last executing test programs:

13.919865852s ago: executing program 1 (id=1481):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = dup3(0xffffffffffffffff, r1, 0x0)
ioctl$SNDRV_PCM_IOCTL_READN_FRAMES(r2, 0x80184153, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000080), 0x2, 0x80)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$peek(0x1, r3, &(0x7f0000000100))
ptrace$poke(0x4, r3, 0x0, 0x2)
r4 = socket(0x10, 0x80002, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e140000001a00ffffba16a0aa1c091dbfa1090000", 0x38}], 0x1}, 0x0)
sendmmsg$alg(r4, &(0x7f0000000180)=[{0x2, 0x1000000000000, &(0x7f0000000080), 0x6, &(0x7f0000000100), 0xf}], 0x492492492492642, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_STOP_AP(r5, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0)
syz_clone(0x2000300, 0x0, 0x35, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x6e, &(0x7f00000016c0)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x1, 0x20, 0x60, 0x64, 0x0, 0x6, 0x11, 0x0, @empty, @multicast1, {[@ra={0x94, 0x4, 0x1}]}}, {0x4e23, 0x4e23, 0x48, 0x0, @wg=@cookie={0x3, 0x4, "af3741495c2d489bb44aa0626ca7895e9409a659b4ef94e6", "0e510dd776982e11562021340b296972dfd04230653f5cb2eeb0bcdefce2b91c"}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000000340)=""/102392, 0x18ff8)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r7, &(0x7f0000000600)=[{&(0x7f0000000000)="010000", 0x3}, {0x0}], 0x2, 0x3, 0x7fffffff)
shmctl$IPC_RMID(0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0xff)

13.103756805s ago: executing program 1 (id=1485):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='numa_maps\x00')
set_mempolicy(0x4000, &(0x7f00000000c0)=0x7, 0xa)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000580)="e3e039700cb727921d709a0b53a17a8c3132eba9f529c929d5c51db1200c3fbf5627a4b1a75a0d23dc4d6a83e4e8b6e3e52c348a89cac178", 0x38, 0x24000010, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binfmt_format(0xffffff9c, &(0x7f0000000080)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRES32=<r7=>0xffffffffffffffff, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
mount$afs(&(0x7f0000000040)=ANY=[@ANYBLOB='#ayz1:'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$afs(&(0x7f0000001fc0)=ANY=[@ANYRESHEX=r0, @ANYRES16=r4, @ANYRESOCT=r6, @ANYBLOB="30d154bf56498667155144e3deeb60dbf2811f85139a315fd9aba95acdb2a480ef0dcfcd2cac443b0135741e91e0125e9e82403159166a49355bdd7fc0aa9c06266f53a11b53104f5eea607275cbac4c7a591e4578639cf2cae63bef8f1c5108c63e6c9b2d756ad2f0bbd8848de593c10925daed6a78c75c524a065df814d3e2c8cfd94eaa84378d6450fe8fc49b5007d26286885d4ce1d3cd1fc918d298c24ef8d79b5ad6100b2c1c0b4540628008e7449ed19488885db04a32e0", @ANYRES8=0x0, @ANYRES64=r7, @ANYRES16=r7, @ANYBLOB="2dc306f662ce6a744a78bf8fbda7fc7e23b55233d03bfe52c8bc8881e7e6bc62c987fda7f73053e5d1f8c9234f0caed57efe5b585506a84db4876c75231db4cc23b65bb815bc26b4e4596c42cffe6cf7b5a1cdea524d6c2c88177ba56dbe64169bed7d8bdb70b518ee82a8267c9b740d1fcdd9fa81bc252a34b8932e17d39ccd9d1d15b79da19b7cdcaad5e40ef89fc46b5d1138ef2380055b8454be5a31fe89fe884f9998492f2f46bfc10dcfb50007d4ffb94caf33258e52b7dca6e88cbb153c116f93f3498766f4ba1392702f20ffd62810281bb5dfdec5115c959db22e48399bb0f60e8e29a7305ba57baad0d6f49e03a9421a130c4ff18f76290e9f1584eeb79061cb564c92c30205021f8047bd16dda1b7a3ee16682400f3450f1bf5934155df6f02ed93bb7c117f325f85c8394ae5d48caf6df92e25a4e254f12576083c44cbb9b10e5d5e176cb32dd819f9fd58ec1c46642083b17acf314ee4739d7937b8c011ee7340acfe7bbf58b607283bd3bcc4e6c60c142ea3bebd3a59a4a7ff09082ab47a6a65e538d230ea58beab9b6177f52772cd72f03c32f45c4c2449e3a84a487114e2a5a08a6e1e851e33dca8e3cb3bf31a8857fffd736b0648d1eb742665e0ccab4db565c0abce46f01de79895fcbb0c9a19b8db07100d24e1cf1a81714bf4bc75950ffe243e74f88767996937c8b802ffd5cc96435dd0104d9b8baf792ce83d042339e73d5c073e8660e91be2e6cc6444932526e16e873c9083d0454cda79f2be76509cf0824dd519dc3bbfac14eea2befac52e1553228b5e7b900d7aad65dc74f30bcbc3ae2c3f053c5757a952edddc1500bcc0f7a47a275bdd926c15fe27e15cf95cd293a5feff6e0f1c12e8aeb914cecc6096886fda73f7269f1c3d063bb1619f1e5276ce20d47077926fe64617fbb22b71a6ca44754080c8acf52bd300be498815649a974c45ab81bfe8575349abf800e2eb706148c44824a789660571764cfa04581a599e7a1bdde0a42ff5f6289d178e91e53dae5198dea85b5aab358ad36969486dcf51c1c819485de8384e3e0f59a6a8278fdcf2a86f097f28762504b2e041355046b9fc54da360ae3379977029b28c9e1903f0ca4276252d527abfadccf91ae0f400f76bb083a66e5c0394a89d5516ad4c17ea874725745a5d0bfd30e8a2f689bbcecc5c35702e1123f07ff08043fd5a3ad83adf1ac1460e3ab4b8330de2cfcf147c6622bc7bf0046316866c2b37b9ce1d7f6e0beb7433160efaee7edfa7421be8b85c2c08acb4d6975d12291048178a0ac1d332bd0fb66ac91d128e1881cf8620d1206d010ae3bb6e03952b674afc267bf75937f73253b64586220eff2c0caa775fca936cbe1d345a471d2378fe44043fe0f28c49bce7136cb4dacceeb6b0bc4e3e33a3c4284cfcabd225262026d3c77a38414165643ccf27f499c5869625d9a1fe1b03062fd3632e7b7cd8a32d0286c10ab370b0c1c9c58f0024e5268f72386c5ff40db2da0b22e85e14d965a7002bee19e2c78631f5f26219782ab79c795522459f5121b15d3c135f0ad2fd7fe5545acb1b68e7e4e95af960f4a32a67805a62785e9bc936a32cdb9ef84c5934c33d56510ceaf302c7ca7d56d4fcbdc8283c1cf2984b46aa204705b0b8e9440ebd963d7317d8bc1626623c73d10634db0cc5b64ac60f8a14b90957a6de6299e4904acdc247dd4728cc429eec1964c0357336866aed3a28b961dea2d6d30ed4099593a71e9f3dfd5d81ee97155e37155e26b1e64c27fa066fbb4c74ec6ffc8409235504a246402e947b092cb6b6bea877707c3c3e93fa5d64eab204c2b319d3b44d2ced2e429e4d7ec534bb45df4c79e9afa720a9ac714ebb03c925f289f65e10aec612527881f83790b6d5410c4a70fa2edd200b36635b0b10787745f96ec5221ff153f16f2642b9a4e49f63ab38d710d4eabff990690b47931dd391d11e55b605995d5243a011ee63f6a69b4bc4457314b83d4ebdbd6d997024ce12fe7251d4757454077ae070ba057d5203e0a08b3b9878640ad04c48eb274a52bb6451493236469df129e1d0d023f3bd10daec4569b3a5c634e40358372c2f592459449c7a0490b6f476d8ae5ccf6fd89055b3b617257d4b044ba7e9b134184ba93e6e802ce83072ba7fe409bcd98469867b887e548f44262410484a114fe90dc1e21d08a49eeb7395768b2db11b2f3926d0b346e05ec58cb8c1ae5c6bb31f7bd869584bbeedee881335f62e36ce707dffbf78ac0fccfd0545f53daa45343c89fb682d7143c2a816624d9bc897db376d100b7f04eafbc1ef6ef47655151dd2601b3c4e66d99696f47369412bd40d221df876f7aec8ee72f85260f67b1d114c54bb75b16c469f03d2201543ee628cd33d473cb60fca2a98b9f3599b92cef718dd5cd5de207090f2448072b830324520ab475e8eb8ca8c98bffb8cf21774fdfe91b65c332009a60af6d31fd8062002aa852d21170cc4b720834f40bc83cfa3d51f917a9ac274ad62f163dc07bd1013708c1cb073498cf19f7a38ca0af8c2c5312b48e9146c0e9e5d066d0258701654eed62626a3537cda245661cf9f448e8fbe060c35a4bddb7306e32bf5be0cdd594a35d9107eb6716fd43aaf0d3b65e982435dedfc4381d064d0a04c8524d1254f61f33fb910a4e1bffee7a95daa00b249dff9202adf335217e9ef310c42f51b4ad8184068b6371581b740a1e4b8fc2f9d3315a7eed5075c8f01c471d3582e0cd4e68e6106e5ac9a24bf0f0883704ffedb041937b501d82ebc7d89291a9b5437b3967c8895adeef55a50ecd5e97effc45019b17d66b445be63eaea029c9ee17b6aa49add7ba2a735c1e459b4908c717745d1bd83a072eb82380b28fd30b077884df6d8003205d65aed116dc1b025f3e45b662cf06df9a57fd38f90a4199bdb1cb5834105342f7e20b36592eb715b909d46ad12306bc21e570d9119cc3a7efb14fd684f5bc0ecbbe259bf0a2fd2df7040f6a4f4744791aa9ea1e18fb99417f83f6deccad8757a9810148bf4b094d036210f5c22d55dc2b442cd33945e348a5c1be18206c9d470bf9217a3a1b0e069ada83bc5b18198b47425030aca769712eecb9f1b33d41f9be5d4599446baae7e9e62485de1f68e78286e433a215ca44c082b35481524b6baecd3efaceb7d9f70b1710913b2b9d7fb87858b4fc4561615520de76e122874147c34315c3c4af917bbf2c8bf5f0f8ee7e8463994046ff87feffe4a8318f939af3d161af2ff8198c27f6fa12a53adde5275664d3192e079e057390406ad8a7e26c33118938b1c96310fd81a47399e385538242baa39b1c3787b9347cbdb33477787d57890e05989be4d9fe91cf9c9f6826068454a23e73690f083b182c0a4e8911e9c3d1c1a59c48ddabe709934b3ede288376e1bf8f70904e78b0fe5834979b13f8f67239564fd7918ebdae88f3b6e924c3398fbce976fec4707f2709ec1ff4e25e3f93db9d8b2fdfb710efd092f18a16b49a4f9e0ccdf80a3edc33c9d9b073359e86c2ae37e07a4fe510a2e693f03ea0d03bcdedef8bf958bfb4a21531b6f0f11083cccf1a80e1244f041fc1500fd7c700c35f5ce10a3272490d9572066f43a820c05489c88e0477ecb0364bacefb12defa93a31c191dedfa32051eb3e85bcd47d0b739067b5e79a5a852b683133fc4e5271c029527ba78ad7a7cb424b440df8afa09845eca3e35efc164044f7ca633f9c0e0a18e100a01469a95c11c2bceccdc4d7ab30cd30c2a744beadd732e9e8d11f12bcdc034f49fa99041b29f69e36b033c9d00076a5299a12d392215ee0b97084c2080f0cfe2f88d155429444f282974a5f3a32aa177df2c3dabe7e5e653aaedc7c489f74eefaa3c695dd8d57faab0b280d599aa759c15a1b24ae612fb5dbb75271b0188180864c0e0d411f83db0c37d25a75e8fbe626d3dc6c0fba3eccfe4341412074288bbfddee40b74d0359ce250caa17cb07d8e41896deeba4eaede1ca9c54727a540d5e873b41318887189e8e5cda67f21bb89ce5f0345b8d78be4e252d3207b8f1c91b1878c1665def828bcf81684584d8f3f766a7639dcc4b39c2926c48e0df457492e343a447dfe892ce44914b2df2226d38970e8c5e86ffb7d44332a7f0c9386b4646379529768f15562bf2984b7ea57650477c4d77b50d8be1b902ee6d6b1cbe2cd2ce9f915555d66936c81dd00d97a8d2f9776324df23ad18892baf0168a61316763dec06c8ccd7871462be3dfe2bbdbc968ad03918cc26133e7209ccd90b37984a0b198cd2f8bac9c4bdd4bb065869121509ac8634c66cffcf7162176f5feaaa97430375fbda23bf4c72e52ccdff486b76fece115a4e8d6082cf5c481488ffd322f4da98c5655e1380515f02aa5ade5d33a7de37c578c5c97eca2ab8578e15015caa92599d3479af5eb8f9f11249e2fd5a1c8882b65db7498c82d0b5369f1b6630644cd5942b8ed1f362b0c2b96d49fc8f9379fff4cfa9b0adeddb8cff94014cdbb760678d1cbc8c414ea638588f2ff590cb62fd5aba7b63a8adb2c1adea4cf137ef479fb3090b8491599b345a0ef01d28f91ee4891fb9060534d226b11e37cd4ca2d384f78c107aed60d6dfcea978ba5b34dbb339b2a5b896272f9a413d75b8559aa5fa2fa6f2e646f8420a438e24d1bb2d9d3aebc3b22b5e96c5d3b80477e1f36a4c30db2759044a2eab94c176dddd7e720171c45104c28bc8cb74a1bce9ec221ccc5b7944f988888018e6ef7e5a59fe47933bb87b311575f20177943ae11a5b40f8edbba0750d9bd93003b43da4f8edb8ba4c885a22bce0afe96e19adf9c0dbaad3d586002bec56369aabcd0f73240d0f5fe1b0821d596e47d52b26c6bbd127c0c502771d6e281d7855cd98b830f73d1002edd03b6ad1a973466f3a219a387e5221b0dced363ae500f3479a91e1a3a89b7d03daeccb9de0da4a7a79cea1d350dd30eecd2bedfda74062d4592e46cecbd8f16a84af6053ad8561901839efbef1f05e52425f08c1bb3e729e3fb78dbd2493125b07ab98abe93565bd26f1bb07a04abef290b22ce8f36c66c36b60d77169668f1b64784fe22fe930144ad48d441b6a88da4eabe8193539f6b9a06f6980770245e5179f68280a825cf1f22706a45517d47634733505c34aad17cffd4cf61407d72db41890447f0de09f539ee83c4be13ea626bc097f3fd5cca75d520970bfa9bc2e140370aebba27ebf34bce29628d79815571ea59daacd5a7f85f513ff8905f88a7b4cd6dcf23830ad4bbdb98d91cf69a01259dac98aa37468a91d2ef444f6d4e81e9436c2bdc5c629d6a6081217e571113f59cebf00a19cf3d7c3cb2166dacd35be76dc8beb72cd52685a6b22762c308e77312ba1a253cdca2f382f808a54edb91cbdb2a17f7e0020888ca8c59c7c22d55413202a057469bfcc170ed3f0bf2f480259c8321dc58317e1932e24143ceb76a774e32d42f6c90ecdb39ee878e71db28ce4547e4054d437e71617cf2b2d0c759c1a85bf205c9c90802708b1c1f242b039e6ae93ac891e651c37ef40605048a2551d2cea732a92a216217c66be4d62f3072b7e9537fb4a6e64474e3b8d7bf525631d9bf93ed4996e2d9f06d0edbc13508098241b8fbc34feaa770f7f3071f3a42af04a72a6223be4eae0a6a7464c1bf20a3506cb6974018e0692ee0a9f18dc6af83a808d095861832959da052167d731935cb33d06d5dcc3ba93a4e2f23bdd44431caeea043130660a99519832891a10b9e202d524f8b307ebc9709dd2bc05b"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x18)
sendfile(r1, r2, 0x0, 0x1000004)
r8 = socket(0x10, 0x803, 0x0)
sendto(r8, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r8, &(0x7f0000000380)=[{{&(0x7f0000000240)=@tipc=@name, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/119}]}, 0x9}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

12.014250813s ago: executing program 1 (id=1487):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
r0 = socket$inet(0xa, 0x801, 0x84)
r1 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000980)=ANY=[])
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000000)={0x51, 0x50c5, 0x7e, {0x3, 0xac5}, {0x2, 0x1}, @period={0x59, 0x40, 0x0, 0xaf28, 0x9, {0x2, 0x1000, 0x7, 0x100}, 0x0, &(0x7f0000000100)}})
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x4e21, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r3 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000280)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000000)="da", 0x1}], 0x1, 0x0, 0x0, 0x840}], 0x1, 0x8001)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000001c0), 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$caif_stream(0x25, 0x1, 0x1)
recvmsg(r4, &(0x7f00000194c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000193c0)=""/237, 0xed}, 0x263)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002192ea0845000000000904ebff0079e6904ff9ed3dea5d8e0000000000000000"], 0x0)

7.826231482s ago: executing program 1 (id=1512):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x21, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet(0x2, 0x5, 0x400)
recvmmsg(r3, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/33, 0x21}, {&(0x7f0000000580)=""/196, 0xc4}, {&(0x7f0000000100)}, {&(0x7f0000000680)=""/205, 0xcd}, {&(0x7f0000000780)=""/255, 0xff}], 0x5, &(0x7f0000000a40)=""/127, 0x7f}, 0x1}, {{&(0x7f0000000900)=@xdp, 0x80, &(0x7f0000000a00)=[{&(0x7f0000000980)=""/93, 0x5d}], 0x1}, 0x8}], 0x2, 0x10020, &(0x7f0000000b80))
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x17, &(0x7f0000000280)=0xbd, 0x4)
r4 = fanotify_init(0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)=ANY=[@ANYRES16=r5, @ANYBLOB="010000001000000000000200000008000300", @ANYRES32=r7, @ANYBLOB="0c009900f40000002a000000"], 0x28}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x0)
sendto$inet6(r6, &(0x7f0000000300)="bd6654e2044676280a6ef8c9dcc40b9c18befbcdf17d85c45ac83f2a16f3d706f3eca63ce6df836eb1ce560e47221c105507e85d0cecc8a558f0d29e631054fc003c84cb300f1fcae19f72c3534ee8464a4e521c02cb69c8cca7d688f391661e8f9336e0374e24879d", 0x69, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @mcast2}, 0x1c)
unshare(0x68040200)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r9, 0x29, 0x41, &(0x7f0000000200)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000000000000000000000000030000000000000500000000000000000000000000000000000000388dffcf19ac1a414be0db5fe79f6c7f00000000000001000000000000"], 0x58)
r10 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
preadv(r10, &(0x7f0000000c00)=[{&(0x7f0000000480)=""/198, 0xc6}], 0x1, 0x14a, 0x2014a)

7.211965302s ago: executing program 1 (id=1514):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYRES32=r2], 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x61f, 0x480, 0x480, 0x480, 0xf8, 0x248, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x50}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0x118, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@hbh={{0x48}, {0x8, 0x3, 0x0, [0xfff, 0x94, 0x4, 0x17, 0x6, 0x7ff, 0x0, 0x1, 0x0, 0xc, 0x9, 0x200, 0xda, 0x7, 0x7, 0xffff], 0x9}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}}}}, {{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], '\x00', 'dummy0\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @local, @empty, [], [], [], 0x0, 0x2203}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x7, 0x2, 0x1, 0x2}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
read$char_usb(r2, &(0x7f0000000100)=""/242, 0xf2)
syz_usb_control_io$uac1(r1, &(0x7f00000007c0)={0x14, &(0x7f0000000700)={0x0, 0x5, 0x5d, {0x5d, 0x1, "ae7dfb32d031cd3ebd7720e5719a3d5f61d9d8bb04e780b247af060449c706d81e6902374a729587844a7ff2c8b384d4869a8c38cf008cc452f195f92d0aa9f4922a78667d6eaab5eb145066b924ef3baffb2ae687d052fc0ea930"}}, &(0x7f0000000780)={0x0, 0x3, 0xffffffffffffffdc, @lang_id={0x4, 0x3, 0x1404}}}, &(0x7f0000000a80)={0x44, &(0x7f0000000800)={0x0, 0xa, 0xb4, "ffb9810eedefcaf5aa66196aa961730cbb73234bdeb62406bf54a646b50614577464ea221ea00f3a268008b2ce6bc6bc715240e8b6fc3127a3c0ea56c2ba7b010243a10209f4dbd5494fe62ca0f27234d30448b456ca004a9e54660f8e3f53dbcec211b63e26a61b1c870759e969a003b233efabb7a76c7f7bf854aeb03c0f13058126ec79c05257a06142da4dbd453e09887656e05d107b40a0b00bc541ac6e132f749d4b3122f4e36454163c7d6757a07b53fe"}, &(0x7f00000008c0)={0x0, 0xa, 0x1}, &(0x7f0000000900)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000940)={0x20, 0x81, 0x3, "ca997f"}, &(0x7f0000000980)={0x20, 0x82, 0x2, '-\n'}, &(0x7f00000009c0)={0x20, 0x83, 0x3, "f6ea26"}, &(0x7f0000000a00)={0x20, 0x84, 0x4, "b0be6433"}, &(0x7f0000000a40)={0x20, 0x85, 0x3, "bffc58"}})
syz_usb_connect$cdc_ncm(0x5, 0xd6, &(0x7f0000000200)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc4, 0x2, 0x1, 0x6, 0xe0, 0x1, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "6d88da498aa9"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x760e, 0x3, 0x263, 0x8}, {0x6, 0x24, 0x1a, 0x1, 0x20}, [@dmm={0x7, 0x24, 0x14, 0x1c0, 0x10}, @mdlm_detail={0x46, 0x24, 0x13, 0x1b, "3a6ad029dfd275cb7dd0810388b99b9f91f5cbe67b62c75af383b90904e9b0d37ee86a59186f52cbd1606c2607ad074c3a65af120f21163ef1e58a7c573ed3e3aeac"}, @country_functional={0xe, 0x24, 0x7, 0x7, 0x3, [0xe3, 0xfff, 0x1, 0x5]}, @dmm={0x7, 0x24, 0x14, 0xa743, 0xc527}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x5, 0x7, 0xaf}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x8, 0x9, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x2, 0x2, 0x5}}}}}}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000040)={0xa, 0x6, 0xaa6bff1649e05efb, 0x2, 0x9, 0xf, 0x20, 0x8}, 0x4c, &(0x7f0000000300)={0x5, 0xf, 0x4c, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0x1, "be274fd856d8dc237fb85625b0e4e4f1"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x9, 0x0, 0x7, 0xc0}, @ext_cap={0x7, 0x10, 0x2, 0x16, 0x9, 0xa, 0xa509}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "1c226440c7c469bd8922aacd5ccd5f00"}, @wireless={0xb, 0x10, 0x1, 0x8, 0x458d483fbb9d73b6, 0x4, 0x7, 0x4000, 0x4}]}, 0x5, [{0xa5, &(0x7f0000000380)=@string={0xa5, 0x3, "1acdca409a0fed8665239c4dd720028665fc0572209ed7258b3e9ee5bfc7b8384254e77e84f51756faa26b90b1ed87e4d533b953b286cbbf25f2ba9359b3e1f6cec1d1b362b40e81857137d4ac87bd5f04e073e0195f594cbc3eb6955da6c61c81ef60525567557cd961836d0e80a82231c081b40483e7622fc473a100a73492eca0c71756fb736e8739dd84db29f3acea213681735c0ce006a59f2140059b151518f5"}}, {0xe1, &(0x7f0000000440)=ANY=[@ANYBLOB="e1034d19ae201af6382beb90fd732bb16e8aef79c7242a55d08e01eb7dafb334f6cfe880491bb174016b342795f8c2fdc9f9164c0af7ece10a9a13e692c34ea14efb5af4c2d376def7f4d89a8fb28711c0175cc72992dcf113cdb1772aaf2ac4862d4bfca847e150cd7987023823580961b957c68fc35484274fc0cbab188141b5151771c81b3cfe9b9be7ef4e03d7ebc236909d413bc2a159b770dcd5ec27004a52d104038fe172fe9629e18dd2a0976267ab5d625760556c81f188ae906ecbe8b6eecd36ef23b2961659c45d81e6053df49c60eacf00"/225]}, {0x4, &(0x7f00000000c0)=@lang_id={0x4, 0x3, 0x1409}}, {0x3c, &(0x7f0000000540)=@string={0x3c, 0x3, "f27a1552de3b789783eae012222d36a2e159c19f78ef63a736743a2bc5ce4e2ba6ca7bb5f4dc3a0a1165c8780c9fdf25d4371c8450eed30e055c"}}, {0xd5, &(0x7f0000000580)=@string={0xd5, 0x3, "52ac3bd7030d4da7c5a4c9d4079ab24f1818dbc220861fb2d055f492f493db9df930be8f245c9b3cf3357081f803aab287fe34194563834685056fc2eca56c3fae16b6e90ac46e246686e6ba04cb91ec162af200fb941a0f73bc806971a78c90878f14d50b645fe3733f281c639cca5a70978e4e23c9b9de1ff27ab3efc0db16388b37aafa58c3420fe16aad877a4168deb0eb791cf18956684b6d4ae413389c9cd4884a3587e39ef35141b840e7d3c2b2673ae4e48ce9c61d27c7464c415619bf90a6222ca9f4511fcfcae878f010d6814a54"}}]})
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0xa8, &(0x7f0000000000)=ANY=[])

