock held by syz.3.395/7578:
[  324.068356][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.076971][   T31] 1 lock held by syz-executor/7581:
[  324.082154][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.090610][   T31] 1 lock held by syz-executor/7584:
[  324.096053][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.104498][   T31] 1 lock held by syz-executor/7585:
[  324.109723][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.118196][   T31] 1 lock held by syz-executor/7587:
[  324.123365][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.131825][   T31] 1 lock held by syz-executor/7593:
[  324.137025][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.145487][   T31] 1 lock held by syz-executor/7595:
[  324.150692][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.159164][   T31] 1 lock held by syz-executor/7598:
[  324.164354][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.172832][   T31] 1 lock held by syz-executor/7599:
[  324.178041][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.186677][   T31] 1 lock held by syz-executor/7601:
[  324.191867][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.200343][   T31] 1 lock held by syz-executor/7606:
[  324.205561][   T31]  #0: ffffffff8f304828 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  324.214025][   T31] 
[  324.216383][   T31] =============================================
[  324.216383][   T31] 
[  324.224772][   T31] NMI backtrace for cpu 0
[  324.224782][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  324.224795][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  324.224802][   T31] Call Trace:
[  324.224806][   T31]  <TASK>
[  324.224810][   T31]  dump_stack_lvl+0x116/0x1f0
[  324.224829][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  324.224841][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  324.224859][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  324.224872][   T31]  watchdog+0xf0e/0x1260
[  324.224888][   T31]  ? __pfx_watchdog+0x10/0x10
[  324.224899][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  324.224913][   T31]  ? __kthread_parkme+0x19e/0x250
[  324.224930][   T31]  ? __pfx_watchdog+0x10/0x10
[  324.224942][   T31]  kthread+0x3c2/0x780
[  324.224954][   T31]  ? __pfx_kthread+0x10/0x10
[  324.224965][   T31]  ? rcu_is_watching+0x12/0xc0
[  324.224979][   T31]  ? __pfx_kthread+0x10/0x10
[  324.224997][   T31]  ret_from_fork+0x56a/0x730
[  324.225007][   T31]  ? __pfx_kthread+0x10/0x10
[  324.225018][   T31]  ret_from_fork_asm+0x1a/0x30
[  324.225038][   T31]  </TASK>
[  324.225042][   T31] Sending NMI from CPU 0 to CPUs 1:
[  324.340009][    C1] NMI backtrace for cpu 1
[  324.340023][    C1] CPU: 1 UID: 0 PID: 78 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[  324.340039][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  324.340047][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  324.340070][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70
[  324.340088][    C1] Code: 96 d7 55 00 48 89 df 5b e9 1d 5f 5b 00 be 03 00 00 00 5b e9 f2 5c 28 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 34 24 65 48 8b 15 88 42 1b 12 65 8b 05 99 42 1b
[  324.340100][    C1] RSP: 0018:ffffc9000210fc58 EFLAGS: 00000246
[  324.340110][    C1] RAX: 0000000000000000 RBX: ffff88823be1af40 RCX: ffffffff8182dd2d
[  324.340119][    C1] RDX: ffff88801d74c880 RSI: 0000000000000000 RDI: 0000000000000005
[  324.340126][    C1] RBP: ffff888079ef8000 R08: 0000000000000005 R09: 0000000000000000
[  324.340134][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88801d74c880
[  324.340141][    C1] R13: 0000000000000000 R14: ffffffff90aba654 R15: 0000000000000000
[  324.340149][    C1] FS:  0000000000000000(0000) GS:ffff8881247b2000(0000) knlGS:0000000000000000
[  324.340162][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  324.340170][    C1] CR2: 000055c626df2b48 CR3: 000000000e380000 CR4: 00000000003526f0
[  324.340179][    C1] Call Trace:
[  324.340183][    C1]  <TASK>
[  324.340188][    C1]  process_one_work+0x128c/0x1b70
[  324.340207][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  324.340221][    C1]  ? __pfx_process_one_work+0x10/0x10
[  324.340243][    C1]  ? assign_work+0x1a0/0x250
[  324.340257][    C1]  worker_thread+0x6c8/0xf10
[  324.340272][    C1]  ? __kthread_parkme+0x19e/0x250
[  324.340290][    C1]  ? __pfx_worker_thread+0x10/0x10
[  324.340303][    C1]  kthread+0x3c2/0x780
[  324.340315][    C1]  ? __pfx_kthread+0x10/0x10
[  324.340328][    C1]  ? rcu_is_watching+0x12/0xc0
[  324.340344][    C1]  ? __pfx_kthread+0x10/0x10
[  324.340355][    C1]  ret_from_fork+0x56a/0x730
[  324.340367][    C1]  ? __pfx_kthread+0x10/0x10
[  324.340378][    C1]  ret_from_fork_asm+0x1a/0x30
[  324.340398][    C1]  </TASK>
[  324.341053][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  324.549135][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  324.558225][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  324.568261][   T31] Call Trace:
[  324.571521][   T31]  <TASK>
[  324.574433][   T31]  dump_stack_lvl+0x3d/0x1f0
[  324.579012][   T31]  vpanic+0x6e8/0x7a0
[  324.582981][   T31]  ? __pfx_vpanic+0x10/0x10
[  324.587475][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  324.593446][   T31]  panic+0xca/0xd0
[  324.597145][   T31]  ? __pfx_panic+0x10/0x10
[  324.601550][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  324.606907][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b1/0x300
[  324.613039][   T31]  ? watchdog+0xd78/0x1260
[  324.617437][   T31]  ? watchdog+0xd6b/0x1260
[  324.621833][   T31]  watchdog+0xd89/0x1260
[  324.626059][   T31]  ? __pfx_watchdog+0x10/0x10
[  324.630716][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  324.635897][   T31]  ? __kthread_parkme+0x19e/0x250
[  324.640909][   T31]  ? __pfx_watchdog+0x10/0x10
[  324.645565][   T31]  kthread+0x3c2/0x780
[  324.649613][   T31]  ? __pfx_kthread+0x10/0x10
[  324.654182][   T31]  ? rcu_is_watching+0x12/0xc0
[  324.658931][   T31]  ? __pfx_kthread+0x10/0x10
[  324.663499][   T31]  ret_from_fork+0x56a/0x730
[  324.668066][   T31]  ? __pfx_kthread+0x10/0x10
[  324.672653][   T31]  ret_from_fork_asm+0x1a/0x30
[  324.677432][   T31]  </TASK>
[  324.680635][   T31] Kernel Offset: disabled
[  324.684939][   T31] Rebooting in 86400 seconds..