6.741668022s ago: executing program 3 (id=1515):
r0 = syz_open_dev$amidi(&(0x7f0000000000), 0x8000000000000001, 0x10002)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x0, 0x10000, 0x1, 0x1, 0x4})
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000000c0)=0x5, 0x4)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000003000/0x3000)=nil, &(0x7f0000005000/0x4000)=nil, 0x3000})
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
close(r3)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000180)=""/166)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r1)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r1, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0xa0, r4, 0x1, 0x70bd27, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0x9, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0x9, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x24000001}, 0x2000c041)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), r1)
sendmsg$L2TP_CMD_NOOP(r5, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r6, 0x10, 0x70bd26, 0x25dfdbff, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000010}, 0x20000000)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
r7 = syz_clone(0x131000, &(0x7f00000005c0)="388563d9e8f2ddb56813ad226ed8", 0xe, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)="62abf3374f41bc8ebd9c553c06603b3852451e6f1c5c45f42c5f69f190f7ba72148e2253fa30266e039381d3506cc15b4aca5e19e43ff1bdf23d554c4d23196f7d248d2db27b367b89e767c711c2c7cb8b5a92ea82b34433886a7dec2d701773567996840d887989cded25b80106b3a0d372389d3d573a5c0876e2f369df11a6ca2836aed8da512759d7051fc0410eccb31724da720974bc94c5d99523801567ca0b474d2eb08137e0f6d61f178a8c6e3ca69845c635a0eb0d00e45225ac")
prlimit64(r7, 0xb, &(0x7f0000000740)={0xffffffffffff7fff, 0x2}, &(0x7f0000000780))
cachestat(r2, &(0x7f00000007c0)={0xfff, 0xd}, &(0x7f0000000800), 0x0)
ptrace$ARCH_GET_FS(0x1e, r7, &(0x7f0000000840), 0x1003)
socketpair(0x28, 0x80000, 0x9, &(0x7f0000000880)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
timerfd_create(0x6, 0x80000)
sendmsg$nl_generic(r8, &(0x7f0000000a00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000009c0)={&(0x7f0000000900)={0xb4, 0x1a, 0x4, 0x70bd2a, 0x25dfdbfb, {0xa}, [@typed={0xc, 0x6f, 0x0, 0x0, @u64=0xfffffffffffffffe}, @generic="eccc72a9cb6da790e0d705bacf6b963e7c3eff9ef43a2655722031f1b39069c8b6c44319f71d3b86b21a3c5f2cad9007f4e7699386444295dff3ee20f5f04ff9f81f160a3d8c353914c9bc1c565324cdf36dc1c26e8cd176ebea5e6c586829ed6a8f25985e12afe06f42fc59176e311fff37206d73fc0aa288b4f3", @nested={0x18, 0xea, 0x0, 0x1, [@typed={0x8, 0x2a, 0x0, 0x0, @pid=r7}, @nested={0x4, 0xeb}, @typed={0x8, 0x7, 0x0, 0x0, @pid=r7}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20040005}, 0x800)
ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0x1)
ioctl$EXT4_IOC_SETFSUUID(r2, 0x4008662c, &(0x7f0000000a40)={0x10, 0x0, "693f1ff3b4e1c50918e8b79200d51ebc"})
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000a80)={<r10=>0x0}, &(0x7f0000000ac0)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r9, 0x84, 0x18, &(0x7f0000000b00)={r10, 0x8}, &(0x7f0000000b40)=0x8)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000bc0))

5.971518501s ago: executing program 3 (id=1517):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write2(0x11, &(0x7f0000000180)={0x401, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfffffffe}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0xb8, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_USERDATA={0x90, 0x7, 0x1, 0x0, "725291cddf7d553101f10609691e3ef64002716a0e5600f6b341bfc5774de2f27d6199dde52b0442402271c4bf0d0812b237bbf40f4198809430f5049be6a6d8ac9a189de24851b8a57e7146f0e9cc677d041a752944fe5257ba9cff5647ad1cacc467ee39ed0faae96e960bf5b34fca6518937fe80e2e2a29f81c992f1e208294fb5e57ef91f3d5e6caa842"}]}], {0x14}}, 0x120}, 0x1, 0x0, 0x0, 0x2000c045}, 0x24000004)
socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write2(0x11, &(0x7f0000000140)={0x5, 0x100000, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x3, 0x80cf, 0x0, 'queue0\x00', 0x40000})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
socket(0x10, 0x3, 0x0)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c)

5.871944271s ago: executing program 3 (id=1520):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000afae99106708129816ce0102030109021200010000e0000904fd00000abd64e7"], 0x0)
ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000380)={0x7ff, "221ac52a988c3bfa0d270e3bb351cc8deafd3c19c8cc3e63b8ce643c7d350abd", 0x3, 0x100, 0x55e, 0x1000, 0x8, 0x2, 0x1, 0x7})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0)

5.839770307s ago: executing program 0 (id=1521):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYBLOB="000900005229000005001a"], 0x38}}, 0x4050)

5.651292654s ago: executing program 0 (id=1523):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000045c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r0, 0xc6f33000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x29, 0xc, 0xfd7fb5bddaa5e821, 0x1, 0x3, 0x9, 0xe1, 0x0, 0x0, 0x0, 0x800}}, 0x50)
syz_open_dev$vim2m(&(0x7f0000000280), 0x2, 0x2)

5.523797108s ago: executing program 0 (id=1524):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$radio(&(0x7f0000000640), 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfdef, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000011c0)={0x24, 0x0, 0x0, &(0x7f0000001140)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0x9, "09f7d070"}, @local=@item_4={0x3, 0x2, 0x8, "82cc4b04"}]}}, 0x0}, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x40080)

5.280050041s ago: executing program 3 (id=1525):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030200000900010073797a300000000064000000090a010400000000000000000300000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000023280011800b8d816efcb9e63104020000180002800900020073797a310000000008000140000000021400000010000100000000000000000000003bdd90e274822027aafe4f79cb0290000a"], 0xac}}, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000440)={r2, 0x0, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r2)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000000)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0xc050}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
read$FUSE(r4, &(0x7f0000003240)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
setuid(r5)
r6 = semget$private(0x0, 0x6, 0x3b1)
semtimedop(r6, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
semop(r6, &(0x7f00000000c0)=[{}, {}], 0x2)
semop(r6, &(0x7f0000000180)=[{}, {}], 0x2)
landlock_create_ruleset(0x0, 0x0, 0x1000000)
semctl$GETZCNT(r6, 0x0, 0xf, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r7, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x3)
write$uinput_user_dev(r7, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x9, 0x8000]}, 0x45c)
semget$private(0x0, 0x4, 0xa8)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000300)={0x30, 0x5, 0x0, {0x0, 0x0, 0x1, 0x2}}, 0x30)
semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f00000007c0)={{0x2, r5, 0x0, 0x0, 0x0, 0x84, 0x4}, 0x10, 0x1000000000020000, 0x0, 0x0, 0x0, 0x0, 0x1})
fsetxattr$security_capability(r1, &(0x7f0000000100), &(0x7f0000000140)=@v3={0x3000000, [{0x0, 0x1000}, {0x10000, 0xc8}], r5}, 0x18, 0x0)

5.031616102s ago: executing program 2 (id=1527):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(ccm-aes-ce)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="d8000000000000001701000002000000c40000a869"], 0xd8}], 0x1, 0x0)

4.420364415s ago: executing program 2 (id=1529):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000180)={&(0x7f0000000280)="395e37ccf12f96fba7f7725edce3e270a3502e370717739ec8bfe66f6c62d7aff08327b89cadf576341ebedbba60d9d84109f74beaf9634b0e6c61c011c6c842c357c8ad9484df1c498aeced3ca5e37b9a0283cb0ebde791e7e30a752c512edc3aac387225afd1d1a8899c4e7b3cedf2c86cbbaa8756eb1ac0b1ff7faef6e7c4fa160778eda49c08813d5047c0b8ed0368b0334704294b38138116819f9b2094c6216ec7fb1c24d591fe8a89dd3bcb300d2e2f37f617bed922d8d8026c99229ae719559ec39a7c99ca9ca6e0130cc7c575a0ca63f92eecd8776b5e24e160b3f6fc27552cc8c1717d98225333ffabac270365c2f1ff68f85b40ac6664f9450f53e8627adedab7ed3e98095c09843d8292b073f0f0171f92373452765f79d9997c69d48f83336ce7e44273906f0320ac527aadf7dc3d4235e8851a2c982b0cdacdb87579acddcd46481090d2316137ab97ddd2e1d44e4202179bbadd08f76f3edd7c3dcfe7d0f78470480e5db5c45dac36e21b58735041672d563e05b4d9249ecc1dea1a9a66e9c73cb4a74a0986f87688f38c9e051d9f2023e411d1c00838fa5eefbfb22123d9d9a4cc902b122d3f08b6a758f172045a80abf0aaa6dddd4e140fd36a2be808d9d270ab60c1e88fb1687bcc7c027a23a2cbb9144157c3770ff7ee06f7e4edbdc5bdb6b851ffd4d01493cd23069d4a9663a5d761589f1e106edf08bc2b98d0ff1d6fc492da79d08eb546e07f70cdc020cb980e616de8b3e88c5765272c7b439dc486906dd075d2487cc6b3dbbc205ab92bd22875e725a0fd595f6f8af779cbdfd95fec850f71dda0920d44820e5a0186c8590ed246bb85b1153ae5f6149ed203e53ea90e0d19b9ebd9e0e12daa74d7fe43964d302e7dca189b0d9cba09d3f52146b89b4b151abf15b2fcdfd614360594ca35d5a916685bcf4e3b3ae0bc3a328afcbc69aed0ff0e65ecb39560738bc0de0b6ac187d70658645b1c4263e0cb1621d62b28358df9211acb41dc7b8f14b33ef3f39221abe06fde76766292d3f5f01fc0ab4df66489177b6513609f3a3ee91708fed138ced39f6ff0a95aee91cd9866bb3836d5ece27c5adc9fec37ec638ee8bdf7919c6adde669b0502dfad50f905a9d6562aa074dfbc0b051cd06f2907571899cfefcccf45632fb73c3da31e8e91b2aa96a4ac91a244ca98162d44ce97834d8359f99eb746b23b0e5f6a6fced35b87406f1182e503fc234a7eb58e705b5f1961c72fc846d9293855549b6bd2ea843e628d8c0c09e81ebc4ee8749b1e61137562e3db577ae45cbef7fb4554fc114d3da1246667b48c9937ae6180cc19088758d1357248bd8f67da3c92fd2305a5bb8627bb2d0e58dcab51092fe5dbb531b58890382673a42d345b8975ec7962a7b9d052fa73a6cb4676855ff69ef30d9138f3fe48f5ec825914f76c3021f515b61c2f1accb6264e100df78a750b3df03d2f3e76629e17bc9c0cb6eeb735662d46b67ba2ea2f15d526c97d22c1caafc503333265679a402cac50ab79f57c4ebe04d3b2f405450fca0c56bc6c896c9787b7f4cc1020bc3eae82a932bb13d8e6c1ce896a39cc77a12bb02206990656774bc0e005182675f00e238cc1a99cf18d42aa279782789427257b60f5a383105d717e8d3150e9dbfe5619bda4a34787ec27dc6eb9742b34c27554ed8d93402c3af5047dc2ce9e58d2100f9dfcd5fdd2daa94936db43622653d45c3cf5d85f7da4607599e4eb0abe14db0a566c2ac4c0831b1746110244e9781f9588642986d72fd9bbe46d3dbd8bea3c783b5a38fdf252a63630f4ca992605dd78a7e030b2475ab123a6d2db234a368bc465cfbbb0a307ef625a91f109bb7db9de38b0c4a67026b16135f5b4d504dd2cd31e30e34beef9fec6ff4df744dde2d1a462a1d173e9202d4f75639017923239c0fb61420b7279711e13a85f7d7f7a56742073217e82af1fb05a68e34383157f825b271978b3b760517ab65b32d6eadfca3e81ee7a0c2a84a9c2c1676235637c88ab2821e1362eec033137d805966da0aad445bad09c4673bb29e2036dc9ec09379ffbecfdbfeb0e509bce31d0114dd61c32d87b9b8c4326086298a2633a6d3d0d94825a73cb509ee4b3fc627706c7fcf9b6a544af6fdef43e8ca8f4ddac646c7c54806f7edbd34126f9959194254066d5afe9cbc9ca0b6b3d9f023a3ce1e3854552e4733dd55cf06ca9de8df821a30327156eef919c6839a4eaeada177d5f9aee39c226b12fd2ce7b3198f0387bc01393587e27724eec8b27cafd86ed21504bf69bdee20378fed6496e8030563dd04247b885d64d3962b6904c9a0aed953c06532b0f2a56e4bff5c63bfd430269683c390f7de8d41878baa393e02df582f3972075b8776ac8ba2f585cb6d6bc61ff6fc34517a18e78bdd6d0df4158844434e059dd8f6993b76e150d2553be7b0ee59c2b4e29024364fbbbfe55a3e4b7d02f7162dddc757d18deed4dafe501369a5fe89df348156ac14ccf1c2604e64e755cd1ba9e59fccc8b87bb52e7f0d439a011c959f9e7c08ba9d0e7bee9b833fa66454ff4c285e79e946354a218d2745090b64fc23b2b43f0e245c29a4194d94c1d0cad69934033a024a77f7fb5fd3fc39f9cf5235253490dd0f99eb2e87f568c12b8485efd916c19d4e522cc2c8596bce30ed8f3d6dc81395e2a227d1c39b38a8cb994a8076436894528c511323da3c66b4f1a4f03ffb5aa7da6213bcbe0c257ef964b4a69e2c9c7ce074fb9e18b24fbe8649809d2573c608af5f9a4cbfcde68eeabb06b2487131407e9dbfa792eced7fe9aa910ccff0dfc42c72e6f6608a741808e77f75257a1b5fad55d36a4b0e6cb92afe9afe4bc5671979d78a01f075746aa06e893b615294b99bd500043fe1a7cbc15f7a5f0592a99130f42d544eb6e9e15b9595945e6e58076b821738d1b9845384c5182dd4e2163d1ca7bb73abb45becdcdb3e45495af1f41713a7686b41bd00419f6641ed7ef938f18e60c28badadc37fc0949a3b1d224e1221088487a037bcc798de838b95b26253022c1de66c278a078442bd85a0a66865e96cc4baa31e52d8fe0ba16f705c2f18ecdb00c0c552126063d44013ab0d57d4c2152c4bc294e17f33993b8916508b4593f0aa77878565c246b33d8c45aa56f514f6834fc430c3920f378e10ad45c86ce8a1884841c540404fdd41ff755f2bc389d5a5cb90b10b9ccb777654b2bba2ea588e116c2b679cf39d05f686c172f3bb6f5d566e5b3b94609da2dab67a391f9608e2f519c825ea1ac7fd53569fce1f7281c6838f3667d83b1e49782482a4a7c22a6872771d36864b9af3f6f52bb3a42cf181bac4bf1d00eb65bb72c6a00606c108d508b6d02813ce5c494be0ba47b2b4a7bce0d0ce47afdf1460331743d7bf5c8e10a407c6479b11c7e507e1057ff9989d23b9452c7532ee04a8f572c5aecac58e8e85124f65ee1daf973fa5a973a7a70fe83ad3bcff4be1b298fa74a4881df1bff09d22b383bf65052273524bb39fde7255b803e355b652518320069fda8df81de6ba1e876dfc5cdd8faed278429755bdfbc56384a77a32e43f1d3c591c398dd74594b2f00faa6f517216a2f12f9c16e5f6a6c4bce9ede6733a2a694dca225255bb1c2354ea264f6750eb4ce8bbb8bc55b075e106470e95abd3cc433663fa915978260e044e6fbfba946ff340e152fd9695b381e3d76084e6993fbc5d442d7bb7f2722f3929be6f74a01cc45a59a1dbc20d15ea5d9bea7348bc4ede894b78a6e1fb0b97b9b0a34475a9bea16f4b434274c6e25d8c1acc6129f5b9e9f8429ba05411ce6ea019510e2d49f24f64bac5dd6df6fac6cf4fa78e83f085be9fe2643507d273e7807f7e0b764dd41796f29b3ffa43783e596f4b584488ae0905ad07a10a8f3c252a6d5d3b950f09c1ac073f7664e2a05e3cda46fa677ffe1f2ea75a8431bdbb8bb59707dd062453c84ab0f1fca303905646d28fde098dfc2cf37d753007906e2d4a22ac3399b1c76f13a3bf3649d80be154177c3587f6609891b027a15edef8b7a647885d73ecd241a361278467fe43b7bf0fea3b3730e821aee2ccaa8ba802dfe87fcafd8adc1f012e50ff9cd80d60ce6bcd895b114e5697fe7aefaabeb727dd0f48b5b1709c13edaca9bef96d648b41ff92ebc28eeece4046170e6daae63dff94126666541feae49d9c6f8d220ed68d8ba104b6c99f1093566a7bceb375adcaefe31d04d7cfd13f0651960bf2e8a2422f305f936caa6418ef564e294f9e4b3f85f580123d4c69b389ff46a4c5c4d5689a5d5c61e48a82ce6f77cdce04eaf4efc32bf8f592a724a892d54f6a6c6b91788a0078ba760199f75167a2b0ed402644da063894007cdf47e0935be786c09352830074fdb7bab7664aa19bdd1c03f7924e50745ac535c8d9da2906e59d24417d5f20796c9d90292b5eddeefec9fbb034c66a7e3cae4ed3da514bf9b1a1316cbec8d6653e38b4456dcb50a25558f531b4b8921cf1acfd9a3e53b737455a34982d251ede60853ce04950a73a177293728f906f51a556fde10e219814a4035e6820d6f5974cff93db4829ca17267f943e0fb64a107957e6636aedf8463edbc95f0b66da5666c125ae5b8b7ff87807fe805bf2d374d43d2a4bd4633299c2ef32fcd85a5156a908f63661f624a09ab693327581ec6b89abd6d9e68835553ac5feb1c43f6bb97ce61766c38bf70b563cdf5312f8090cef074a1830e9eca69cf4657e7fb3255e7c1caf86e5f5e7356677c2e5bec0e13b090dc07b646e8a1700bfbd61346d944bdbd9c454f78135ad37a359aff61467fe8091f15973dc50d992025a51f706564888c9aa7bc657c67b0042105fb7e0740afff0ff2459108b87eb2e63d686cc35c7a4e70c952cef7a58952353eb3f75ad7c514d577e83aa782ba116b64b329f7bab89d63f1f8ff0ed42a04c053e51a0a1f321291f940a982967f034df63aadc40a622c8ae7e61e5dda204f502a76f541b8bc602d4135a04497965dc93407fedde9502c20b6a91ec719f44a92c3191eac0b8abc9f3dbd3fd65b2c2a88c20be1786a33528bb6a2f51040408b072c9a1a75d6f914cb7576d152102fd3fde228242579c79996c6207873815f63b40a4047534389bc985620fe43b8cfa2a4c2b801b1c421f948f8febdc3b581cebb4ac2560668add83fe6de6ccd09f19a234d139f78d2174812be8aadb7f00c6d2289e2bfd3eea4904a8f15b5ab2ad02c1d562e2b75572c1b9a7666efaac68a3ef26f625d740908dd9b0e57056f560f6b965d04b60ee1a19e27783dd609976f49dc7ea129c1eb759d7aa1970dbea9fe3d1b9c4062706df2bd66e8c605b3b7ebfe566941b3cf931521f63ecd1181c22fd388e30cc8d327c1003e31d64023f60ebf94f22d0ef3f84eb00a3198c2a0116a2a3114d0886820db73fa53b059e158c3157e79bd70827fffa1b8c2657289742dfd2107d2f7bfec430b6fa12e2ec0d990afcbf3a1555b72cd9a3e541c63920fb05283818ff56ccde4092ffe7593485d5428d5dc2ac6c87a6eef66e76182131761d1b9d78ec901ae270f5eac2f8ddd827dbf9f647c942047c29bf9a5bd297821bf42b51a852515bbb06f88a8ee6438f1925c4a69422c3f35f7f82350cd5f912ad2860505b64b9221c69512da767a5032c034f695be5b25f6fab0a3beb5f2d392c794feebef168e5a680045271703657ebe2f33170a57b3105d02bfbc89debe227ad23bcec6151039d195fb58fdc4c71b2465023cea67a0984ca688266c8dc2de1", 0x1000, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f00000001c0)={r3, 0x82, &(0x7f0000001280)=""/130})
ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285629, &(0x7f0000000080)={0x3, @sdr={0x34325241, 0x6}})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1000, 0xc4)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pread64(r4, &(0x7f0000001440)=""/126, 0x7e, 0x2)

4.227480167s ago: executing program 2 (id=1530):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write2(0x11, &(0x7f0000000180)={0x401, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfffffffe}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0xb8, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_USERDATA={0x90, 0x7, 0x1, 0x0, "725291cddf7d553101f10609691e3ef64002716a0e5600f6b341bfc5774de2f27d6199dde52b0442402271c4bf0d0812b237bbf40f4198809430f5049be6a6d8ac9a189de24851b8a57e7146f0e9cc677d041a752944fe5257ba9cff5647ad1cacc467ee39ed0faae96e960bf5b34fca6518937fe80e2e2a29f81c992f1e208294fb5e57ef91f3d5e6caa842"}]}], {0x14}}, 0x120}, 0x1, 0x0, 0x0, 0x2000c045}, 0x24000004)
socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write2(0x11, &(0x7f0000000140)={0x5, 0x100000, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x3, 0x80cf, 0x0, 'queue0\x00', 0x40000})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
socket(0x10, 0x3, 0x0)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c)

4.079537494s ago: executing program 4 (id=1531):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@delsa={0x28, 0x11, 0x421, 0x0, 0x0, {@in=@loopback, 0x4d4, 0x0, 0x32}}, 0x28}}, 0x0)

4.007052021s ago: executing program 2 (id=1532):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000001000000420000004000"], 0x50)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7, r0}, 0x38)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xb)
lseek(r1, 0x0, 0x3)
ioctl$UI_DEV_CREATE(r1, 0x5501)

3.871369062s ago: executing program 4 (id=1533):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1)
r1 = epoll_create1(0x80000)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r2, 0x5201)
ioctl$RFKILL_IOCTL_NOINPUT(r2, 0x5201)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r3, &(0x7f0000000440)={0x24, @long={0x3, 0x1}}, 0x14)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)={0x1000000c})
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_usb_connect(0x2, 0x24, &(0x7f0000000440)=ANY=[], 0x0)
syz_usb_control_io(r5, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)={0x20, 0x23, 0x2, {0x2, 0x7e8e703122aff25f}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r4, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x0, 0x9, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

3.851357783s ago: executing program 3 (id=1534):
pipe(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0xbfd1, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x6, 0x101000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='cgroup.events\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000180)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x20004, 0x9, 0x0, 0x0, 0x0, 0x0, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8bfc541265406c7f306003d8a0f4bd00", [0x1, 0x8]}})
ioctl$LOOP_CHANGE_FD(r3, 0x4c08, 0xffffffffffffffff)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ff"], 0x0)
io_uring_enter(0xffffffffffffffff, 0xc2, 0x892, 0x68, 0x0, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r5, 0x114, 0xa, &(0x7f0000000000)=ANY=[], 0x4)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000540)=0x9)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
prlimit64(0x0, 0x8, &(0x7f0000000080)={0x469, 0xdee}, &(0x7f00000002c0))
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x7fffffff, 0x0, 0x0, 0x2, 0x0, 0x22, 0x3})
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r8, 0x10f, 0x80, &(0x7f0000001640)=0xc, 0x22)
sendmmsg$inet(r8, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r9)

3.840415235s ago: executing program 2 (id=1535):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000afae99106708129816ce0102030109021200010000e0000904fd00000abd64e7"], 0x0)
ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000380)={0x7ff, "221ac52a988c3bfa0d270e3bb351cc8deafd3c19c8cc3e63b8ce643c7d350abd", 0x3, 0x100, 0x55e, 0x1000, 0x8, 0x2, 0x1, 0x7})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0)

3.326498522s ago: executing program 4 (id=1536):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000060a17d50000000000000000020000000900020073797a32000000000900010073797a3000"], 0x60}}, 0x0)

3.307001348s ago: executing program 4 (id=1537):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0x6}, 0x1c) (async)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) (async)
write$cgroup_freezer_state(r2, 0x0, 0x0) (async)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x18, 0x8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$inet_sctp(0x2, 0x0, 0x84) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmmsg$inet_sctp(r4, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="9e", 0x1}], 0x1}], 0x1, 0xfc)

3.248175826s ago: executing program 4 (id=1538):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3)
r4 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000240)={0xa0, 0x0, 0x0, {{0x7, 0x1, 0x5, 0x6, 0x5, 0x1, {0x1, 0x180, 0xff, 0x5, 0x100, 0xd615, 0x5, 0x800001, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3fe, 0x3}}, {0x0, 0x11}}}, 0xa0)
sendfile(r4, r4, &(0x7f0000000080), 0x7f03)

2.509947657s ago: executing program 2 (id=1539):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0xfe}, [@IFA_LOCAL={0x14, 0x2, @local}]}, 0x2c}}, 0x4)
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x4c}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b40)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b8, 0xd0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x1e8, 0x20a, 0x278, 0x1e8, 0x278, 0x3, 0x0, {[{{@ipv6={@private2, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6, 0x0, 0x0, 0x6}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@dst={{0x48}, {0x8001, 0x7, 0x0, [0x3, 0x4, 0xfffc, 0x9d, 0x5, 0x6, 0x3d8, 0x7fff, 0x7f, 0x101, 0x49, 0xcf, 0x5, 0x0, 0x593, 0xfffd], 0x7}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x318)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc0585609, &(0x7f0000000040)={0x5, 0xd, 0x4, 0x2000, 0x101, {}, {0x4, 0x8, 0x0, 0x2, 0xd1, 0x95, "0b609da4"}, 0x7, 0x4, {}, 0xf25})

2.411669378s ago: executing program 0 (id=1540):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001c00)=@newtfilter={0x884, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0xe4ff, r3, {0xf, 0xf}, {}, {0x7}}, [@TCA_RATE={0x6, 0x5, {0x1, 0xd}}, @filter_kind_options=@f_cgroup={{0xb}, {0x84c, 0x2, [@TCA_CGROUP_POLICE={0x848, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x10000, 0x6, 0x7, 0xb, 0x2, 0x0, 0x80, 0x10000, 0x4, 0x2, 0xd2, 0xffffffff, 0x6, 0x9, 0x0, 0x4, 0x7, 0x38fd, 0x10001, 0x7fff, 0x1, 0x9, 0xbbc6, 0x64b0, 0xfffffffa, 0x1c, 0x1e, 0x3, 0x9, 0x10000, 0x988, 0x4, 0x6, 0x10000, 0x756e, 0x8000, 0x10000, 0x3, 0x3ada, 0x401, 0x0, 0x1bc, 0x4, 0x9, 0xc9f6, 0x3, 0x100, 0x2f2, 0x475f, 0xf970, 0xf7b, 0xf, 0x2707, 0x8, 0x6, 0x1000, 0x2, 0x10001, 0x5, 0x0, 0x5, 0x8, 0x101, 0x8001, 0x1, 0xffffff81, 0x2, 0xef, 0x80, 0x7, 0x8, 0x9, 0x9, 0x3ff000, 0xde49, 0x0, 0x5, 0x4, 0xa99, 0x2, 0x200, 0x8, 0x2, 0x36d000, 0x5, 0x2, 0x0, 0x101, 0x58, 0x0, 0xde5, 0xfff, 0x0, 0x1aa8, 0x9, 0xfffffffc, 0xf, 0x400, 0x200, 0x1, 0x4, 0x2, 0x0, 0x401, 0x1ff, 0x5, 0x1, 0x5, 0xfffffffa, 0x5, 0x3, 0x5, 0x3, 0x2, 0xffffff80, 0xdd64, 0x7fff, 0x5, 0x3, 0xffff, 0xfffffff8, 0x7, 0x8, 0x1000, 0x1, 0x8, 0x5, 0xb08, 0xa, 0xfe7f, 0xfffffff5, 0x6, 0x7, 0xff, 0x2, 0x1d4, 0x2, 0x1, 0x7ff, 0x1, 0x4, 0x6, 0x4, 0x7, 0x2, 0x4, 0x0, 0x4, 0x5, 0x6, 0x4, 0xab1, 0x74f1, 0x9, 0x4a, 0x2, 0x3c8, 0x8c8a, 0xc, 0x5, 0xf6, 0x5, 0x8, 0x7f, 0x0, 0x0, 0x9c, 0x3, 0x1, 0xfffffbff, 0x5, 0x80000001, 0x10, 0x8000, 0x0, 0x0, 0xd, 0x3, 0x4, 0x4007, 0x2, 0x3, 0x7, 0xfffff843, 0x6, 0x6, 0x9, 0x9, 0xffffff93, 0x81, 0xfff, 0x4, 0x80000001, 0xf93, 0x6, 0xd, 0xd, 0x7, 0x9, 0x4, 0x7fffffff, 0x5, 0xe92e, 0x2, 0x8, 0x0, 0x100, 0x2, 0xd, 0x2, 0x80, 0x4, 0x90, 0xfffffbff, 0xb0bb, 0x4, 0xc0, 0x19fa, 0x2b, 0xfffffeff, 0x6, 0x7, 0xa900, 0x8, 0x0, 0x9, 0x4, 0x4, 0x4, 0xfffff000, 0x7, 0x3dbc4d99, 0x4e, 0xcef, 0x80000000, 0x400, 0x7, 0x6103, 0xf, 0x5, 0x5, 0x40, 0x5, 0x6, 0x7, 0x6, 0xe9c8, 0x1a0, 0x3fe, 0x10001, 0x8000, 0x5, 0x1000, 0x4, 0xb13]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xe, 0x9, 0x80, 0x7, 0x10, 0x8000, 0x0, 0x9, 0x2000000, 0x4, 0x5, 0x7, 0x6, 0x8, 0xc1b, 0x5, 0x9, 0x101, 0xa, 0x3, 0x5, 0xfff, 0x2, 0x10000000, 0xffffffff, 0x1, 0x4, 0x22, 0xfffffffd, 0x80000000, 0x8, 0xffffffff, 0x200, 0x7fff, 0x9, 0x5, 0x1, 0xfff, 0x2, 0x0, 0x0, 0x3d0, 0x3, 0x78b5, 0x8, 0x5, 0x9d, 0x5, 0x40, 0xf9e, 0x8, 0x1, 0xb, 0x6, 0x3, 0x8, 0x8, 0x800, 0x0, 0x3, 0xaa, 0x9, 0x4, 0x9, 0xfffffff9, 0x8, 0x7, 0x6, 0xffe, 0x800, 0x1, 0x6, 0x2, 0x81, 0x81, 0x5, 0x200, 0x401, 0x9464, 0x1, 0x7fff, 0x2, 0x9, 0x5a, 0x1a, 0x5fd, 0x81, 0x1, 0x7fffffff, 0x2, 0xf8c, 0x4, 0x6, 0x2, 0x0, 0x1, 0x6, 0xab99, 0xe, 0x1, 0x2, 0x3ff, 0x6, 0xb, 0x7f1, 0x7fffffff, 0x3, 0x40, 0x7, 0x1, 0x15, 0x1, 0x7fffffff, 0x1, 0x6, 0x3, 0x91, 0x0, 0x9, 0x4, 0x3, 0xffffff0d, 0xe, 0x7, 0xdc, 0x8, 0x80000001, 0xb, 0x6, 0x8, 0x0, 0x2f, 0xe1, 0x10000, 0x0, 0x1407, 0x9, 0x5, 0x8, 0x81, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x8, 0x8, 0x3, 0x0, 0x8000, 0x4, 0x7, 0x3, 0x400, 0x2, 0x6, 0x5, 0x4e38211e, 0x0, 0xa959, 0x67, 0x400, 0x1000, 0xaf, 0xfffffff9, 0x30cfd753, 0xe0, 0x4, 0x1, 0x800, 0x9, 0x4, 0x400, 0x39a, 0x2, 0x1ff, 0x1, 0x7fff, 0xffffffff, 0x40, 0x9742393, 0x0, 0x4ef5, 0x6, 0x80000001, 0xffff0fb7, 0x1, 0x0, 0x1, 0x0, 0xe, 0x2020000, 0x0, 0x5000, 0x4, 0xb14, 0x6, 0xf864eed, 0xc5, 0x8, 0x7, 0x125, 0x40, 0x2, 0x3ff, 0x9, 0x10000, 0x101, 0xc, 0x0, 0x9, 0x1, 0x7, 0x4, 0x3, 0x0, 0xf34a, 0x9, 0x18, 0x3ff, 0x1, 0xde, 0x0, 0x2, 0x77f, 0x0, 0x5, 0x3, 0x0, 0x9, 0x6, 0x8, 0x4, 0x3ff, 0x4, 0x1, 0x1, 0x100, 0x5553, 0x4, 0xfffffffe, 0x25f76613, 0xffffffff, 0xca, 0x4, 0x1000, 0xf0, 0x3, 0x1, 0x7f, 0x3, 0x7fff, 0xc, 0x2, 0x101, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x800, 0x6, 0x8, 0x8, 0x4, {0x6, 0x0, 0xb, 0x2, 0x8, 0x1}, {0x4, 0x1, 0x30, 0x1, 0x7, 0x3}, 0xb, 0x5, 0x1}}]}]}}]}, 0x884}, 0x1, 0x0, 0x0, 0x10}, 0x0)

2.312297202s ago: executing program 4 (id=1541):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28002)
r2 = dup(r1)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
r4 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc1105511, &(0x7f00000000c0)={{0xc, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x7ffc, 0x0, 0x9, 0x100000000, 0x0, 0x4, 0x200, 0x0, 0x0, 0x7f, 0x3cb7, 0xffffffff80000000, 0x8000000, 0xfffffffffffffffc, 0x8, 0x0, 0x0, 0xeffd, 0x0, 0x2, 0x0, 0x10000000, 0x100000000, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x80, 0x3, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0xfffffffe, 0x0, 0x80000, 0xfffffdfffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x9, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd89, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1, 0x0, 0xdf9cd90, 0x8000000, 0x6, 0x2, 0x0, 0x0, 0x0, 0xbb, 0x3, 0x0, 0x0, 0x0, 0x7, 0x7ffffffd, 0x0, 0x0, 0xffffffffffff2328, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xd, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, 0x0, 0x0, 0x3ff, 0x1, 0x7, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000080)={0x19})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000940)={&(0x7f0000000840), &(0x7f0000000880)=[0x0], &(0x7f00000008c0)=[0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1, 0x3, 0x8})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000a40)={&(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000600)=[{}, {}, {}, {}, {}, {}], &(0x7f00000007c0), &(0x7f0000000800)=[0x0, 0x0, 0x0], 0x6, 0x0, 0x7})
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="12", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000a00)='./binderfs/binder-control\x00', 0x2, 0x0)

2.286586512s ago: executing program 0 (id=1542):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write2(0x11, &(0x7f0000000180)={0x401, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfffffffe}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0xb8, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_USERDATA={0x90, 0x7, 0x1, 0x0, "725291cddf7d553101f10609691e3ef64002716a0e5600f6b341bfc5774de2f27d6199dde52b0442402271c4bf0d0812b237bbf40f4198809430f5049be6a6d8ac9a189de24851b8a57e7146f0e9cc677d041a752944fe5257ba9cff5647ad1cacc467ee39ed0faae96e960bf5b34fca6518937fe80e2e2a29f81c992f1e208294fb5e57ef91f3d5e6caa842"}]}], {0x14}}, 0x120}, 0x1, 0x0, 0x0, 0x2000c045}, 0x24000004)
socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write2(0x11, &(0x7f0000000140)={0x5, 0x100000, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x3, 0x80cf, 0x0, 'queue0\x00', 0x40000})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
socket(0x10, 0x3, 0x0)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c)

2.257425954s ago: executing program 1 (id=1543):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x4000010, r0, 0x4000)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
connect$ax25(r1, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000ebff1100000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000001"], 0x34}, 0x1, 0x0, 0x0, 0x4045}, 0x0)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c4b20710200e01015a7a0102030109021b00010000000009040000012e6d0a150905ff"], 0x0)

2.166249708s ago: executing program 0 (id=1544):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r3, 0x54a3)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00')
pread64(r4, &(0x7f0000000300)=""/86, 0x56, 0x4000000000000f3)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4001, 0x4, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000040)=0x2cd, 0x4)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYRES8=r2], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000000300)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="2024070000000731f98a0000bdfaedf8633823"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000080)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r8, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000000000001050003000000000088000080060001000a0000001400020020010000000000000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRESHEX=r8], 0x22c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000084)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)

0s ago: executing program 3 (id=1545):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
connect$unix(r2, &(0x7f0000002040)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

kernel console output (not intermixed with test programs):

erface: team0
[  283.059269][ T5867] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  283.305349][ T9317] bridge0: port 3(team0) entered blocking state
[  283.323868][ T9317] bridge0: port 3(team0) entered disabled state
[  283.333952][ T9317] team0: entered allmulticast mode
[  283.339370][ T9317] team_slave_0: entered allmulticast mode
[  283.345245][ T9317] team_slave_1: entered allmulticast mode
[  283.354623][ T9317] bridge0: port 3(team0) entered blocking state
[  283.361008][ T9317] bridge0: port 3(team0) entered forwarding state
[  283.440678][ T9331] FAULT_INJECTION: forcing a failure.
[  283.440678][ T9331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.468827][ T5867] usb 3-1: Using ep0 maxpacket: 16
[  283.472964][ T9331] CPU: 1 UID: 0 PID: 9331 Comm: syz.4.925 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  283.472984][ T9331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  283.472993][ T9331] Call Trace:
[  283.472997][ T9331]  <TASK>
[  283.473003][ T9331]  dump_stack_lvl+0x16c/0x1f0
[  283.473023][ T9331]  should_fail_ex+0x50a/0x650
[  283.473046][ T9331]  _copy_from_user+0x2e/0xd0
[  283.473060][ T9331]  copy_msghdr_from_user+0x99/0x160
[  283.473078][ T9331]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  283.473106][ T9331]  ___sys_sendmsg+0xff/0x1e0
[  283.473124][ T9331]  ? __pfx____sys_sendmsg+0x10/0x10
[  283.473149][ T9331]  ? __pfx_lock_release+0x10/0x10
[  283.473168][ T9331]  ? trace_lock_acquire+0x14e/0x1f0
[  283.473189][ T9331]  ? __fget_files+0x206/0x3a0
[  283.473208][ T9331]  __sys_sendmsg+0x16e/0x220
[  283.473225][ T9331]  ? __pfx___sys_sendmsg+0x10/0x10
[  283.473254][ T9331]  do_syscall_64+0xcd/0x250
[  283.473272][ T9331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.473291][ T9331] RIP: 0033:0x7fb8b0b8cde9
[  283.473302][ T9331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.473315][ T9331] RSP: 002b:00007fb8b1918038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.473329][ T9331] RAX: ffffffffffffffda RBX: 00007fb8b0da5fa0 RCX: 00007fb8b0b8cde9
[  283.473338][ T9331] RDX: 0000000000000000 RSI: 0000400000000200 RDI: 0000000000000004
[  283.473346][ T9331] RBP: 00007fb8b1918090 R08: 0000000000000000 R09: 0000000000000000
[  283.473354][ T9331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.473361][ T9331] R13: 0000000000000000 R14: 00007fb8b0da5fa0 R15: 00007ffe2b994af8
[  283.473379][ T9331]  </TASK>
[  283.662810][ T5867] usb 3-1: config 1 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.673039][ T5867] usb 3-1: config 1 interface 0 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  283.742862][ T5867] usb 3-1: config 1 interface 0 has no altsetting 0
[  283.760487][ T5867] usb 3-1: New USB device found, idVendor=04b3, idProduct=3105, bcdDevice= 0.40
[  283.769771][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.782451][ T5867] usb 3-1: Product: syz
[  283.786635][ T5867] usb 3-1: Manufacturer: syz
[  283.808753][ T5867] usb 3-1: SerialNumber: syz
[  284.939457][ T9352] overlayfs: failed to clone lowerpath
[  285.135853][ T5867] usbhid 3-1:1.0: can't add hid device: -71
[  285.149515][ T5867] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  285.409026][ T5867] usb 3-1: USB disconnect, device number 25
[  286.310511][   T29] audit: type=1400 audit(1739086858.494:1696): avc:  denied  { connect } for  pid=9357 comm="syz.0.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  286.356683][   T29] audit: type=1400 audit(1739086858.584:1697): avc:  denied  { listen } for  pid=9357 comm="syz.0.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  286.381168][   T29] audit: type=1400 audit(1739086858.594:1698): avc:  denied  { ioctl } for  pid=9357 comm="syz.0.933" path="socket:[22469]" dev="sockfs" ino=22469 ioctlcmd=0xaea0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  286.434159][   T29] audit: type=1400 audit(1739086858.594:1699): avc:  denied  { accept } for  pid=9357 comm="syz.0.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  286.667443][ T9376] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  287.064454][   T29] audit: type=1400 audit(1739086859.464:1700): avc:  denied  { write } for  pid=9377 comm="syz.3.937" path="socket:[21302]" dev="sockfs" ino=21302 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  287.651662][ T9395] veth1_macvtap: left promiscuous mode
[  287.657354][ T9395] macsec0: entered promiscuous mode
[  287.708900][   T29] audit: type=1400 audit(1739086860.004:1701): avc:  denied  { bind } for  pid=9391 comm="syz.4.940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  287.921442][ T9402] netlink: 1292 bytes leftover after parsing attributes in process `syz.3.943'.
[  288.908850][   T29] audit: type=1326 audit(1739086861.304:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  288.970951][   T29] audit: type=1326 audit(1739086861.304:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  289.016176][   T29] audit: type=1326 audit(1739086861.304:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  289.064563][   T29] audit: type=1326 audit(1739086861.304:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  289.217511][ T9415] syz.4.946 (9415): drop_caches: 2
[  289.225187][ T9415] syz.4.946 (9415): drop_caches: 2
[  289.260857][   T29] audit: type=1326 audit(1739086861.304:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  289.589559][ T9402] tmpfs: Unknown parameter 'hugP'
[  289.594797][   T29] audit: type=1326 audit(1739086861.304:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  289.659142][   T29] audit: type=1326 audit(1739086861.304:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  289.724123][   T29] audit: type=1326 audit(1739086861.304:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  291.258796][ T5867] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  291.318337][ T9439] netlink: 36 bytes leftover after parsing attributes in process `syz.4.953'.
[  291.499252][ T5867] usb 3-1: Using ep0 maxpacket: 32
[  291.523944][ T5867] usb 3-1: unable to get BOS descriptor or descriptor too short
[  291.533559][ T5867] usb 3-1: too many configurations: 129, using maximum allowed: 8
[  291.549687][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.558359][ T5867] usb 3-1: config 14 has no interface number 0
[  291.585536][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  291.596896][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.613438][ T5867] usb 3-1: config 14 has no interface number 0
[  291.648746][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  291.661746][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.674490][ T5867] usb 3-1: config 14 has no interface number 0
[  291.688828][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  291.696511][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.705213][ T5867] usb 3-1: config 14 has no interface number 0
[  291.719011][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  291.727847][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.736538][ T5867] usb 3-1: config 14 has no interface number 0
[  291.753207][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  291.769577][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.788067][ T5867] usb 3-1: config 14 has no interface number 0
[  291.794676][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  291.828118][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  291.850613][ T5867] usb 3-1: config 14 has no interface number 0
[  292.404683][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  292.414467][ T5867] usb 3-1: config 14 has an invalid interface number: 87 but max is 0
[  292.422861][ T5867] usb 3-1: config 14 has no interface number 0
[  292.436445][ T5867] usb 3-1: config 14 interface 87 has no altsetting 0
[  292.455493][ T5867] usb 3-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=2b.d9
[  292.465777][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.482173][ T5867] usb 3-1: Product: syz
[  292.492932][ T5867] usb 3-1: Manufacturer: syz
[  292.507915][ T5867] usb 3-1: SerialNumber: syz
[  292.582791][ T9461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.960'.
[  292.956595][ T5867] ttusb_dec_send_command: command bulk message failed: error -22
[  292.964902][ T5867] ttusb-dec 3-1:14.87: probe with driver ttusb-dec failed with error -22
[  292.978936][ T5867] usb 3-1: USB disconnect, device number 26
[  293.944420][ T9475] pim6reg: entered allmulticast mode
[  294.405606][   T29] kauditd_printk_skb: 45 callbacks suppressed
[  294.405623][   T29] audit: type=1400 audit(1739086866.804:1755): avc:  denied  { execute_no_trans } for  pid=9470 comm="syz.3.963" path="/240/file0" dev="tmpfs" ino=1331 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  294.742735][   T29] audit: type=1400 audit(1739086867.134:1756): avc:  denied  { read append } for  pid=9482 comm="syz.1.966" name="btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  294.878976][ T9487] can0: slcan on ttyS3.
[  294.991402][   T29] audit: type=1400 audit(1739086867.144:1757): avc:  denied  { open } for  pid=9482 comm="syz.1.966" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  295.118888][   T29] audit: type=1400 audit(1739086867.384:1758): avc:  denied  { ioctl } for  pid=9482 comm="syz.1.966" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 ioctlcmd=0x541c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  295.170419][ T9477] can0 (unregistered): slcan off ttyS3.
[  295.280673][ T9496] 9pnet: Could not find request transport: fd0x00000000000000090xffffffffffffffff
[  295.315581][ T9507] netlink: 132 bytes leftover after parsing attributes in process `syz.3.971'.
[  295.559605][ T5867] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  295.751995][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.776711][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.816875][ T5867] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  295.826418][ T5867] usb 5-1: New USB device strings: Mfr=104, Product=1, SerialNumber=0
[  295.846073][ T5867] usb 5-1: Product: syz
[  295.861654][ T5867] usb 5-1: Manufacturer: syz
[  295.902077][ T5867] usb 5-1: config 0 descriptor??
[  296.269011][   T29] audit: type=1400 audit(1739086868.664:1759): avc:  denied  { setattr } for  pid=9529 comm="syz.2.976" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=22805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  297.048884][ T5826] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  297.189189][ T5867] uclogic 0003:256C:006D.000C: interface is invalid, ignoring
[  297.248783][ T5826] usb 2-1: Using ep0 maxpacket: 16
[  297.257986][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  297.279186][ T5866] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  297.293789][ T9556] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  297.303758][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  297.344050][ T5826] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  297.384543][ T5826] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  297.414316][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.419964][ T5826] usb 2-1: config 0 descriptor??
[  297.469934][ T5866] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  297.492220][ T5866] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  297.503485][ T5869] usb 5-1: USB disconnect, device number 28
[  297.520673][ T5866] usb 3-1: config 220 has no interface number 2
[  297.541837][ T5866] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  297.580036][ T5866] usb 3-1: config 220 interface 0 has no altsetting 0
[  297.600539][ T5866] usb 3-1: config 220 interface 76 has no altsetting 0
[  297.617811][ T5866] usb 3-1: config 220 interface 1 has no altsetting 0
[  297.639353][ T5866] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  297.658823][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.691843][ T5866] usb 3-1: Product: syz
[  297.696046][ T5866] usb 3-1: Manufacturer: syz
[  297.701985][ T5866] usb 3-1: SerialNumber: syz
[  297.729899][   T29] audit: type=1400 audit(1739086870.124:1760): avc:  denied  { read } for  pid=9565 comm="syz.0.981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  297.853741][ T5826] shield 0003:0955:7214.000D: unknown main item tag 0x0
[  297.878166][ T5826] shield 0003:0955:7214.000D: unknown main item tag 0x0
[  297.887229][ T5826] shield 0003:0955:7214.000D: unknown main item tag 0x0
[  297.902779][ T5826] shield 0003:0955:7214.000D: unknown main item tag 0x0
[  297.922969][   T29] audit: type=1326 audit(1739086870.314:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  297.957967][ T5826] shield 0003:0955:7214.000D: unknown main item tag 0x0
[  298.099432][ T9531] random: crng reseeded on system resumption
[  298.140887][ T5826] input: HID 0955:7214 Haptics as /devices/virtual/input/input15
[  298.245030][   T29] audit: type=1326 audit(1739086870.314:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  298.354383][ T5826] shield 0003:0955:7214.000D: Registered Thunderstrike controller
[  298.408916][ T5826] shield 0003:0955:7214.000D: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  298.420680][   T29] audit: type=1326 audit(1739086870.314:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  298.506478][   T29] audit: type=1326 audit(1739086870.314:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  298.972850][ T9582] 9pnet: Could not find request transport: fd0x00000000000000070xffffffffffffffff
[  299.194031][ T5870] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  299.205816][ T5826] usb 2-1: USB disconnect, device number 30
[  299.213589][ T5870] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  299.252786][ T5870] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  299.270994][ T5870] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  299.639743][ T9587] netlink: 12 bytes leftover after parsing attributes in process `syz.4.986'.
[  299.652092][ T9587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.986'.
[  299.665809][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  299.665824][   T29] audit: type=1400 audit(1739086872.064:1798): avc:  denied  { watch watch_reads } for  pid=9586 comm="syz.4.986" path="/35/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  299.706432][ T9587] netlink: 'syz.4.986': attribute type 1 has an invalid length.
[  299.855211][   T29] audit: type=1400 audit(1739086872.254:1799): avc:  denied  { write } for  pid=9592 comm="syz.4.989" name="mouse0" dev="devtmpfs" ino=1029 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  300.069092][ T5826] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  300.221262][ T5866] usb 3-1: selecting invalid altsetting 0
[  300.227749][ T5866] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  300.258860][ T5866] usb 3-1: No valid video chain found.
[  300.268828][ T5826] usb 2-1: Using ep0 maxpacket: 16
[  300.275280][ T5866] usb 3-1: selecting invalid altsetting 0
[  300.275567][ T5826] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  300.281240][ T5866] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  300.296103][ T5826] usb 2-1: config 0 has no interface number 0
[  300.305659][ T5826] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.320953][ T5826] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.343578][ T5866] usb 3-1: USB disconnect, device number 27
[  300.356512][ T5826] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  300.393790][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.410535][   T29] audit: type=1400 audit(1739086872.814:1800): avc:  denied  { create } for  pid=9597 comm="syz.4.991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  300.413588][ T5826] usb 2-1: config 0 descriptor??
[  301.141017][ T5869] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  301.205265][ T5866] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  301.216927][ T5826] uclogic 0003:28BD:0071.000E: pen parameters not found
[  301.245337][ T5826] uclogic 0003:28BD:0071.000E: interface is invalid, ignoring
[  302.439793][ T5866] usb 3-1: Using ep0 maxpacket: 16
[  302.449071][ T5869] usb 5-1: Using ep0 maxpacket: 8
[  302.450441][ T5866] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  302.465268][ T5866] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  302.478772][ T5866] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  302.487939][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.768242][ T5869] usb 5-1: config index 0 descriptor too short (expected 17740, got 45)
[  302.988426][ T5869] usb 5-1: config 73 has too many interfaces: 84, using maximum allowed: 32
[  303.114577][ T5869] usb 5-1: config 73 has an invalid descriptor of length 73, skipping remainder of the config
[  303.141702][ T5826] usb 2-1: USB disconnect, device number 31
[  303.157373][ T5869] usb 5-1: config 73 has 0 interfaces, different from the descriptor's value: 84
[  303.190085][ T5866] usb 3-1: Product: syz
[  303.194283][ T5866] usb 3-1: Manufacturer: syz
[  303.198918][ T5866] usb 3-1: SerialNumber: syz
[  303.248284][ T5869] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  303.264304][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  303.282593][ T5869] usb 5-1: Product: syz
[  303.286796][ T5869] usb 5-1: Manufacturer: syz
[  303.294597][ T9617] raw_sendmsg: syz.1.995 forgot to set AF_INET. Fix it!
[  303.318926][ T5869] usb 5-1: SerialNumber: syz
[  303.359839][ T5866] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  303.404042][ T5866] usb 3-1: USB disconnect, device number 28
[  304.150265][ T5869] usb 5-1: USB disconnect, device number 29
[  304.209206][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  304.599219][ T5870] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  304.664066][ T9640] Cannot find del_set index 3 as target
[  304.754028][ T5870] usb 3-1: device descriptor read/64, error -71
[  304.759843][ T9641] ntfs3: Unknown parameter '§"à¿÷·¥a§0(ddZ¬ã56Ñt@Xf«Úæv6ä}¶�×æü¹µWVä�‘qDy¥Œ63çŽÀ<D3'
[  304.998820][ T5866] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  305.170258][ T5866] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  305.188928][ T5866] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  305.208123][ T5866] usb 5-1: config 220 has no interface number 2
[  305.221290][ T5866] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  305.224450][ T5870] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[  305.264890][ T5866] usb 5-1: config 220 interface 0 has no altsetting 0
[  305.275168][ T5866] usb 5-1: config 220 interface 76 has no altsetting 0
[  305.288750][ T5866] usb 5-1: config 220 interface 1 has no altsetting 0
[  305.298324][ T5866] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  305.307697][ T5866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.325097][ T5866] usb 5-1: Product: syz
[  305.329496][ T5866] usb 5-1: Manufacturer: syz
[  305.334096][ T5866] usb 5-1: SerialNumber: syz
[  305.378934][ T5870] usb 3-1: device descriptor read/64, error -71
[  305.489200][ T5870] usb usb3-port1: attempt power cycle
[  305.570715][   T29] audit: type=1326 audit(1739086877.974:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.595466][   T29] audit: type=1326 audit(1739086877.974:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.631900][   T29] audit: type=1326 audit(1739086877.974:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.691204][ T5869] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  305.768251][   T29] audit: type=1326 audit(1739086877.974:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.792349][   T29] audit: type=1326 audit(1739086877.974:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.817548][   T29] audit: type=1326 audit(1739086877.974:1806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.850056][ T5870] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[  305.850370][   T29] audit: type=1326 audit(1739086877.974:1807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.881868][   T29] audit: type=1326 audit(1739086877.974:1808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.888962][ T5869] usb 2-1: Using ep0 maxpacket: 32
[  305.905952][   T29] audit: type=1326 audit(1739086877.974:1809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  305.949838][ T5870] usb 3-1: device descriptor read/8, error -71
[  305.952390][   T29] audit: type=1326 audit(1739086877.974:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9634 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8b0b8b750 code=0x7ffc0000
[  305.958224][ T5869] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  305.988869][ T5869] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  306.001623][ T5869] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  306.010811][ T5869] usb 2-1: config 1 has no interface number 0
[  306.017067][ T5869] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  306.028284][ T5869] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  306.041606][ T5869] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  306.050798][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.162957][ T5869] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  306.199119][ T5870] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  306.235151][ T5870] usb 3-1: device descriptor read/8, error -71
[  306.322765][ T5869] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  306.359139][ T5870] usb usb3-port1: unable to enumerate USB device
[  306.538312][    T8] usb 2-1: USB disconnect, device number 32
[  306.545714][    T8] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  306.662310][ T9656] tipc: Started in network mode
[  306.667221][ T9656] tipc: Node identity ff, cluster identity 4711
[  306.676081][ T9656] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  307.139500][    T8] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  307.265195][ T9670] netlink: 'syz.1.1012': attribute type 10 has an invalid length.
[  307.939179][ T5866] usb 5-1: selecting invalid altsetting 0
[  307.954659][ T5866] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  307.975890][ T5866] usb 5-1: No valid video chain found.
[  307.989164][    T8] usb 3-1: Using ep0 maxpacket: 8
[  307.999730][ T5866] usb 5-1: selecting invalid altsetting 0
[  308.005520][ T5866] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  308.019037][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  308.993437][    T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  309.019829][ T5866] usb 5-1: USB disconnect, device number 30
[  309.026128][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  309.294630][    T8] usb 3-1: SerialNumber: syz
[  309.302232][    T8] usb 3-1: config 0 descriptor??
[  309.310807][    T8] usb 3-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  309.317694][    T8] usb 3-1: No valid video chain found.
[  309.653887][    T8] usb 3-1: USB disconnect, device number 33
[  309.750285][ T9691] ptrace attach of "./syz-executor exec"[9692] was attempted by "./syz-executor exec"[9691]
[  310.990236][ T9717] capability: warning: `syz.3.1016' uses 32-bit capabilities (legacy support in use)
[  311.598794][ T5866] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  311.884708][ T5866] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  311.893262][ T5866] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  311.924117][ T5866] usb 2-1: config 220 has no interface number 2
[  311.941860][ T5866] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  311.999054][ T5866] usb 2-1: config 220 interface 0 has no altsetting 0
[  312.026673][ T5866] usb 2-1: config 220 interface 76 has no altsetting 0
[  312.044403][ T5866] usb 2-1: config 220 interface 1 has no altsetting 0
[  312.064534][ T5866] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  312.074131][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.083414][ T5866] usb 2-1: Product: syz
[  312.095815][ T5866] usb 2-1: Manufacturer: syz
[  312.107908][ T5866] usb 2-1: SerialNumber: syz
[  312.275191][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  312.275207][   T29] audit: type=1326 audit(1739086884.674:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.196239][   T29] audit: type=1326 audit(1739086884.674:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.300406][   T29] audit: type=1326 audit(1739086884.704:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.440886][   T29] audit: type=1326 audit(1739086884.704:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.560752][ T9737] can0: slcan on ttyS3.
[  313.587338][   T29] audit: type=1326 audit(1739086884.704:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.620515][ T9737] can0 (unregistered): slcan off ttyS3.
[  313.643169][   T29] audit: type=1326 audit(1739086884.704:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.670422][   T29] audit: type=1326 audit(1739086885.344:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.703649][   T29] audit: type=1326 audit(1739086885.344:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.4.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  313.841734][   T29] audit: type=1326 audit(1739086885.364:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52db8cde9 code=0x7ffc0000
[  313.869688][   T29] audit: type=1326 audit(1739086885.364:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52db8cde9 code=0x7ffc0000
[  314.461236][ T5866] usb 2-1: selecting invalid altsetting 0
[  314.487880][ T5866] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  314.502571][ T5866] usb 2-1: No valid video chain found.
[  314.512465][ T5866] usb 2-1: selecting invalid altsetting 0
[  314.518477][ T5866] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[  314.569621][ T5866] usb 2-1: USB disconnect, device number 33
[  316.035819][ T9773] kAFS: unparsable volume name
[  316.765334][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  316.771879][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  317.737675][ T5918] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  317.968929][ T5918] usb 5-1: Using ep0 maxpacket: 32
[  317.978745][ T5918] usb 5-1: config 1 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  318.022252][ T5918] usb 5-1: config 1 interface 0 has no altsetting 0
[  318.041571][ T5918] usb 5-1: New USB device found, idVendor=8380, idProduct=1850, bcdDevice= 0.40
[  318.644749][ T5918] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.662451][ T5918] usb 5-1: Product: syz
[  318.671334][ T5918] usb 5-1: Manufacturer: syz
[  318.681179][ T5918] usb 5-1: SerialNumber: syz
[  318.715847][ T9800] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1046'.
[  318.946618][ T9805] kAFS: unable to lookup cell '.yz1'
[  319.139096][ T9805] libceph: resolve '0.0' (ret=-3): failed
[  319.261480][ T5918] usbhid 5-1:1.0: can't add hid device: -71
[  319.320901][ T5918] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  319.389960][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1049'.
[  319.481126][ T5918] usb 5-1: USB disconnect, device number 31
[  319.511096][ T3493] Bluetooth: hci5: Frame reassembly failed (-84)
[  319.571071][ T3493] Bluetooth: hci5: Frame reassembly failed (-84)
[  320.419067][ T5869] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  320.893007][ T2147] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  321.088787][ T2147] usb 3-1: Using ep0 maxpacket: 32
[  321.100654][ T2147] usb 3-1: unable to read config index 0 descriptor/start: -61
[  321.113810][ T2147] usb 3-1: can't read configurations, error -61
[  321.264287][ T9839] SELinux:  Context Ü is not valid (left unmapped).
[  321.423853][ T9842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1056'.
[  322.179147][ T5821] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  322.189240][ T2147] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  322.308996][ T9843] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1057'.
[  322.317975][ T9843] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1057'.
[  323.058913][ T2147] usb 3-1: Using ep0 maxpacket: 32
[  323.065774][ T2147] usb 3-1: unable to read config index 0 descriptor/start: -61
[  323.076877][ T2147] usb 3-1: can't read configurations, error -61
[  323.089343][ T2147] usb usb3-port1: attempt power cycle
[  323.218919][ T5869] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  323.409088][ T5869] usb 5-1: Using ep0 maxpacket: 8
[  323.458880][ T2147] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  323.491277][ T5869] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  323.636774][ T5869] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  323.651116][ T2147] usb 3-1: device descriptor read/8, error -71
[  323.664713][ T5869] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  323.685052][ T5869] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  323.706510][ T5869] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  323.733041][ T5869] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  323.765916][ T5870] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  323.791184][ T5869] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  323.809059][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.817084][ T5869] usb 5-1: Product: syz
[  323.829022][ T5869] usb 5-1: Manufacturer: syz
[  323.833641][ T5869] usb 5-1: SerialNumber: syz
[  323.860041][ T5869] usb 5-1: config 0 descriptor??
[  323.869293][ T9844] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  323.877480][ T5869] ati_remote 5-1:0.0: ati_remote_probe: Unexpected endpoint_out
[  323.948999][ T5870] usb 2-1: Using ep0 maxpacket: 16
[  323.961561][ T5870] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[  323.970108][ T5870] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  323.978282][ T5870] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  323.986621][ T5870] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  323.994884][ T5870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  324.003829][ T5870] usb 2-1: config 0 has no interface number 0
[  324.010018][ T5870] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  324.021112][ T5870] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  324.043840][ T5870] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  324.054038][ T5870] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  324.088568][ T5870] usb 2-1: too many endpoints for config 0 interface 125 altsetting 190: 64, using maximum allowed: 30
[  324.108762][ T5870] usb 2-1: config 0 interface 125 altsetting 190 has 0 endpoint descriptors, different from the interface descriptor's value: 64
[  324.139562][ T2147] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  324.151232][ T5870] usb 2-1: config 0 interface 125 has no altsetting 0
[  324.168273][ T5870] usb 2-1: config 0 interface 125 has no altsetting 2
[  324.177029][ T2147] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  324.186464][ T5870] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  324.198749][ T2147] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  324.211309][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.228763][ T2147] usb 3-1: config 220 has no interface number 2
[  324.235130][ T5870] usb 2-1: Product: syz
[  324.244386][ T5870] usb 2-1: Manufacturer: syz
[  324.249197][ T2147] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  324.268741][ T5870] usb 2-1: SerialNumber: syz
[  324.275759][ T2147] usb 3-1: config 220 interface 0 has no altsetting 0
[  324.283993][ T5870] usb 2-1: config 0 descriptor??
[  324.291680][ T2147] usb 3-1: config 220 interface 76 has no altsetting 0
[  324.300593][ T5870] usb 2-1: selecting invalid altsetting 2
[  324.310130][ T2147] usb 3-1: config 220 interface 1 has no altsetting 0
[  324.320073][ T2147] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  324.329493][ T2147] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.338220][ T2147] usb 3-1: Product: syz
[  324.339084][ T9878] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  324.342966][ T2147] usb 3-1: Manufacturer: syz
[  324.356165][ T9879] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  324.366067][ T2147] usb 3-1: SerialNumber: syz
[  324.579574][   T29] kauditd_printk_skb: 46 callbacks suppressed
[  324.579590][   T29] audit: type=1326 audit(1739086896.984:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.609880][   T29] audit: type=1326 audit(1739086896.984:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.633588][   T29] audit: type=1326 audit(1739086896.984:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.667824][   T29] audit: type=1326 audit(1739086896.984:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.715656][   T29] audit: type=1326 audit(1739086896.984:1897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.778446][   T29] audit: type=1326 audit(1739086896.984:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.811137][   T29] audit: type=1326 audit(1739086896.984:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.843478][   T29] audit: type=1326 audit(1739086896.984:1900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.844070][    C1] usb 2-1: async_complete: urb error -71
[  324.870298][   T29] audit: type=1326 audit(1739086896.984:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.872873][    C1] usb 2-1: async_complete: urb error -71
[  324.901103][   T29] audit: type=1326 audit(1739086896.984:1902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2b8cde9 code=0x7ffc0000
[  324.901907][    C1] usb 2-1: async_complete: urb error -71
[  324.932622][    C1] vkms_vblank_simulate: vblank timer overrun
[  324.940843][ T5870] get_1284_register: usb error -71
[  324.946999][ T5870] uss720 2-1:0.125: probe with driver uss720 failed with error -71
[  324.972607][ T5870] usb 2-1: USB disconnect, device number 34
[  325.225388][    T8] usb 5-1: USB disconnect, device number 33
[  326.834564][ T2147] usb 3-1: selecting invalid altsetting 0
[  326.860011][ T2147] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  326.877917][ T2147] usb 3-1: No valid video chain found.
[  326.881514][ T9908] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  326.903753][ T2147] usb 3-1: selecting invalid altsetting 0
[  326.920251][ T2147] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  326.931324][ T2147] usb 3-1: USB disconnect, device number 37
[  327.102050][ T9917] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1082'.
[  327.168816][    T8] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  327.320407][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  327.330711][    T8] usb 5-1: config 0 has no interfaces?
[  327.336195][    T8] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  327.345272][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.354799][    T8] usb 5-1: config 0 descriptor??
[  328.195153][ T9925] lo speed is unknown, defaulting to 1000
[  328.203505][ T9925] lo speed is unknown, defaulting to 1000
[  328.211596][ T9925] lo speed is unknown, defaulting to 1000
[  328.222202][ T9925] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  328.234880][ T9925] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  328.265812][ T9925] lo speed is unknown, defaulting to 1000
[  328.272813][ T9925] lo speed is unknown, defaulting to 1000
[  328.280862][ T9925] lo speed is unknown, defaulting to 1000
[  328.287371][ T9925] lo speed is unknown, defaulting to 1000
[  328.301135][ T9925] lo speed is unknown, defaulting to 1000
[  328.852060][ T9951] 9pnet_fd: Insufficient options for proto=fd
[  329.520656][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1096'.
[  329.556461][ T9955] vlan2: entered allmulticast mode
[  329.573381][ T9955] macvlan0: entered allmulticast mode
[  329.585469][ T9955] veth1_vlan: entered allmulticast mode
[  329.602422][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1096'.
[  329.919517][    T8] usb 5-1: USB disconnect, device number 34
[  331.274821][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888035051c00: rx timeout, send abort
[  331.285243][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888035051c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  331.593156][    T8] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  331.909947][    T8] usb 5-1: Using ep0 maxpacket: 16
[  331.921889][    T8] usb 5-1: config 0 has an invalid interface number: 253 but max is 0
[  331.960159][    T8] usb 5-1: config 0 has no interface number 0
[  332.050473][    T8] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=ce.16
[  332.073142][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.095943][    T8] usb 5-1: Product: syz
[  332.100346][    T8] usb 5-1: Manufacturer: syz
[  332.108263][    T8] usb 5-1: SerialNumber: syz
[  332.116744][    T8] usb 5-1: config 0 descriptor??
[  333.174658][    T8] comedi comedi0: Wrong number of endpoints
[  333.188025][    T8] dt9812 5-1:0.253: driver 'dt9812' failed to auto-configure device.
[  333.215025][    T8] usb 5-1: USB disconnect, device number 35
[  333.224724][ T6601] udevd[6601]: setting mode of /dev/bus/usb/005/035 to 020664 failed: No such file or directory
[  333.237256][ T6601] udevd[6601]: setting owner of /dev/bus/usb/005/035 to uid=0, gid=0 failed: No such file or directory
[  333.458828][ T2147] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  334.228945][ T2147] usb 2-1: Using ep0 maxpacket: 16
[  334.236316][ T2147] usb 2-1: config 0 has an invalid interface number: 253 but max is 0
[  334.259834][ T2147] usb 2-1: config 0 has no interface number 0
[  334.268531][ T2147] usb 2-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=ce.16
[  334.277871][ T2147] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.286051][ T2147] usb 2-1: Product: syz
[  334.290558][ T2147] usb 2-1: Manufacturer: syz
[  334.295215][ T2147] usb 2-1: SerialNumber: syz
[  334.305482][ T2147] usb 2-1: config 0 descriptor??
[  334.359067][T10004] 9pnet_fd: Insufficient options for proto=fd
[  334.615144][ T2147] comedi comedi0: Wrong number of endpoints
[  334.622824][ T2147] dt9812 2-1:0.253: driver 'dt9812' failed to auto-configure device.
[  334.648948][ T2147] usb 2-1: USB disconnect, device number 35
[  334.758143][T10016] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1115'.
[  334.962189][ T5869] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  335.034790][ T5870] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  335.225264][ T5869] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  335.277648][ T5870] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  335.324894][ T5869] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  335.379928][ T5870] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  335.399850][ T5869] usb 5-1: config 220 has no interface number 2
[  335.406174][ T5870] usb 3-1: config 220 has no interface number 2
[  335.417835][ T5869] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  335.431865][ T5870] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  335.445797][ T5869] usb 5-1: config 220 interface 0 has no altsetting 0
[  335.452973][ T5870] usb 3-1: config 220 interface 0 has no altsetting 0
[  335.460273][ T5869] usb 5-1: config 220 interface 76 has no altsetting 0
[  335.467143][ T5869] usb 5-1: config 220 interface 1 has no altsetting 0
[  335.474166][ T5870] usb 3-1: config 220 interface 76 has no altsetting 0
[  335.481796][ T5870] usb 3-1: config 220 interface 1 has no altsetting 0
[  335.491165][ T5869] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  335.501386][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.509758][ T5870] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  335.519325][ T5869] usb 5-1: Product: syz
[  335.523490][ T5869] usb 5-1: Manufacturer: syz
[  335.528084][ T5869] usb 5-1: SerialNumber: syz
[  335.532803][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.541193][ T5870] usb 3-1: Product: syz
[  335.546995][ T5870] usb 3-1: Manufacturer: syz
[  335.552398][ T5870] usb 3-1: SerialNumber: syz
[  335.754851][   T29] kauditd_printk_skb: 34 callbacks suppressed
[  335.754868][   T29] audit: type=1326 audit(1739086908.154:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  335.808981][   T29] audit: type=1326 audit(1739086908.154:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  335.880692][ T2147] IPVS: starting estimator thread 0...
[  335.924747][   T29] audit: type=1326 audit(1739086908.164:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  335.998857][T10027] IPVS: using max 33 ests per chain, 79200 per kthread
[  336.092870][   T29] audit: type=1326 audit(1739086908.164:1940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  336.118347][   T29] audit: type=1326 audit(1739086908.164:1941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  336.142869][   T29] audit: type=1326 audit(1739086908.164:1942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  336.326939][   T29] audit: type=1326 audit(1739086908.164:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  336.771391][   T29] audit: type=1326 audit(1739086908.164:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  336.799891][   T29] audit: type=1326 audit(1739086908.164:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  336.825868][   T29] audit: type=1326 audit(1739086908.164:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10006 comm="syz.4.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  337.554125][ T5869] usb 5-1: selecting invalid altsetting 0
[  337.602945][T10062] fuse: Unknown parameter '0x0000000000000003'
[  337.675801][T10064] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  337.696373][T10064] libceph: resolve '.
[  337.696373][T10064] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[  337.696373][T10064] ' (ret=-3): failed
[  337.748186][T10068] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  338.507901][ T5869] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  338.514447][ T5869] usb 5-1: No valid video chain found.
[  338.524073][ T5869] usb 5-1: selecting invalid altsetting 0
[  338.531423][ T5869] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  338.700255][ T5869] usb 5-1: USB disconnect, device number 36
[  338.706948][ T5870] usb 3-1: selecting invalid altsetting 0
[  338.713104][ T5870] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  338.719620][ T5870] usb 3-1: No valid video chain found.
[  339.703407][ T5870] usb 3-1: selecting invalid altsetting 0
[  339.731098][ T5870] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  340.724600][ T5870] usb 3-1: USB disconnect, device number 38
[  341.954129][T10113] netlink: 'syz.0.1144': attribute type 24 has an invalid length.
[  341.964100][ T5870] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  342.099025][ T5869] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  342.134154][T10115] FAULT_INJECTION: forcing a failure.
[  342.134154][T10115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.148291][T10115] CPU: 1 UID: 0 PID: 10115 Comm: syz.0.1145 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  342.148313][T10115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  342.148323][T10115] Call Trace:
[  342.148328][T10115]  <TASK>
[  342.148334][T10115]  dump_stack_lvl+0x16c/0x1f0
[  342.148360][T10115]  should_fail_ex+0x50a/0x650
[  342.148388][T10115]  _copy_from_user+0x2e/0xd0
[  342.148404][T10115]  copy_msghdr_from_user+0x99/0x160
[  342.148425][T10115]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  342.148452][T10115]  ? __pfx___lock_acquire+0x10/0x10
[  342.148479][T10115]  ___sys_recvmsg+0xdc/0x1a0
[  342.148500][T10115]  ? __pfx____sys_recvmsg+0x10/0x10
[  342.148520][T10115]  ? find_held_lock+0x2d/0x110
[  342.148549][T10115]  ? __pfx___might_resched+0x10/0x10
[  342.148574][T10115]  ? __might_fault+0xe3/0x190
[  342.148597][T10115]  do_recvmmsg+0x2f8/0x740
[  342.148621][T10115]  ? __pfx_do_recvmmsg+0x10/0x10
[  342.148640][T10115]  ? vfs_write+0x306/0x1150
[  342.148667][T10115]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  342.148693][T10115]  ? __fget_files+0x206/0x3a0
[  342.148713][T10115]  __x64_sys_recvmmsg+0x239/0x290
[  342.148735][T10115]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  342.148763][T10115]  do_syscall_64+0xcd/0x250
[  342.148783][T10115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.148804][T10115] RIP: 0033:0x7f1f6df8cde9
[  342.148817][T10115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.148833][T10115] RSP: 002b:00007f1f6ee15038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  342.148849][T10115] RAX: ffffffffffffffda RBX: 00007f1f6e1a5fa0 RCX: 00007f1f6df8cde9
[  342.148860][T10115] RDX: 00000000000007dd RSI: 00004000000005c0 RDI: 0000000000000004
[  342.148870][T10115] RBP: 00007f1f6ee15090 R08: 0000000000000000 R09: 0000000000000000
[  342.148879][T10115] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001
[  342.148888][T10115] R13: 0000000000000000 R14: 00007f1f6e1a5fa0 R15: 00007ffecbc35c48
[  342.148909][T10115]  </TASK>
[  342.399292][ T5870] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  342.407581][ T5870] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  342.417936][ T5870] usb 5-1: config 220 has no interface number 2
[  342.424346][ T5870] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  342.437514][ T5870] usb 5-1: config 220 interface 0 has no altsetting 0
[  342.444382][ T5870] usb 5-1: config 220 interface 76 has no altsetting 0
[  342.451297][ T5870] usb 5-1: config 220 interface 1 has no altsetting 0
[  342.462576][ T5870] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  342.473046][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.481072][ T5870] usb 5-1: Product: syz
[  342.485207][ T5870] usb 5-1: Manufacturer: syz
[  342.491735][ T5870] usb 5-1: SerialNumber: syz
[  342.562903][ T5869] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  342.573297][ T5869] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  342.583646][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.625465][ T5869] usb 2-1: config 0 descriptor??
[  342.654370][ T5869] pwc: Askey VC010 type 2 USB webcam detected.
[  342.719292][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  342.719353][   T29] audit: type=1326 audit(1739086915.114:2011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  342.800503][   T29] audit: type=1326 audit(1739086915.154:2012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  342.970680][   T29] audit: type=1326 audit(1739086915.154:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  342.998519][   T29] audit: type=1326 audit(1739086915.154:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.035705][   T29] audit: type=1326 audit(1739086915.154:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.068363][   T29] audit: type=1326 audit(1739086915.154:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.106644][   T29] audit: type=1326 audit(1739086915.154:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.176392][T10118] Option 'Ó¾,0A–˜' to dns_resolver key: bad/missing value
[  343.344712][ T5869] pwc: recv_control_msg error -32 req 02 val 2b00
[  343.355178][ T5869] pwc: recv_control_msg error -32 req 02 val 2700
[  343.362342][ T5869] pwc: recv_control_msg error -32 req 02 val 2c00
[  343.371619][ T5869] pwc: recv_control_msg error -32 req 04 val 1000
[  343.380687][   T29] audit: type=1326 audit(1739086915.154:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.380841][ T5869] pwc: recv_control_msg error -32 req 04 val 1300
[  343.408343][   T29] audit: type=1326 audit(1739086915.164:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.411597][ T5869] pwc: recv_control_msg error -32 req 04 val 1400
[  343.442060][ T5869] pwc: recv_control_msg error -32 req 02 val 2000
[  343.445075][   T29] audit: type=1326 audit(1739086915.164:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10101 comm="syz.4.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  343.449221][ T5869] pwc: recv_control_msg error -32 req 02 val 2100
[  343.480857][ T5869] pwc: recv_control_msg error -32 req 04 val 1500
[  343.487814][ T5869] pwc: recv_control_msg error -32 req 02 val 2500
[  343.495141][ T5869] pwc: recv_control_msg error -32 req 02 val 2400
[  343.502150][ T5869] pwc: recv_control_msg error -32 req 02 val 2600
[  343.881613][ T5869] pwc: recv_control_msg error -71 req 02 val 2800
[  343.897741][ T5869] pwc: recv_control_msg error -71 req 04 val 1100
[  343.904691][ T5869] pwc: recv_control_msg error -71 req 04 val 1200
[  343.914227][ T5869] pwc: Registered as video103.
[  343.919841][ T5869] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input16
[  343.944416][ T5869] usb 2-1: USB disconnect, device number 36
[  345.041701][ T5870] usb 5-1: selecting invalid altsetting 0
[  345.057004][T10130] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0
[  345.069021][ T5870] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  345.083468][ T5870] usb 5-1: No valid video chain found.
[  345.247430][ T5870] usb 5-1: selecting invalid altsetting 0
[  345.253343][ T5870] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  345.264726][ T5870] usb 5-1: USB disconnect, device number 37
[  345.951405][T10137] syz.4.1152 (10137): drop_caches: 2
[  345.957183][T10137] syz.4.1152 (10137): drop_caches: 2
[  346.211312][T10154] gfs2: not a GFS2 filesystem
[  346.257601][T10161] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  346.448758][ T5866] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  346.644149][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.656252][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.728723][ T5866] usb 5-1: string descriptor 0 read error: -71
[  355.734996][ T5866] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  355.748303][ T5866] usb 5-1: New USB device strings: Mfr=104, Product=1, SerialNumber=0
[  355.786901][ T5866] usb 5-1: config 0 descriptor??
[  355.792338][ T5866] usb 5-1: can't set config #0, error -71
[  355.799975][ T5866] usb 5-1: USB disconnect, device number 38
[  355.883840][T10193] xt_CT: You must specify a L4 protocol and not use inversions on it
[  356.179887][ T5869] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  356.265578][T10203] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  356.265578][T10203] The task syz.2.1170 (10203) triggered the difference, watch for misbehavior.
[  356.362548][ T5869] usb 2-1: config 0 has no interfaces?
[  356.394144][ T5869] usb 2-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=32.8f
[  356.517736][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.626789][ T5869] usb 2-1: config 0 descriptor??
[  357.069055][ T5869] usb 2-1: USB disconnect, device number 37
[  357.103578][   T29] kauditd_printk_skb: 100 callbacks suppressed
[  357.103591][   T29] audit: type=1400 audit(1739349329.509:2121): avc:  denied  { ioctl } for  pid=10220 comm="syz.2.1174" path="socket:[25182]" dev="sockfs" ino=25182 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  357.158568][T10228] IPVS: set_ctl: invalid protocol: 43 0.0.0.0:0
[  357.166036][   T46] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  357.338764][   T46] usb 5-1: Using ep0 maxpacket: 16
[  357.345148][   T46] usb 5-1: config 0 has an invalid interface number: 253 but max is 0
[  357.353652][   T46] usb 5-1: config 0 has no interface number 0
[  357.361506][   T46] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=ce.16
[  357.374914][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.383434][   T46] usb 5-1: Product: syz
[  357.387761][   T46] usb 5-1: Manufacturer: syz
[  357.392743][   T46] usb 5-1: SerialNumber: syz
[  357.402540][   T46] usb 5-1: config 0 descriptor??
[  357.632008][   T46] comedi comedi0: Wrong number of endpoints
[  357.638133][   T46] dt9812 5-1:0.253: driver 'dt9812' failed to auto-configure device.
[  357.651617][   T46] usb 5-1: USB disconnect, device number 39
[  358.104680][   T29] audit: type=1400 audit(1739349330.509:2122): avc:  denied  { getopt } for  pid=10237 comm="syz.2.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  358.124234][    C1] vkms_vblank_simulate: vblank timer overrun
[  359.718870][ T5870] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  359.916365][ T5870] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  359.938319][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.948834][ T5870] usb 3-1: Product: syz
[  359.953093][ T5870] usb 3-1: Manufacturer: syz
[  359.967864][   T29] audit: type=1400 audit(1739349332.359:2123): avc:  denied  { getopt } for  pid=10267 comm="syz.1.1187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  360.062731][ T5870] usb 3-1: SerialNumber: syz
[  360.089643][ T5870] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  360.121461][ T5869] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  365.238839][   T58] sched: DL replenish lagged too much
[  365.330531][ T5918] usb 3-1: USB disconnect, device number 39
[  365.378780][   T46] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  365.435171][T10281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1194'.
[  365.448586][T10281] bridge_slave_1: left allmulticast mode
[  365.455130][T10281] bridge_slave_1: left promiscuous mode
[  365.470472][T10281] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.491097][T10281] bridge_slave_0: left allmulticast mode
[  365.509394][T10281] bridge_slave_0: left promiscuous mode
[  365.520922][T10281] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.528868][ T5826] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  365.848146][ T5826] usb 5-1: Using ep0 maxpacket: 16
[  366.101493][ T5826] usb 5-1: unable to read config index 0 descriptor/start: -71
[  366.109697][ T5826] usb 5-1: can't read configurations, error -71
[  366.158999][T10291] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  366.429505][ T5869] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  366.449122][ T5869] ath9k_htc: Failed to initialize the device
[  367.386794][ T5918] usb 3-1: ath9k_htc: USB layer deinitialized
[  367.832542][   T29] audit: type=1400 audit(1739349340.229:2124): avc:  denied  { listen } for  pid=10294 comm="syz.3.1197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  368.848833][ T5918] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  369.024591][ T5918] usb 3-1: Using ep0 maxpacket: 16
[  369.163222][ T5918] usb 3-1: config 0 has an invalid interface number: 253 but max is 0
[  369.242972][ T5918] usb 3-1: config 0 has no interface number 0
[  369.322558][ T5918] usb 3-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=ce.16
[  369.331765][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.357499][ T5918] usb 3-1: Product: syz
[  369.375436][ T5918] usb 3-1: Manufacturer: syz
[  369.582329][ T5918] usb 3-1: SerialNumber: syz
[  369.819414][   T29] audit: type=1400 audit(1739349341.979:2125): avc:  denied  { write } for  pid=10315 comm="syz.0.1202" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  369.928877][ T5918] usb 3-1: config 0 descriptor??
[  370.337251][ T5918] comedi comedi0: Wrong number of endpoints
[  370.345851][T10323] FAULT_INJECTION: forcing a failure.
[  370.345851][T10323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.356597][ T5918] dt9812 3-1:0.253: driver 'dt9812' failed to auto-configure device.
[  370.551898][ T5918] usb 3-1: USB disconnect, device number 40
[  370.562522][T10323] CPU: 1 UID: 0 PID: 10323 Comm: syz.0.1205 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  370.562542][T10323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  370.562551][T10323] Call Trace:
[  370.562556][T10323]  <TASK>
[  370.562563][T10323]  dump_stack_lvl+0x16c/0x1f0
[  370.562584][T10323]  should_fail_ex+0x50a/0x650
[  370.562611][T10323]  _copy_from_user+0x2e/0xd0
[  370.562626][T10323]  userfaultfd_ioctl+0x28b/0x38c0
[  370.562646][T10323]  ? lock_acquire.part.0+0x11b/0x380
[  370.562671][T10323]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  370.562689][T10323]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  370.562713][T10323]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  370.562741][T10323]  ? __pfx_lock_release+0x10/0x10
[  370.562769][T10323]  ? selinux_file_ioctl+0x180/0x270
[  370.562793][T10323]  ? selinux_file_ioctl+0xb4/0x270
[  370.562815][T10323]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  370.562837][T10323]  ? __x64_sys_ioctl+0x190/0x200
[  370.562859][T10323]  __x64_sys_ioctl+0x190/0x200
[  370.562883][T10323]  do_syscall_64+0xcd/0x250
[  370.562903][T10323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.562925][T10323] RIP: 0033:0x7f1f6df8cde9
[  370.562938][T10323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.562953][T10323] RSP: 002b:00007f1f6ee15038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.562968][T10323] RAX: ffffffffffffffda RBX: 00007f1f6e1a5fa0 RCX: 00007f1f6df8cde9
[  370.562978][T10323] RDX: 0000400000000180 RSI: 00000000c028aa05 RDI: 0000000000000003
[  370.562988][T10323] RBP: 00007f1f6ee15090 R08: 0000000000000000 R09: 0000000000000000
[  370.562997][T10323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.563005][T10323] R13: 0000000000000000 R14: 00007f1f6e1a5fa0 R15: 00007ffecbc35c48
[  370.563026][T10323]  </TASK>
[  370.791271][T10327] lo speed is unknown, defaulting to 1000
[  370.811886][   T29] audit: type=1400 audit(1739349343.179:2126): avc:  denied  { bind } for  pid=10326 comm="syz.4.1203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  370.885278][   T29] audit: type=1400 audit(1739349343.189:2127): avc:  denied  { mount } for  pid=10326 comm="syz.4.1203" name="/" dev="configfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  371.853243][ T5869] libceph: connect (1)[c::]:6789 error -101
[  372.249502][T10352] ceph: No mds server is up or the cluster is laggy
[  372.260987][ T5869] libceph: mon0 (1)[c::]:6789 connect error
[  372.501721][T10364] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1214'.
[  372.665776][T10357] ALSA: mixer_oss: invalid OSS volume 'P×}VIN'
[  372.767471][T10368] lo speed is unknown, defaulting to 1000
[  373.946915][   T29] audit: type=1400 audit(1739349346.339:2128): avc:  denied  { mounton } for  pid=10374 comm="syz.3.1217" path="/294/file0" dev="tmpfs" ino=1626 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  374.001865][T10375] /dev/nullb0: Can't lookup blockdev
[  374.332657][   T29] audit: type=1400 audit(1739349346.689:2129): avc:  denied  { execute } for  pid=10379 comm="syz.2.1218" path="/dev/sg0" dev="devtmpfs" ino=735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  374.367938][T10383] block device autoloading is deprecated and will be removed.
[  375.204673][T10394] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 3, id = 0
[  375.216176][T10378] IPVS: stopping backup sync thread 10394 ...
[  375.225273][    T8] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  375.291466][T10390] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1219'.
[  375.312807][T10398] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1221'.
[  375.317151][T10390] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1219'.
[  375.374747][   T29] audit: type=1400 audit(1739349347.779:2130): avc:  denied  { setattr } for  pid=10376 comm="syz.0.1219" name="io" dev="proc" ino=26515 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  375.471660][T10402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1223'.
[  375.473360][    T8] usb 2-1: Using ep0 maxpacket: 8
[  375.482339][T10402] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1223'.
[  375.539601][    T8] usb 2-1: device descriptor read/all, error -71
[  375.667530][T10410] lo speed is unknown, defaulting to 1000
[  375.674623][T10407] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.713018][T10407] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.720185][T10407] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.989481][T10415] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1224'.
[  376.004626][   T29] audit: type=1400 audit(1739349348.409:2131): avc:  denied  { map } for  pid=10405 comm="syz.0.1224" path="socket:[26544]" dev="sockfs" ino=26544 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  376.080587][   T29] audit: type=1400 audit(1739349348.409:2132): avc:  denied  { read } for  pid=10405 comm="syz.0.1224" path="socket:[26544]" dev="sockfs" ino=26544 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  376.103843][    C0] vkms_vblank_simulate: vblank timer overrun
[  376.694839][T10428] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1229'.
[  378.206800][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  378.218611][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  378.613828][ T5828] Bluetooth: hci2: command 0x0406 tx timeout
[  378.994153][T10451] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1236'.
[  380.916214][ T5828] Bluetooth: hci2: command 0x0406 tx timeout
[  381.554909][T10478] netlink: 1192 bytes leftover after parsing attributes in process `syz.3.1245'.
[  381.566662][T10478] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1245'.
[  381.575904][T10478] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1245'.
[  381.625539][T10478] openvswitch: netlink: Key 32 has unexpected len 0 expected 2
[  381.778845][ T5826] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  381.938889][ T5826] usb 3-1: Using ep0 maxpacket: 8
[  381.953528][ T5826] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  381.976358][ T5826] usb 3-1: config 179 has no interface number 0
[  381.986709][ T5826] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  382.002711][ T5826] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  382.014415][ T5826] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  382.035952][ T5826] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  382.059626][ T5826] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  382.086523][ T5826] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.139417][T10445] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  382.359995][T10445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  382.368646][T10445] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  382.393728][    T8] usb 3-1: USB disconnect, device number 41
[  384.625369][   T29] audit: type=1326 audit(1739349357.029:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10516 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7fc00000
[  384.698922][ T5866] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  384.839155][ T5866] usb 2-1: device descriptor read/64, error -71
[  385.242473][T10527] SET target dimension over the limit!
[  385.251970][T10533] SET target dimension over the limit!
[  385.313887][T10535] kAFS: unparsable volume name
[  385.656366][ T5866] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  385.848746][ T5866] usb 2-1: device descriptor read/64, error -71
[  385.962053][ T5866] usb usb2-port1: attempt power cycle
[  386.027270][T10543] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1265'.
[  386.104452][T10546] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  386.318782][ T5866] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  386.341095][ T5866] usb 2-1: device descriptor read/8, error -71
[  386.653517][T10564] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  386.679854][T10564] CIFS: Unable to determine destination address
[  387.788856][ T5866] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  387.852719][   T29] audit: type=1326 audit(1739349360.229:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10516 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb8b0b8cde9 code=0x7fc00000
[  387.911365][ T5866] usb 2-1: config 0 has an invalid interface number: 168 but max is 0
[  387.977788][ T5866] usb 2-1: config 0 has no interface number 0
[  388.002475][   T29] audit: type=1326 audit(1739349360.409:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.043699][ T5866] usb 2-1: config 0 interface 168 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  388.098988][   T29] audit: type=1326 audit(1739349360.429:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.139973][   T29] audit: type=1326 audit(1739349360.439:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.144043][ T5866] usb 2-1: config 0 interface 168 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 225
[  388.175443][T10580] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29277 sclass=netlink_route_socket pid=10580 comm=syz.2.1277
[  388.178262][   T29] audit: type=1326 audit(1739349360.439:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.195210][T10580] openvswitch: netlink: IP tunnel dst address not specified
[  388.243104][ T5866] usb 2-1: New USB device found, idVendor=06cd, idProduct=0135, bcdDevice=a8.a4
[  388.255959][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.267605][   T29] audit: type=1326 audit(1739349360.439:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.294246][ T5866] usb 2-1: config 0 descriptor??
[  388.306618][T10571] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  388.340679][   T29] audit: type=1326 audit(1739349360.439:2140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.426684][   T29] audit: type=1326 audit(1739349360.439:2141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.473910][   T29] audit: type=1326 audit(1739349360.439:2142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b0b8cde9 code=0x7ffc0000
[  388.668238][T10589] lo speed is unknown, defaulting to 1000
[  389.022208][T10589] veth1_vlan: left promiscuous mode
[  389.697557][   T52] veth1_vlan (unregistering): left allmulticast mode
[  389.726034][   T29] kauditd_printk_skb: 43 callbacks suppressed
[  389.726049][   T29] audit: type=1326 audit(1739349362.129:2186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  389.763052][   T29] audit: type=1326 audit(1739349362.169:2187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  389.792858][   T52] macvlan0 (unregistering): left allmulticast mode
[  389.799598][   T29] audit: type=1326 audit(1739349362.169:2188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  389.838202][   T29] audit: type=1326 audit(1739349362.169:2189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  389.862678][   T29] audit: type=1326 audit(1739349362.169:2190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  389.894380][   T29] audit: type=1326 audit(1739349362.169:2191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  389.987473][   T29] audit: type=1326 audit(1739349362.169:2192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  390.012483][   T29] audit: type=1326 audit(1739349362.169:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  390.040116][   T29] audit: type=1326 audit(1739349362.169:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  390.065532][   T29] audit: type=1326 audit(1739349362.199:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10599 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  390.168207][ T5866] usb 2-1: string descriptor 0 read error: -71
[  390.194532][ T5866] keyspan 2-1:0.168: Keyspan 2 port adapter converter detected
[  390.212726][ T5866] keyspan 2-1:0.168: found no endpoint descriptor for endpoint 1
[  390.303179][ T5866] keyspan 2-1:0.168: found no endpoint descriptor for endpoint 84
[  390.315384][ T5866] keyspan 2-1:0.168: found no endpoint descriptor for endpoint 2
[  390.354469][ T5866] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  390.560022][ T5866] keyspan 2-1:0.168: found no endpoint descriptor for endpoint 88
[  390.578062][ T5866] keyspan 2-1:0.168: found no endpoint descriptor for endpoint 6
[  390.598426][ T5866] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  390.969871][T10612] kAFS: unparsable volume name
[  391.219718][ T5866] usb 2-1: USB disconnect, device number 44
[  391.420824][ T5866] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  391.446696][ T5866] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  391.464755][ T5866] keyspan 2-1:0.168: device disconnected
[  392.768859][T10639] netlink: 'syz.2.1293': attribute type 4 has an invalid length.
[  392.826659][T10643] netlink: 'syz.2.1293': attribute type 4 has an invalid length.
[  393.146259][T10647] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1294'.
[  393.228628][ T5869] lo speed is unknown, defaulting to 1000
[  393.261757][ T5918] lo speed is unknown, defaulting to 1000
[  395.153272][T10671] kAFS: unparsable volume name
[  396.751930][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  396.751946][   T29] audit: type=1326 audit(1739349369.159:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.088565][T10698] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  397.095110][T10698] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  397.381639][   T29] audit: type=1326 audit(1739349369.159:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.406838][   T29] audit: type=1326 audit(1739349369.159:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.428683][T10698] vhci_hcd vhci_hcd.0: Device attached
[  397.430279][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.430379][   T29] audit: type=1326 audit(1739349369.159:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.479022][T10700] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(7)
[  397.485553][T10700] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  397.511657][T10700] vhci_hcd vhci_hcd.0: Device attached
[  397.554265][   T29] audit: type=1326 audit(1739349369.159:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.577736][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.602969][T10698] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(6)
[  397.609501][T10698] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  397.627114][   T29] audit: type=1326 audit(1739349369.159:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.652085][ T5869] vhci_hcd: vhci_device speed not set
[  397.660656][T10698] vhci_hcd vhci_hcd.0: Device attached
[  397.676605][T10700] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(9)
[  397.683125][T10700] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  397.690836][   T29] audit: type=1326 audit(1739349369.159:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.714407][ T5869] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[  397.722605][T10700] vhci_hcd vhci_hcd.0: Device attached
[  397.737934][T10711] vhci_hcd: connection closed
[  397.738315][T10702] vhci_hcd: connection closed
[  397.738908][T10704] vhci_hcd: connection closed
[  397.743089][T10709] vhci_hcd: connection closed
[  397.752724][ T3727] vhci_hcd: stop threads
[  397.754480][T10703] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  397.757396][ T3727] vhci_hcd: release socket
[  397.767027][   T29] audit: type=1326 audit(1739349369.159:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.801336][   T29] audit: type=1326 audit(1739349369.159:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  397.801607][ T3727] vhci_hcd: disconnect device
[  397.824788][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.872366][   T29] audit: type=1326 audit(1739349369.159:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10691 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f64a6d8b750 code=0x7ffc0000
[  397.931735][ T3727] vhci_hcd: stop threads
[  397.936219][ T3727] vhci_hcd: release socket
[  397.960324][ T3727] vhci_hcd: disconnect device
[  397.965151][ T3727] vhci_hcd: stop threads
[  397.997145][ T3727] vhci_hcd: release socket
[  398.003091][ T3727] vhci_hcd: disconnect device
[  398.028686][ T3727] vhci_hcd: stop threads
[  398.032957][ T3727] vhci_hcd: release socket
[  398.037476][ T3727] vhci_hcd: disconnect device
[  398.043055][T10721] netlink: 'syz.0.1310': attribute type 5 has an invalid length.
[  400.281827][T10751] xt_bpf: check failed: parse error
[  401.266621][T10769] netlink: 'syz.1.1322': attribute type 10 has an invalid length.
[  401.437741][T10771] tmpfs: Bad value for 'nr_blocks'
[  401.581026][T10775] Cannot find add_set index 0 as target
[  401.668863][T10780] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1325'.
[  402.242730][T10790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10790 comm=syz.2.1327
[  402.362240][T10779] lo speed is unknown, defaulting to 1000
[  402.405363][T10790] netlink: 'syz.2.1327': attribute type 32 has an invalid length.
[  402.481374][T10790] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1327'.
[  402.513106][T10790] (unnamed net_device) (uninitialized): option coupled_control: invalid value (16)
[  402.545858][T10790] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1327'.
[  402.643429][   T29] kauditd_printk_skb: 35 callbacks suppressed
[  402.643443][   T29] audit: type=1400 audit(1739349375.049:2279): avc:  denied  { accept } for  pid=10795 comm="syz.1.1328" path="socket:[27587]" dev="sockfs" ino=27587 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  402.908743][ T5869] vhci_hcd: vhci_device speed not set
[  403.041991][T10812] netlink: 'syz.2.1333': attribute type 1 has an invalid length.
[  403.059692][T10812] 8021q: adding VLAN 0 to HW filter on device bond1
[  403.343106][T10818] devpts: called with bogus options
[  404.388258][T10822] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1336'.
[  404.487738][T10833] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1340'.
[  404.553484][T10840] 9pnet_fd: Insufficient options for proto=fd
[  404.604837][T10841] lo speed is unknown, defaulting to 1000
[  404.918342][T10856] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1348'.
[  407.911527][T10904] netlink: 'syz.2.1363': attribute type 1 has an invalid length.
[  408.145582][T10908] FAULT_INJECTION: forcing a failure.
[  408.145582][T10908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.158783][T10908] CPU: 0 UID: 0 PID: 10908 Comm: syz.2.1364 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  408.158804][T10908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  408.158813][T10908] Call Trace:
[  408.158818][T10908]  <TASK>
[  408.158824][T10908]  dump_stack_lvl+0x16c/0x1f0
[  408.158841][T10908]  should_fail_ex+0x50a/0x650
[  408.158858][T10908]  _copy_to_iter+0x465/0x1560
[  408.158871][T10908]  ? __pfx__copy_to_iter+0x10/0x10
[  408.158879][T10908]  ? __virt_addr_valid+0x1a4/0x590
[  408.158892][T10908]  ? __virt_addr_valid+0x5e/0x590
[  408.158909][T10908]  ? __phys_addr_symbol+0x30/0x80
[  408.158919][T10908]  ? __check_object_size+0x488/0x710
[  408.158933][T10908]  seq_read_iter+0xd00/0x12b0
[  408.158952][T10908]  seq_read+0x39f/0x4e0
[  408.158966][T10908]  ? __pfx_seq_read+0x10/0x10
[  408.158983][T10908]  ? avc_policy_seqno+0x9/0x20
[  408.158996][T10908]  ? rw_verify_area+0xcf/0x680
[  408.159009][T10908]  ? __pfx_seq_read+0x10/0x10
[  408.159024][T10908]  vfs_read+0x1df/0xbf0
[  408.159039][T10908]  ? __fget_files+0x1fc/0x3a0
[  408.159048][T10908]  ? __pfx___mutex_lock+0x10/0x10
[  408.159059][T10908]  ? __pfx_vfs_read+0x10/0x10
[  408.159077][T10908]  ? __fget_files+0x206/0x3a0
[  408.159090][T10908]  ksys_read+0x12b/0x250
[  408.159104][T10908]  ? __pfx_ksys_read+0x10/0x10
[  408.159123][T10908]  do_syscall_64+0xcd/0x250
[  408.159134][T10908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.159149][T10908] RIP: 0033:0x7f46d2b8cde9
[  408.159157][T10908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.159167][T10908] RSP: 002b:00007f46d3931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  408.159176][T10908] RAX: ffffffffffffffda RBX: 00007f46d2da5fa0 RCX: 00007f46d2b8cde9
[  408.159182][T10908] RDX: 0000000000002020 RSI: 0000400000002280 RDI: 0000000000000009
[  408.159188][T10908] RBP: 00007f46d3931090 R08: 0000000000000000 R09: 0000000000000000
[  408.159194][T10908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  408.159199][T10908] R13: 0000000000000000 R14: 00007f46d2da5fa0 R15: 00007ffe1d36d348
[  408.159211][T10908]  </TASK>
[  409.414967][   T29] audit: type=1400 audit(1739349381.819:2280): avc:  denied  { setopt } for  pid=10916 comm="syz.1.1365" lport=49135 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  410.068738][   T29] audit: type=1400 audit(1739349382.459:2281): avc:  denied  { create } for  pid=10918 comm="syz.3.1368" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  411.299148][T10942] kAFS: unparsable volume name
[  412.325717][T10951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1372'.
[  412.789323][T10953] FAULT_INJECTION: forcing a failure.
[  412.789323][T10953] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.832971][T10953] CPU: 1 UID: 0 PID: 10953 Comm: syz.1.1376 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  412.832997][T10953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  412.833006][T10953] Call Trace:
[  412.833011][T10953]  <TASK>
[  412.833017][T10953]  dump_stack_lvl+0x16c/0x1f0
[  412.833045][T10953]  should_fail_ex+0x50a/0x650
[  412.833074][T10953]  _copy_from_user+0x2e/0xd0
[  412.833091][T10953]  kstrtouint_from_user+0xd7/0x1c0
[  412.833112][T10953]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  412.833142][T10953]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  412.833169][T10953]  proc_fail_nth_write+0x84/0x250
[  412.833197][T10953]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  412.833219][T10953]  ? ksys_write+0x12b/0x250
[  412.833251][T10953]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  412.833272][T10953]  vfs_write+0x24c/0x1150
[  412.833299][T10953]  ? __fget_files+0x1fc/0x3a0
[  412.833316][T10953]  ? __pfx___mutex_lock+0x10/0x10
[  412.833335][T10953]  ? __pfx_vfs_write+0x10/0x10
[  412.833367][T10953]  ? __fget_files+0x206/0x3a0
[  412.833390][T10953]  ksys_write+0x12b/0x250
[  412.833415][T10953]  ? __pfx_ksys_write+0x10/0x10
[  412.833447][T10953]  do_syscall_64+0xcd/0x250
[  412.833467][T10953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.833489][T10953] RIP: 0033:0x7fd52db8b89f
[  412.833503][T10953] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  412.833519][T10953] RSP: 002b:00007fd52e91a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  412.833535][T10953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd52db8b89f
[  412.833545][T10953] RDX: 0000000000000001 RSI: 00007fd52e91a0a0 RDI: 0000000000000004
[  412.833555][T10953] RBP: 00007fd52e91a090 R08: 0000000000000000 R09: 0000000000000000
[  412.833564][T10953] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  412.833574][T10953] R13: 0000000000000000 R14: 00007fd52dda5fa0 R15: 00007ffc9020aca8
[  412.833597][T10953]  </TASK>
[  413.704899][T10960] lo speed is unknown, defaulting to 1000
[  413.753316][T10963] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1379'.
[  413.834443][T10960] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1379'.
[  413.995096][ T5918] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  414.119409][   T29] audit: type=1400 audit(1739349386.519:2282): avc:  denied  { setopt } for  pid=10969 comm="syz.3.1383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  414.124762][    T8] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  414.197694][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  414.224447][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  414.265595][T10977] 9pnet_fd: Insufficient options for proto=fd
[  414.273633][T10977] fuse: Unknown parameter 'ŠÇ?*Åê:ùŽèñÓêöÉ tù—êfG:0x0000000000000008'
[  414.302052][ T5918] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  414.326124][ T5918] usb 2-1: New USB device strings: Mfr=104, Product=1, SerialNumber=0
[  414.335607][ T5918] usb 2-1: Product: syz
[  414.340281][ T5918] usb 2-1: Manufacturer: syz
[  414.348617][ T5918] usb 2-1: config 0 descriptor??
[  414.359868][    T8] usb 3-1: Using ep0 maxpacket: 16
[  414.376594][    T8] usb 3-1: config 0 has an invalid interface number: 253 but max is 0
[  414.400440][    T8] usb 3-1: config 0 has no interface number 0
[  414.416480][    T8] usb 3-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=ce.16
[  414.438321][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.463485][    T8] usb 3-1: Product: syz
[  414.468732][    T8] usb 3-1: Manufacturer: syz
[  414.476618][    T8] usb 3-1: SerialNumber: syz
[  414.488145][    T8] usb 3-1: config 0 descriptor??
[  414.538017][   T29] audit: type=1400 audit(1739349386.939:2283): avc:  denied  { write } for  pid=10971 comm="syz.4.1384" path="socket:[28627]" dev="sockfs" ino=28627 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  414.840816][    T8] comedi comedi0: Wrong number of endpoints
[  414.846782][    T8] dt9812 3-1:0.253: driver 'dt9812' failed to auto-configure device.
[  414.875826][    T8] usb 3-1: USB disconnect, device number 42
[  415.352266][ T5918] uclogic 0003:256C:006D.000F: interface is invalid, ignoring
[  415.719523][T11001] overlayfs: failed to clone upperpath
[  416.640622][    T8] usb 2-1: USB disconnect, device number 45
[  416.860385][T11010] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1395'.
[  417.082431][T11017] overlayfs: conflicting lowerdir path
[  417.100381][   T29] audit: type=1400 audit(1739349389.479:2284): avc:  denied  { watch } for  pid=11013 comm="syz.2.1396" path="anon_inode:[fanotify]" dev="anon_inodefs" ino=1057 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:anon_inodefs_t tclass=filesystem permissive=1
[  417.410964][   T29] audit: type=1400 audit(1739349389.809:2285): avc:  denied  { lock } for  pid=11015 comm="syz.0.1397" path="socket:[28985]" dev="sockfs" ino=28985 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  417.575389][   T29] audit: type=1400 audit(1739349389.929:2286): avc:  denied  { name_bind } for  pid=11025 comm="syz.2.1400" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  417.939945][T11019] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11019 comm=syz.4.1398
[  417.953038][   T29] audit: type=1400 audit(1739349390.359:2287): avc:  denied  { read } for  pid=11018 comm="syz.4.1398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  418.579052][T11044] kAFS: unparsable volume name
[  420.039753][T11052] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1404'.
[  420.086909][T11056] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1408'.
[  420.135058][T11056] vlan0: entered promiscuous mode
[  420.328744][    T8] usb 3-1: new low-speed USB device number 43 using dummy_hcd
[  420.500190][    T8] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  420.508410][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.529210][    T8] usb 3-1: config 0 has no interface number 0
[  420.535317][    T8] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  420.554686][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.600141][    T8] usb 3-1: config 0 descriptor??
[  420.610925][    T8] ldusb 3-1:0.55: Interrupt in endpoint not found
[  421.202769][T11083] lo speed is unknown, defaulting to 1000
[  422.523463][T11100] fuse: Bad value for 'fd'
[  423.282353][ T5869] usb 3-1: USB disconnect, device number 43
[  423.426466][ T5870] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  423.649204][ T5870] usb 2-1: Using ep0 maxpacket: 16
[  423.660710][ T5870] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC6, changing to 0x86
[  423.675552][ T5870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  423.690082][ T5870] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0
[  423.701588][ T5870] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 225
[  423.717742][ T5870] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  423.727220][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.748817][ T5870] usb 2-1: Product: syz
[  423.753071][ T5870] usb 2-1: Manufacturer: syz
[  423.762107][ T5870] usb 2-1: SerialNumber: syz
[  423.777267][ T5870] usb 2-1: config 0 descriptor??
[  423.783013][T11104] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  423.793992][    C1] port100 2-1:0.0: NFC: Urb failure (status -71)
[  423.806217][ T5870] port100 2-1:0.0: NFC: Could not get supported command types
[  424.034097][ T5870] usb 2-1: USB disconnect, device number 46
[  424.562099][T11135] fuse: Bad value for 'group_id'
[  424.563920][   T29] audit: type=1400 audit(1739349396.969:2288): avc:  denied  { mounton } for  pid=11130 comm="syz.4.1432" path="/117/file0" dev="tmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  424.568264][T11135] fuse: Bad value for 'group_id'
[  424.712957][   T29] audit: type=1400 audit(1739349397.019:2289): avc:  denied  { watch watch_reads } for  pid=11130 comm="syz.4.1432" path="pipe:[29892]" dev="pipefs" ino=29892 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  425.332546][T11144] affs: No valid root block on device nullb0
[  425.874415][T11162] netlink: 'syz.2.1439': attribute type 1 has an invalid length.
[  427.403134][T11182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1447'.
[  427.439195][T11182] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1447'.
[  427.574332][T11187] FAULT_INJECTION: forcing a failure.
[  427.574332][T11187] name failslab, interval 1, probability 0, space 0, times 0
[  427.588748][ T5869] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  427.597165][T11185] lo speed is unknown, defaulting to 1000
[  427.603221][T11189] netlink: 'syz.3.1449': attribute type 1 has an invalid length.
[  427.603542][T11187] CPU: 0 UID: 0 PID: 11187 Comm: syz.2.1448 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  427.603560][T11187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  427.603568][T11187] Call Trace:
[  427.603573][T11187]  <TASK>
[  427.603578][T11187]  dump_stack_lvl+0x16c/0x1f0
[  427.603598][T11187]  should_fail_ex+0x50a/0x650
[  427.603618][T11187]  ? fs_reclaim_acquire+0xae/0x150
[  427.603639][T11187]  should_failslab+0xc2/0x120
[  427.603655][T11187]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  427.603669][T11187]  ? __alloc_skb+0x2b1/0x380
[  427.603689][T11187]  __alloc_skb+0x2b1/0x380
[  427.603704][T11187]  ? __pfx___alloc_skb+0x10/0x10
[  427.603723][T11187]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  427.603744][T11187]  netlink_alloc_large_skb+0x69/0x130
[  427.603761][T11187]  netlink_sendmsg+0x689/0xd70
[  427.603785][T11187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  427.603809][T11187]  ____sys_sendmsg+0xaaf/0xc90
[  427.603829][T11187]  ? copy_msghdr_from_user+0x10b/0x160
[  427.603846][T11187]  ? __pfx_____sys_sendmsg+0x10/0x10
[  427.603876][T11187]  ___sys_sendmsg+0x135/0x1e0
[  427.603894][T11187]  ? __pfx____sys_sendmsg+0x10/0x10
[  427.603920][T11187]  ? __pfx_lock_release+0x10/0x10
[  427.603938][T11187]  ? trace_lock_acquire+0x14e/0x1f0
[  427.603961][T11187]  ? __fget_files+0x206/0x3a0
[  427.603980][T11187]  __sys_sendmsg+0x16e/0x220
[  427.603998][T11187]  ? __pfx___sys_sendmsg+0x10/0x10
[  427.604028][T11187]  do_syscall_64+0xcd/0x250
[  427.604045][T11187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.604063][T11187] RIP: 0033:0x7f46d2b8cde9
[  427.604074][T11187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.604088][T11187] RSP: 002b:00007f46d3931038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  427.604101][T11187] RAX: ffffffffffffffda RBX: 00007f46d2da5fa0 RCX: 00007f46d2b8cde9
[  427.604111][T11187] RDX: 0000000000044000 RSI: 0000400000000240 RDI: 0000000000000003
[  427.604118][T11187] RBP: 00007f46d3931090 R08: 0000000000000000 R09: 0000000000000000
[  427.604126][T11187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.604134][T11187] R13: 0000000000000000 R14: 00007f46d2da5fa0 R15: 00007ffe1d36d348
[  427.604152][T11187]  </TASK>
[  427.873257][T11189] 8021q: adding VLAN 0 to HW filter on device bond1
[  427.980811][ T5869] usb 2-1: Using ep0 maxpacket: 32
[  427.987834][ T5869] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  428.001338][ T5869] usb 2-1: config 0 has no interface number 0
[  428.009515][ T5869] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  428.018740][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.021678][T11206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1455'.
[  428.026795][ T5869] usb 2-1: Product: syz
[  428.049589][ T5918] usb 3-1: new low-speed USB device number 44 using dummy_hcd
[  428.056523][ T5869] usb 2-1: Manufacturer: syz
[  428.065988][ T5869] usb 2-1: SerialNumber: syz
[  428.072635][ T5869] usb 2-1: config 0 descriptor??
[  428.080378][ T5869] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  428.204456][ T5918] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[  428.213844][ T5918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  428.250409][ T5918] usb 3-1: config 0 has no interface number 0
[  428.256498][ T5918] usb 3-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  428.270589][ T5918] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  428.281428][T11180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  428.284270][ T5918] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  428.291274][T11180] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  428.302699][ T5918] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  428.316551][ T5869] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  428.347106][ T5869] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  428.524755][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short
[  428.780979][ T5918] usb 3-1: config 0 interface 52 has no altsetting 0
[  428.787711][ T5918] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  428.796782][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.810588][ T5918] usb 3-1: config 0 descriptor??
[  428.845938][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.857418][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.864468][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.886547][T11180] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  428.921382][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.929466][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.947940][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.959521][T11180] wlan0 speed is unknown, defaulting to 1000
[  428.967909][T11180] wlan0 speed is unknown, defaulting to 1000
[  429.027329][ T5918] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input18
[  429.157028][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  429.165359][ T5869] usb 2-1: USB disconnect, device number 47
[  429.174268][ T5869] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  429.189505][ T5869] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  429.204482][ T5869] quatech2 2-1:0.51: device disconnected
[  429.298457][T11199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.308155][T11199] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.372558][   T29] audit: type=1400 audit(1739349401.779:2290): avc:  denied  { getopt } for  pid=11198 comm="syz.2.1452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  429.396308][   T29] audit: type=1400 audit(1739349401.799:2291): avc:  denied  { ioctl } for  pid=11198 comm="syz.2.1452" path="socket:[30079]" dev="sockfs" ino=30079 ioctlcmd=0x8934 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  429.426253][ T5869] usb 3-1: USB disconnect, device number 44
[  430.582762][T11239] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1461'.
[  431.510921][T11246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1464'.
[  432.463964][T11246] lo speed is unknown, defaulting to 1000
[  432.485295][T11246] wlan0 speed is unknown, defaulting to 1000
[  432.718758][ T5918] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  432.872601][ T5918] usb 2-1: too many configurations: 164, using maximum allowed: 8
[  432.942738][ T5918] usb 2-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  432.958725][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.973263][ T5918] usb 2-1: config 0 descriptor??
[  433.193562][    T8] usb 2-1: USB disconnect, device number 48
[  433.308745][ T5870] usb 3-1: new full-speed USB device number 45 using dummy_hcd
[  434.676782][T10474] Bluetooth: hci2: command 0x0406 tx timeout
[  434.695143][ T5870] usb 3-1: config 0 has an invalid interface number: 15 but max is 0
[  434.703480][ T5870] usb 3-1: config 0 has no interface number 0
[  434.709665][ T5870] usb 3-1: config 0 interface 15 altsetting 0 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[  434.721011][ T5870] usb 3-1: config 0 interface 15 altsetting 0 has a duplicate endpoint with address 0x6, skipping
[  434.731778][ T5870] usb 3-1: config 0 interface 15 altsetting 0 has a duplicate endpoint with address 0x6, skipping
[  434.859244][ T5870] usb 3-1: config 0 interface 15 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  434.871227][ T5870] usb 3-1: config 0 interface 15 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  435.029056][ T5870] usb 3-1: config 0 interface 15 altsetting 0 has a duplicate endpoint with address 0xF, skipping
[  435.074424][ T5870] usb 3-1: config 0 interface 15 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  435.120270][ T5870] usb 3-1: language id specifier not provided by device, defaulting to English
[  435.162471][ T5870] usb 3-1: New USB device found, idVendor=1199, idProduct=9004, bcdDevice=39.10
[  435.190302][T11287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1476'.
[  435.203917][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.223233][ T5870] usb 3-1: Manufacturer: ‰@拓
[  435.228099][ T5870] usb 3-1: SerialNumber: syz
[  435.269275][ T5870] usb 3-1: config 0 descriptor??
[  435.285543][T11270] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  435.354656][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1480'.
[  435.403449][T11295] lo speed is unknown, defaulting to 1000
[  435.410027][T11295] wlan0 speed is unknown, defaulting to 1000
[  435.511291][T11270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  435.520452][T11270] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  435.531437][ T5870] usb 3-1: USB disconnect, device number 45
[  436.609095][ T5918] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  436.707449][T11319] kAFS: unparsable volume name
[  438.472173][T11338] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1490'.
[  438.556013][   T29] audit: type=1400 audit(1739349410.959:2292): avc:  denied  { audit_write } for  pid=11339 comm="syz.4.1491" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  438.625725][T11343] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1492'.
[  438.668738][ T5866] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  438.728179][T11344] lo speed is unknown, defaulting to 1000
[  438.739372][T11344] wlan0 speed is unknown, defaulting to 1000
[  438.839010][ T5866] usb 2-1: Using ep0 maxpacket: 8
[  438.850906][ T5866] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  438.860088][ T5866] usb 2-1: config 179 has no interface number 0
[  438.869698][ T5866] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  438.881308][ T5866] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  438.893002][ T5866] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  438.904678][ T5866] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  438.918052][ T5866] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  438.933300][ T5866] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  438.942766][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.974481][T11330] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  439.387889][T11363] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  439.562144][T11372] kAFS: unparsable volume name
[  439.743602][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  439.753700][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  439.994788][T11330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.169076][T11330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.189881][T11375] tmpfs: Bad value for 'mpol'
[  440.208904][   T29] audit: type=1400 audit(1739349412.609:2293): avc:  denied  { write } for  pid=11374 comm="syz.2.1501" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  440.294733][ T5826] usb 2-1: USB disconnect, device number 49
[  440.294851][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  440.309148][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  440.336300][   T29] audit: type=1400 audit(1739349412.649:2294): avc:  denied  { setattr } for  pid=11374 comm="syz.2.1501" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  440.403896][T11382] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  440.564701][T11387] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1505'.
[  440.683014][T11392] lo speed is unknown, defaulting to 1000
[  440.719475][T11392] wlan0 speed is unknown, defaulting to 1000
[  441.446380][T11396] overlayfs: failed to clone upperpath
[  441.593206][T11396] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1508'.
[  441.594670][   T29] audit: type=1400 audit(1739349413.999:2295): avc:  denied  { write } for  pid=11395 comm="syz.4.1508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  441.631320][T11404] fuse: Unknown parameter '0x0000000000000004'
[  442.906254][T11438] kAFS: unparsable volume name
[  443.308600][ T5866] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  443.488891][ T5866] usb 2-1: Using ep0 maxpacket: 32
[  443.501047][ T5866] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  443.524282][ T5866] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  443.551585][ T5866] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  443.578858][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  443.594054][T11450] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1519'.
[  443.598684][ T5866] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  443.612758][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  443.635917][ T5866] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  443.648970][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.680315][ T5866] usb 2-1: config 0 descriptor??
[  443.683460][T11452] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2304 sclass=netlink_route_socket pid=11452 comm=syz.0.1521
[  443.795880][T11453] lo speed is unknown, defaulting to 1000
[  443.810319][T11453] wlan0 speed is unknown, defaulting to 1000
[  443.919527][ T5866] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 50 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  444.078963][ T5866] usb 2-1: USB disconnect, device number 50
[  444.131027][ T5866] usblp0: removed
[  444.195148][T11464] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1525'.
[  444.508854][ T5866] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  444.689705][ T5866] usb 2-1: Using ep0 maxpacket: 32
[  444.700190][ T5866] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  444.718358][ T5866] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  444.739562][ T5866] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  444.767573][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  444.808512][ T5866] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  444.825629][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  444.843219][ T5866] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  444.855080][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.883636][ T5866] usb 2-1: config 0 descriptor??
[  445.107503][ T5866] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 51 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  445.332579][   T29] audit: type=1400 audit(1739349417.739:2296): avc:  denied  { read write } for  pid=11426 comm="syz.1.1514" name="lp0" dev="devtmpfs" ino=3116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  445.361803][T11428] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.373052][T11428] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.385052][   T29] audit: type=1400 audit(1739349417.759:2297): avc:  denied  { open } for  pid=11426 comm="syz.1.1514" path="/dev/usb/lp0" dev="devtmpfs" ino=3116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  445.655930][   T29] audit: type=1326 audit(1739349418.059:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.685537][   T29] audit: type=1326 audit(1739349418.059:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.709629][   T29] audit: type=1326 audit(1739349418.059:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.734502][   T29] audit: type=1326 audit(1739349418.059:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.758497][   T29] audit: type=1326 audit(1739349418.059:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.782731][   T29] audit: type=1326 audit(1739349418.059:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.806570][   T29] audit: type=1326 audit(1739349418.059:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.827110][T11498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.836151][   T29] audit: type=1326 audit(1739349418.059:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a6d8cde9 code=0x7ffc0000
[  445.841945][T11498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.888722][ T5866] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  446.038980][ T5866] usb 3-1: Using ep0 maxpacket: 16
[  446.046138][T11500] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1536'.
[  446.055901][ T5866] usb 3-1: config 0 has an invalid interface number: 253 but max is 0
[  446.065653][ T5866] usb 3-1: config 0 has no interface number 0
[  446.090431][ T5866] usb 3-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=ce.16
[  446.103130][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.111866][ T5866] usb 3-1: Product: syz
[  446.116233][ T5866] usb 3-1: Manufacturer: syz
[  446.121082][ T5866] usb 3-1: SerialNumber: syz
[  446.127325][ T5866] usb 3-1: config 0 descriptor??
[  446.343017][ T5866] comedi comedi0: Wrong number of endpoints
[  446.349091][ T5866] dt9812 3-1:0.253: driver 'dt9812' failed to auto-configure device.
[  446.421179][ T5866] usb 3-1: USB disconnect, device number 47
[  447.109464][ T5866] usb 2-1: USB disconnect, device number 51
[  447.139899][ T5866] usblp0: removed
[  447.198078][T11519] ax25_connect(): syz.1.1543 uses autobind, please contact jreuter@yaina.de
[  447.244298][T11519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1543'.
[  447.509854][T11523] veth0_to_team: entered promiscuous mode
[  447.515677][T11523] veth0_to_team: entered allmulticast mode
[  449.436712][T11511] xt_TCPMSS: Only works on TCP SYN packets
[  554.478598][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  554.478618][    C1] rcu: 	0-...!: (1 GPs behind) idle=cdcc/1/0x4000000000000000 softirq=46893/46894 fqs=0
[  554.479289][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=38865, q=167 ncpus=2)
[  554.479306][    C1] Sending NMI from CPU 1 to CPUs 0:
[  554.479331][    C0] NMI backtrace for cpu 0
[  554.479340][    C0] CPU: 0 UID: 0 PID: 11511 Comm: syz.2.1539 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  554.479355][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  554.479362][    C0] RIP: 0010:__lock_acquire+0x6b5/0x3c40
[  554.479384][    C0] Code: 0f 44 f1 41 0f b6 04 24 41 83 c7 01 84 c0 74 08 3c 03 0f 8e 42 23 00 00 45 3b bd e8 0a 00 00 0f 8c 63 ff ff ff 4c 8b 7c 24 58 <0f> b6 44 24 60 41 38 c6 0f 83 ba 01 00 00 e8 78 db 2a 03 85 c0 0f
[  554.479396][    C0] RSP: 0018:ffffc90000007af0 EFLAGS: 00000046
[  554.479407][    C0] RAX: 0000000000000000 RBX: ffff8880365f0af0 RCX: 0000000000000002
[  554.479414][    C0] RDX: fffffbfff2dd7b9a RSI: 0000000000000008 RDI: ffffffff96ec385e
[  554.479423][    C0] RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000006
[  554.479430][    C0] R10: ffffffff96ebdccf R11: 0000000000000003 R12: ffffed1006cbe15d
[  554.479438][    C0] R13: ffff8880365f0000 R14: 0000000000000002 R15: ffff8880365f0b68
[  554.479446][    C0] FS:  00007f46d39316c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  554.479459][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  554.479468][    C0] CR2: 000000110c2dbeb4 CR3: 000000004f6e0000 CR4: 00000000003526f0
[  554.479475][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  554.479482][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  554.479490][    C0] Call Trace:
[  554.479494][    C0]  <NMI>
[  554.479499][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  554.479518][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  554.479534][    C0]  ? nmi_handle+0x1ac/0x5d0
[  554.479551][    C0]  ? __lock_acquire+0x6b5/0x3c40
[  554.479567][    C0]  ? default_do_nmi+0x6a/0x160
[  554.479589][    C0]  ? exc_nmi+0x170/0x1e0
[  554.479604][    C0]  ? end_repeat_nmi+0xf/0x53
[  554.479623][    C0]  ? __lock_acquire+0x6b5/0x3c40
[  554.479639][    C0]  ? __lock_acquire+0x6b5/0x3c40
[  554.479655][    C0]  ? __lock_acquire+0x6b5/0x3c40
[  554.479670][    C0]  </NMI>
[  554.479674][    C0]  <IRQ>
[  554.479680][    C0]  ? lockdep_hardirqs_on_prepare+0x3b2/0x420
[  554.479697][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  554.479713][    C0]  ? lock_acquire.part.0+0x11b/0x380
[  554.479730][    C0]  lock_acquire.part.0+0x11b/0x380
[  554.479746][    C0]  ? debug_object_deactivate+0x13b/0x370
[  554.479761][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  554.479777][    C0]  ? rcu_is_watching+0x12/0xc0
[  554.479790][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  554.479803][    C0]  ? debug_object_activate+0x149/0x4a0
[  554.479817][    C0]  ? debug_object_deactivate+0x13b/0x370
[  554.479830][    C0]  ? lock_acquire+0x2f/0xb0
[  554.479844][    C0]  ? debug_object_deactivate+0x13b/0x370
[  554.479858][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  554.479875][    C0]  ? debug_object_deactivate+0x13b/0x370
[  554.479888][    C0]  debug_object_deactivate+0x13b/0x370
[  554.479901][    C0]  ? __pfx_debug_object_deactivate+0x10/0x10
[  554.479916][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  554.479929][    C0]  ? __pfx_advance_sched+0x10/0x10
[  554.479946][    C0]  __hrtimer_run_queues+0x47c/0xae0
[  554.479960][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  554.479972][    C0]  ? read_tsc+0x9/0x20
[  554.479987][    C0]  hrtimer_interrupt+0x392/0x8e0
[  554.480002][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  554.480021][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  554.480039][    C0]  </IRQ>
[  554.480043][    C0]  <TASK>
[  554.480047][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  554.480064][    C0] RIP: 0010:console_flush_all+0x9a4/0xc60
[  554.480078][    C0] Code: 00 e8 50 f5 27 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 1e 3b 20 00 48 85 db 0f 85 55 01 00 00 e8 e0 3f 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 35 58 83
[  554.480089][    C0] RSP: 0018:ffffc90003a47370 EFLAGS: 00000283
[  554.480098][    C0] RAX: ffffffff8eeab458 RBX: 0000000000000000 RCX: ffffc9000ceb9000
[  554.480106][    C0] RDX: 0000000000080000 RSI: ffffffff81999400 RDI: 0000000000000007
[  554.480114][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  554.480121][    C0] R10: 0000000000000000 R11: 0000000000000003 R12: ffffffff8eeab458
[  554.480129][    C0] R13: ffffffff8eeab400 R14: ffffc90003a47400 R15: dffffc0000000000
[  554.480140][    C0]  ? console_flush_all+0x9a0/0xc60
[  554.480155][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  554.480170][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  554.480185][    C0]  console_unlock+0xd9/0x210
[  554.480196][    C0]  ? __pfx_console_unlock+0x10/0x10
[  554.480209][    C0]  ? lock_acquire+0x2f/0xb0
[  554.480224][    C0]  ? _printk+0xc8/0x100
[  554.480239][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[  554.480257][    C0]  vprintk_emit+0x424/0x6f0
[  554.480269][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  554.480280][    C0]  ? __pfx_lock_release+0x10/0x10
[  554.480295][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  554.480310][    C0]  _printk+0xc8/0x100
[  554.480325][    C0]  ? __pfx__printk+0x10/0x10
[  554.480341][    C0]  ? ___ratelimit+0x24c/0x570
[  554.480353][    C0]  ? __pfx____ratelimit+0x10/0x10
[  554.480365][    C0]  ? tcpmss_tg6_check+0x2fa/0x380
[  554.480383][    C0]  tcpmss_tg6_check+0x306/0x380
[  554.480399][    C0]  ? __pfx_tcpmss_tg6_check+0x10/0x10
[  554.480415][    C0]  xt_check_target+0x272/0xa30
[  554.480431][    C0]  ? __pfx_xt_check_target+0x10/0x10
[  554.480444][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  554.480464][    C0]  ? xt_find_target+0x1ee/0x290
[  554.480479][    C0]  find_check_entry.constprop.0+0x82f/0xa20
[  554.480496][    C0]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  554.480514][    C0]  ? kvfree+0x47/0x50
[  554.480532][    C0]  translate_table+0xd06/0x17b0
[  554.480548][    C0]  ? __pfx_translate_table+0x10/0x10
[  554.480561][    C0]  ? __might_fault+0xe3/0x190
[  554.480577][    C0]  do_ip6t_set_ctl+0x926/0xbf0
[  554.480594][    C0]  ? trace_contention_end+0xee/0x140
[  554.480611][    C0]  ? __mutex_lock+0x1cc/0xb10
[  554.480624][    C0]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  554.480637][    C0]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  554.480652][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  554.480668][    C0]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  554.480684][    C0]  nf_setsockopt+0x8a/0xf0
[  554.480697][    C0]  ipv6_setsockopt+0x135/0x170
[  554.480712][    C0]  tcp_setsockopt+0xa4/0x100
[  554.480730][    C0]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  554.480748][    C0]  do_sock_setsockopt+0x222/0x480
[  554.480765][    C0]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  554.480782][    C0]  ? lock_acquire+0x2f/0xb0
[  554.480801][    C0]  __sys_setsockopt+0x1a0/0x230
[  554.480818][    C0]  __x64_sys_setsockopt+0xbd/0x160
[  554.480831][    C0]  ? syscall_trace_enter+0x5e/0x260
[  554.480849][    C0]  do_syscall_64+0xcd/0x250
[  554.480863][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.480878][    C0] RIP: 0033:0x7f46d2b8cde9
[  554.480889][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.480899][    C0] RSP: 002b:00007f46d3931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  554.480911][    C0] RAX: ffffffffffffffda RBX: 00007f46d2da5fa0 RCX: 00007f46d2b8cde9
[  554.480919][    C0] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  554.480926][    C0] RBP: 00007f46d2c0e2a0 R08: 0000000000000318 R09: 0000000000000000
[  554.480933][    C0] R10: 0000400000000b40 R11: 0000000000000246 R12: 0000000000000000
[  554.480941][    C0] R13: 0000000000000000 R14: 00007f46d2da5fa0 R15: 00007ffe1d36d348
[  554.480952][    C0]  </TASK>
[  554.481326][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g38865 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  554.481351][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  554.481359][    C1] rcu: RCU grace-period kthread stack dump:
[  554.481366][    C1] task:rcu_preempt     state:R  running task     stack:27696 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[  554.481421][    C1] Call Trace:
[  554.481427][    C1]  <TASK>
[  554.481437][    C1]  __schedule+0xf43/0x5890
[  554.481462][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  554.481495][    C1]  ? __pfx___schedule+0x10/0x10
[  554.481520][    C1]  ? schedule+0x298/0x350
[  554.481543][    C1]  ? __pfx_lock_release+0x10/0x10
[  554.481569][    C1]  ? lock_acquire+0x2f/0xb0
[  554.481588][    C1]  ? schedule+0x1fd/0x350
[  554.481614][    C1]  schedule+0xe7/0x350
[  554.481639][    C1]  schedule_timeout+0x124/0x280
[  554.481661][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  554.481684][    C1]  ? __pfx_process_timeout+0x10/0x10
[  554.481706][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  554.481732][    C1]  ? prepare_to_swait_event+0xf3/0x470
[  554.481759][    C1]  rcu_gp_fqs_loop+0x1eb/0xb00
[  554.481784][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  554.481806][    C1]  ? rcu_gp_init+0xc82/0x1630
[  554.481830][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  554.481860][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  554.481887][    C1]  rcu_gp_kthread+0x271/0x380
[  554.481911][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  554.481935][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  554.481954][    C1]  ? __kthread_parkme+0x148/0x220
[  554.481972][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  554.481996][    C1]  kthread+0x3af/0x750
[  554.482017][    C1]  ? __pfx_kthread+0x10/0x10
[  554.482040][    C1]  ? __pfx_kthread+0x10/0x10
[  554.482061][    C1]  ret_from_fork+0x45/0x80
[  554.482081][    C1]  ? __pfx_kthread+0x10/0x10
[  554.482101][    C1]  ret_from_fork_asm+0x1a/0x30
[  554.482130][    C1]  </TASK>
[  554.482137][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  554.482144][    C1] CPU: 1 UID: 0 PID: 11529 Comm: syz.3.1545 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  554.482162][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  554.482171][    C1] RIP: 0010:smp_call_function_many_cond+0x4c6/0x12c0
[  554.482190][    C1] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 fc 4c 89 fd 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 fc 04 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31
[  554.482205][    C1] RSP: 0018:ffffc90004c3f820 EFLAGS: 00000293
[  554.482218][    C1] RAX: 0000000000000000 RBX: ffff8880b8646a00 RCX: ffffffff81adcf0a
[  554.482230][    C1] RDX: ffff88802aa4c880 RSI: ffffffff81adcee4 RDI: 0000000000000005
[  554.482241][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  554.482251][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10170c8d41
[  554.482261][    C1] R13: 0000000000000001 R14: ffff8880b873fe80 R15: ffff8880b8646a08
[  554.482273][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  554.482289][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  554.482300][    C1] CR2: 000000110c2fe3c8 CR3: 000000000df80000 CR4: 00000000003526f0
[  554.482310][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  554.482320][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  554.482335][    C1] Call Trace:
[  554.482340][    C1]  <IRQ>
[  554.482347][    C1]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[  554.482365][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  554.482383][    C1]  ? rcu_sched_clock_irq+0x247a/0x3310
[  554.482408][    C1]  ? timekeeping_advance+0x72e/0xa90
[  554.482428][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  554.482447][    C1]  ? __asan_memcpy+0x3c/0x60
[  554.482471][    C1]  ? cgroup_rstat_updated+0x2a/0xb20
[  554.482496][    C1]  ? rcu_is_watching+0x12/0xc0
[  554.482516][    C1]  ? update_process_times+0x178/0x2d0
[  554.482540][    C1]  ? __pfx_update_process_times+0x10/0x10
[  554.482563][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  554.482581][    C1]  ? update_wall_time+0x1c/0x40
[  554.482603][    C1]  ? tick_nohz_handler+0x376/0x530
[  554.482623][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  554.482640][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  554.482663][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  554.482678][    C1]  ? read_tsc+0x9/0x20
[  554.482703][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  554.482730][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  554.482755][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  554.482779][    C1]  </IRQ>
[  554.482786][    C1]  <TASK>
[  554.482793][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  554.482821][    C1]  ? smp_call_function_many_cond+0x4ea/0x12c0
[  554.482837][    C1]  ? smp_call_function_many_cond+0x4c4/0x12c0
[  554.482854][    C1]  ? smp_call_function_many_cond+0x4c6/0x12c0
[  554.482880][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  554.482900][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  554.482918][    C1]  flush_tlb_mm_range+0x271/0x4a0
[  554.482937][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  554.482961][    C1]  tlb_finish_mmu+0x3c9/0x7b0
[  554.482982][    C1]  exit_mmap+0x40e/0xba0
[  554.483009][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  554.483038][    C1]  ? __pfx_mark_lock+0x10/0x10
[  554.483077][    C1]  __mmput+0x12a/0x410
[  554.483101][    C1]  mmput+0x62/0x70
[  554.483124][    C1]  do_exit+0x9ba/0x2d70
[  554.483144][    C1]  ? get_signal+0x8f7/0x26c0
[  554.483167][    C1]  ? __pfx_do_exit+0x10/0x10
[  554.483184][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  554.483201][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  554.483220][    C1]  do_group_exit+0xd3/0x2a0
[  554.483240][    C1]  get_signal+0x24ed/0x26c0
[  554.483266][    C1]  ? putname+0x13c/0x180
[  554.483285][    C1]  ? __put_unused_fd+0x179/0x280
[  554.483311][    C1]  ? __pfx_get_signal+0x10/0x10
[  554.483341][    C1]  ? __pfx_do_futex+0x10/0x10
[  554.483364][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  554.483383][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  554.483416][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  554.483434][    C1]  do_syscall_64+0xda/0x250
[  554.483454][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.483475][    C1] RIP: 0033:0x7f64a6d8cde9
[  554.483487][    C1] Code: Unable to access opcode bytes at 0x7f64a6d8cdbf.
[  554.483496][    C1] RSP: 002b:00007f64a7c820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  554.483511][    C1] RAX: fffffffffffffe00 RBX: 00007f64a6fa5fa8 RCX: 00007f64a6d8cde9
[  554.483522][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f64a6fa5fa8
[  554.483533][    C1] RBP: 00007f64a6fa5fa0 R08: 0000000000000000 R09: 0000000000000000
[  554.483543][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f64a6fa5fac
[  554.483553][    C1] R13: 0000000000000000 R14: 00007fff618ce1b0 R15: 00007fff618ce298
[  554.483576][    C1]  </TASK>
[  705.892212][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz.3.1545:11529]
[  705.892234][    C1] Modules linked in:
[  705.892242][    C1] irq event stamp: 1050062
[  705.892247][    C1] hardirqs last  enabled at (1050061): [<ffffffff8b56703b>] irqentry_exit+0x3b/0x90
[  705.892272][    C1] hardirqs last disabled at (1050062): [<ffffffff8b5657be>] sysvec_apic_timer_interrupt+0xe/0xc0
[  705.892301][    C1] softirqs last  enabled at (1050060): [<ffffffff817c124b>] handle_softirqs+0x5bb/0x8f0
[  705.892327][    C1] softirqs last disabled at (1049963): [<ffffffff817c1719>] __irq_exit_rcu+0x109/0x170
[  705.892353][    C1] CPU: 1 UID: 0 PID: 11529 Comm: syz.3.1545 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  705.892373][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  705.892382][    C1] RIP: 0010:smp_call_function_many_cond+0x4cb/0x12c0
[  705.892400][    C1] Code: 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 fc 4c 89 fd 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 fc 04 0c 00 f3 90 41 0f b6 04 24 <40> 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31 ff 83 e0 01 41
[  705.892415][    C1] RSP: 0018:ffffc90004c3f820 EFLAGS: 00000293
[  705.892427][    C1] RAX: 0000000000000000 RBX: ffff8880b8646a00 RCX: ffffffff81adcf0a
[  705.892437][    C1] RDX: ffff88802aa4c880 RSI: ffffffff81adcee4 RDI: 0000000000000005
[  705.892447][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  705.892456][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10170c8d41
[  705.892474][    C1] R13: 0000000000000001 R14: ffff8880b873fe80 R15: ffff8880b8646a08
[  705.892484][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  705.892500][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  705.892511][    C1] CR2: 000000110c2fe3c8 CR3: 000000000df80000 CR4: 00000000003526f0
[  705.892521][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  705.892530][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  705.892539][    C1] Call Trace:
[  705.892545][    C1]  <IRQ>
[  705.892551][    C1]  ? watchdog_timer_fn+0x570/0x7d0
[  705.892579][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  705.892606][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  705.892630][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  705.892644][    C1]  ? read_tsc+0x9/0x20
[  705.892669][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  705.892695][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  705.892720][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  705.892744][    C1]  </IRQ>
[  705.892749][    C1]  <TASK>
[  705.892755][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  705.892783][    C1]  ? smp_call_function_many_cond+0x4ea/0x12c0
[  705.892799][    C1]  ? smp_call_function_many_cond+0x4c4/0x12c0
[  705.892815][    C1]  ? smp_call_function_many_cond+0x4cb/0x12c0
[  705.892842][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  705.892859][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  705.892877][    C1]  flush_tlb_mm_range+0x271/0x4a0
[  705.892896][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  705.892919][    C1]  tlb_finish_mmu+0x3c9/0x7b0
[  705.892940][    C1]  exit_mmap+0x40e/0xba0
[  705.892966][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  705.892994][    C1]  ? __pfx_mark_lock+0x10/0x10
[  705.893032][    C1]  __mmput+0x12a/0x410
[  705.893057][    C1]  mmput+0x62/0x70
[  705.893079][    C1]  do_exit+0x9ba/0x2d70
[  705.893098][    C1]  ? get_signal+0x8f7/0x26c0
[  705.893120][    C1]  ? __pfx_do_exit+0x10/0x10
[  705.893136][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  705.893152][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  705.893170][    C1]  do_group_exit+0xd3/0x2a0
[  705.893189][    C1]  get_signal+0x24ed/0x26c0
[  705.893215][    C1]  ? putname+0x13c/0x180
[  705.893232][    C1]  ? __put_unused_fd+0x179/0x280
[  705.893257][    C1]  ? __pfx_get_signal+0x10/0x10
[  705.893282][    C1]  ? __pfx_do_futex+0x10/0x10
[  705.893305][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  705.893324][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  705.893357][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  705.893375][    C1]  do_syscall_64+0xda/0x250
[  705.893394][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  705.893414][    C1] RIP: 0033:0x7f64a6d8cde9
[  705.893427][    C1] Code: Unable to access opcode bytes at 0x7f64a6d8cdbf.
[  705.893434][    C1] RSP: 002b:00007f64a7c820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  705.893447][    C1] RAX: fffffffffffffe00 RBX: 00007f64a6fa5fa8 RCX: 00007f64a6d8cde9
[  705.893457][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f64a6fa5fa8
[  705.893467][    C1] RBP: 00007f64a6fa5fa0 R08: 0000000000000000 R09: 0000000000000000
[  705.893476][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f64a6fa5fac
[  705.893486][    C1] R13: 0000000000000000 R14: 00007fff618ce1b0 R15: 00007fff618ce298
[  705.893508][    C1]  </TASK>
[  705.893514][    C1] Sending NMI from CPU 1 to CPUs 0:
[  705.893538][    C0] NMI backtrace for cpu 0
[  705.893544][    C0] CPU: 0 UID: 0 PID: 11511 Comm: syz.2.1539 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  705.893558][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  705.893565][    C0] RIP: 0010:timerqueue_del+0x0/0x150
[  705.893582][    C0] Code: f6 48 89 d8 5b c3 cc cc cc cc e8 9b 24 67 f6 31 db 48 89 d8 5b c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 41 54 55 48 89 fd 53 48 89 f3 48 83 ec 08 e8 69 24 67
[  705.893593][    C0] RSP: 0018:ffffc90000007df0 EFLAGS: 00000046
[  705.893603][    C0] RAX: 0000000000010002 RBX: ffff8880369ed340 RCX: ffffffff81a6f944
[  705.893611][    C0] RDX: ffff8880365f0000 RSI: ffff8880369ed340 RDI: ffff8880b862c7d0
[  705.893619][    C0] RBP: ffff8880b862c780 R08: 0000000000000001 R09: 0000000000000000
[  705.893626][    C0] R10: 0000000000000001 R11: 0000000000000003 R12: 0000000000000001
[  705.893633][    C0] R13: 0000000000000000 R14: ffff8880b862c680 R15: 0000000000000000
[  705.893641][    C0] FS:  00007f46d39316c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  705.893654][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  705.893662][    C0] CR2: 000000110c2dbeb4 CR3: 000000004f6e0000 CR4: 00000000003526f0
[  705.893669][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  705.893677][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  705.893684][    C0] Call Trace:
[  705.893688][    C0]  <NMI>
[  705.893693][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  705.893711][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  705.893726][    C0]  ? nmi_handle+0x1ac/0x5d0
[  705.893744][    C0]  ? __pfx_timerqueue_del+0x10/0x10
[  705.893760][    C0]  ? default_do_nmi+0x6a/0x160
[  705.893775][    C0]  ? exc_nmi+0x170/0x1e0
[  705.893790][    C0]  ? end_repeat_nmi+0xf/0x53
[  705.893808][    C0]  ? __remove_hrtimer+0x74/0x290
[  705.893827][    C0]  ? __pfx_timerqueue_del+0x10/0x10
[  705.893842][    C0]  ? __pfx_timerqueue_del+0x10/0x10
[  705.893862][    C0]  ? __pfx_timerqueue_del+0x10/0x10
[  705.893878][    C0]  </NMI>
[  705.893881][    C0]  <IRQ>
[  705.893885][    C0]  __remove_hrtimer+0x99/0x290
[  705.893904][    C0]  ? __pfx_advance_sched+0x10/0x10
[  705.893920][    C0]  __hrtimer_run_queues+0x50b/0xae0
[  705.893934][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  705.893946][    C0]  ? read_tsc+0x9/0x20
[  705.893961][    C0]  hrtimer_interrupt+0x392/0x8e0
[  705.893976][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  705.893994][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  705.894012][    C0]  </IRQ>
[  705.894016][    C0]  <TASK>
[  705.894020][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  705.894036][    C0] RIP: 0010:console_flush_all+0x9a4/0xc60
[  705.894050][    C0] Code: 00 e8 50 f5 27 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 1e 3b 20 00 48 85 db 0f 85 55 01 00 00 e8 e0 3f 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 35 58 83
[  705.894060][    C0] RSP: 0018:ffffc90003a47370 EFLAGS: 00000283
[  705.894069][    C0] RAX: ffffffff8eeab458 RBX: 0000000000000000 RCX: ffffc9000ceb9000
[  705.894077][    C0] RDX: 0000000000080000 RSI: ffffffff81999400 RDI: 0000000000000007
[  705.894084][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  705.894092][    C0] R10: 0000000000000000 R11: 0000000000000003 R12: ffffffff8eeab458
[  705.894099][    C0] R13: ffffffff8eeab400 R14: ffffc90003a47400 R15: dffffc0000000000
[  705.894110][    C0]  ? console_flush_all+0x9a0/0xc60
[  705.894126][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  705.894141][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  705.894156][    C0]  console_unlock+0xd9/0x210
[  705.894167][    C0]  ? __pfx_console_unlock+0x10/0x10
[  705.894179][    C0]  ? lock_acquire+0x2f/0xb0
[  705.894195][    C0]  ? _printk+0xc8/0x100
[  705.894210][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[  705.894228][    C0]  vprintk_emit+0x424/0x6f0
[  705.894240][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  705.894252][    C0]  ? __pfx_lock_release+0x10/0x10
[  705.894267][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  705.894282][    C0]  _printk+0xc8/0x100
[  705.894297][    C0]  ? __pfx__printk+0x10/0x10
[  705.894313][    C0]  ? ___ratelimit+0x24c/0x570
[  705.894325][    C0]  ? __pfx____ratelimit+0x10/0x10
[  705.894336][    C0]  ? tcpmss_tg6_check+0x2fa/0x380
[  705.894354][    C0]  tcpmss_tg6_check+0x306/0x380
[  705.894369][    C0]  ? __pfx_tcpmss_tg6_check+0x10/0x10
[  705.894386][    C0]  xt_check_target+0x272/0xa30
[  705.894401][    C0]  ? __pfx_xt_check_target+0x10/0x10
[  705.894414][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  705.894436][    C0]  ? xt_find_target+0x1ee/0x290
[  705.894451][    C0]  find_check_entry.constprop.0+0x82f/0xa20
[  705.894468][    C0]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  705.894487][    C0]  ? kvfree+0x47/0x50
[  705.894504][    C0]  translate_table+0xd06/0x17b0
[  705.894521][    C0]  ? __pfx_translate_table+0x10/0x10
[  705.894534][    C0]  ? __might_fault+0xe3/0x190
[  705.894551][    C0]  do_ip6t_set_ctl+0x926/0xbf0
[  705.894563][    C0]  ? trace_contention_end+0xee/0x140
[  705.894580][    C0]  ? __mutex_lock+0x1cc/0xb10
[  705.894593][    C0]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  705.894606][    C0]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  705.894621][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  705.894639][    C0]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  705.894654][    C0]  nf_setsockopt+0x8a/0xf0
[  705.894667][    C0]  ipv6_setsockopt+0x135/0x170
[  705.894681][    C0]  tcp_setsockopt+0xa4/0x100
[  705.894699][    C0]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  705.894717][    C0]  do_sock_setsockopt+0x222/0x480
[  705.894734][    C0]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  705.894751][    C0]  ? lock_acquire+0x2f/0xb0
[  705.894770][    C0]  __sys_setsockopt+0x1a0/0x230
[  705.894786][    C0]  __x64_sys_setsockopt+0xbd/0x160
[  705.894800][    C0]  ? syscall_trace_enter+0x5e/0x260
[  705.894818][    C0]  do_syscall_64+0xcd/0x250
[  705.894831][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  705.894847][    C0] RIP: 0033:0x7f46d2b8cde9
[  705.894860][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  705.894871][    C0] RSP: 002b:00007f46d3931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  705.894882][    C0] RAX: ffffffffffffffda RBX: 00007f46d2da5fa0 RCX: 00007f46d2b8cde9
[  705.894890][    C0] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  705.894897][    C0] RBP: 00007f46d2c0e2a0 R08: 0000000000000318 R09: 0000000000000000
[  705.894905][    C0] R10: 0000400000000b40 R11: 0000000000000246 R12: 0000000000000000
[  705.894912][    C0] R13: 0000000000000000 R14: 00007f46d2da5fa0 R15: 00007ffe1d36d348
[  705.894924][    C0]  </TASK>
[  705.895534][    C1] Kernel panic - not syncing: softlockup: hung tasks
[  705.895545][    C1] CPU: 1 UID: 0 PID: 11529 Comm: syz.3.1545 Tainted: G             L     6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[  705.895566][    C1] Tainted: [L]=SOFTLOCKUP
[  705.895572][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  705.895581][    C1] Call Trace:
[  705.895587][    C1]  <IRQ>
[  705.895593][    C1]  dump_stack_lvl+0x3d/0x1f0
[  705.895616][    C1]  panic+0x71d/0x800
[  705.895633][    C1]  ? __pfx_panic+0x10/0x10
[  705.895649][    C1]  ? __pfx__printk+0x10/0x10
[  705.895673][    C1]  ? irq_work_claim+0x76/0xa0
[  705.895697][    C1]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  705.895716][    C1]  ? irq_work_queue+0x2a/0x80
[  705.895739][    C1]  ? watchdog_timer_fn+0x5f2/0x7d0
[  705.895762][    C1]  ? watchdog_timer_fn+0x5e5/0x7d0
[  705.895789][    C1]  watchdog_timer_fn+0x603/0x7d0
[  705.895814][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  705.895837][    C1]  __hrtimer_run_queues+0x5fb/0xae0
[  705.895859][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  705.895875][    C1]  ? read_tsc+0x9/0x20
[  705.895898][    C1]  hrtimer_interrupt+0x392/0x8e0
[  705.895924][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  705.895949][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  705.895973][    C1]  </IRQ>
[  705.895979][    C1]  <TASK>
[  705.895986][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  705.896008][    C1] RIP: 0010:smp_call_function_many_cond+0x4cb/0x12c0
[  705.896025][    C1] Code: 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 fc 4c 89 fd 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 fc 04 0c 00 f3 90 41 0f b6 04 24 <40> 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31 ff 83 e0 01 41
[  705.896038][    C1] RSP: 0018:ffffc90004c3f820 EFLAGS: 00000293
[  705.896051][    C1] RAX: 0000000000000000 RBX: ffff8880b8646a00 RCX: ffffffff81adcf0a
[  705.896062][    C1] RDX: ffff88802aa4c880 RSI: ffffffff81adcee4 RDI: 0000000000000005
[  705.896072][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  705.896082][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10170c8d41
[  705.896092][    C1] R13: 0000000000000001 R14: ffff8880b873fe80 R15: ffff8880b8646a08
[  705.896108][    C1]  ? smp_call_function_many_cond+0x4ea/0x12c0
[  705.896124][    C1]  ? smp_call_function_many_cond+0x4c4/0x12c0
[  705.896153][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  705.896170][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  705.896188][    C1]  flush_tlb_mm_range+0x271/0x4a0
[  705.896207][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  705.896230][    C1]  tlb_finish_mmu+0x3c9/0x7b0
[  705.896250][    C1]  exit_mmap+0x40e/0xba0
[  705.896276][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  705.896305][    C1]  ? __pfx_mark_lock+0x10/0x10
[  705.896343][    C1]  __mmput+0x12a/0x410
[  705.896367][    C1]  mmput+0x62/0x70
[  705.896388][    C1]  do_exit+0x9ba/0x2d70
[  705.896407][    C1]  ? get_signal+0x8f7/0x26c0
[  705.896430][    C1]  ? __pfx_do_exit+0x10/0x10
[  705.896446][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  705.896461][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  705.896479][    C1]  do_group_exit+0xd3/0x2a0
[  705.896498][    C1]  get_signal+0x24ed/0x26c0
[  705.896524][    C1]  ? putname+0x13c/0x180
[  705.896541][    C1]  ? __put_unused_fd+0x179/0x280
[  705.896566][    C1]  ? __pfx_get_signal+0x10/0x10
[  705.896591][    C1]  ? __pfx_do_futex+0x10/0x10
[  705.896617][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  705.896636][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  705.896669][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  705.896687][    C1]  do_syscall_64+0xda/0x250
[  705.896706][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  705.896727][    C1] RIP: 0033:0x7f64a6d8cde9
[  705.896738][    C1] Code: Unable to access opcode bytes at 0x7f64a6d8cdbf.
[  705.896746][    C1] RSP: 002b:00007f64a7c820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  705.896761][    C1] RAX: fffffffffffffe00 RBX: 00007f64a6fa5fa8 RCX: 00007f64a6d8cde9
[  705.896772][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f64a6fa5fa8
[  705.896782][    C1] RBP: 00007f64a6fa5fa0 R08: 0000000000000000 R09: 0000000000000000
[  705.896792][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f64a6fa5fac
[  705.896802][    C1] R13: 0000000000000000 R14: 00007fff618ce1b0 R15: 00007fff618ce298
[  705.896823][    C1]  </TASK>
[  706.976545][    C1] Shutting down cpus with NMI
[  706.976733][    C1] Kernel Offset: disabled