last executing test programs:

7m42.174530988s ago: executing program 1 (id=787):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xfffffd26)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[], 0x48}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0xc0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x240)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0xfe8e, 0x12)

7m38.943337499s ago: executing program 1 (id=793):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x0, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000001c0)=0x1)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x101301)
r3 = memfd_create(&(0x7f0000000800)='uid<', 0x4)
fstatfs(r3, &(0x7f00000003c0)=""/146)
ioctl$USBDEVFS_REAPURB(r2, 0x4004550c, &(0x7f0000002680))
r4 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r4, 0xc0045103, &(0x7f0000000040))
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000380)='cmdline\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

7m37.279980197s ago: executing program 1 (id=800):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000008c0)={0x2c, &(0x7f0000000640)={0x40, 0x16, 0x6, "ab0e4d8dfe98"}, 0x0, 0x0, 0x0, 0x0})

7m32.944108661s ago: executing program 1 (id=811):
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}, 'batadv_slave_1\x00'}}, 0x1e)
r0 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109021b00010700800b0904"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000300)={0x40, 0x30, 0xcc, "34f95766248101321ab673c7d37248d87610a4a8398457d6b1cbdeb10a4366c9565d2a0bb05b4f0263f560de7e3cec69a9a07e5a2402799c284550a6d42b540832671ca4d75baa35a3951c342981d77996d324e3b25fad386b57881bce44ece4334aebe94a62e754b4bc4232a1bf4ebee24e66cca18142779070b3e18b7652ec1e269f3e3d41af6c73b965f944a19a90771bea4d19411a8076f6277ab485a2703688d197c577f940b4e060641bbcc400a6a99a2d2160cf395e9ebae0995ca5cb26a052118c52f992ce682ed5"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f00000004c0)={0x20, 0x0, 0x8, {0xc0, 0x42, [0xf0f]}}, &(0x7f0000000500)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000540)={0x40, 0x9, 0x1, 0xf6}, &(0x7f0000000580)={0x40, 0xb, 0x2, "50ce"}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x4}, &(0x7f0000000600)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000640)={0x40, 0x17, 0x6, @random="d974de979ac9"}, &(0x7f0000000680)={0x40, 0x19, 0x2, "fee4"}, &(0x7f00000006c0)={0x40, 0x1a, 0x2, 0x2}, &(0x7f0000000700)={0x40, 0x1c, 0x1, 0x6}, &(0x7f0000000740)={0x40, 0x1e, 0x1, 0x80}, &(0x7f00000007c0)={0x40, 0x21, 0x1, 0x40}})

7m30.533733565s ago: executing program 1 (id=817):
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"4ed53c21a0e371d637458b309525bd9b08ae8adaf6e958866bdd1aaa6b19d9ce"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x29)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='proc\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1000, 0x0)
getdents64(r0, 0x0, 0x0)
lstat(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
semget$private(0x0, 0x4000000009, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) (fail_nth: 1)

7m29.648739829s ago: executing program 1 (id=818):
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[], 0xe4}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r2 = socket$inet6(0xa, 0x3, 0xff)
write(r1, &(0x7f0000000000), 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00', <r4=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0)
getsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000240)={@dev}, &(0x7f0000000280)=0x14)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x400448ca, 0x0)
r8 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r9, 0x5403, &(0x7f0000000080)={0x1, 0x6, 0x8, 0x6, 0x4, "ea082b0100000063f700ecffff0500"})
r10 = dup(r9)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000100)=0xff)
read$nci(r10, 0x0, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r12=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000008001400200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r12], 0x50)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e041f0304"], 0x7)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r8, {0x4}}, './file0\x00'})
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x13d8}, 0x1, 0x0, 0x0, 0x40c0051}, 0xc000)

7m27.813558685s ago: executing program 2 (id=823):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000000600)='./file0\x00', 0x8060, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f000000c3c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f00000000c0)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x7ab78c4493c52f9b, 0x1}}, 0x50)
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)

7m26.759915659s ago: executing program 2 (id=826):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x0, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000001c0)=0x1)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x101301)
r3 = memfd_create(&(0x7f0000000800)='uid<', 0x4)
fstatfs(r3, &(0x7f00000003c0)=""/146)
ioctl$USBDEVFS_REAPURB(r2, 0x4004550c, &(0x7f0000002680))
r4 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r4, 0xc0045103, &(0x7f0000000040))
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000380)='cmdline\x00')

7m24.993937092s ago: executing program 2 (id=830):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x0, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000001c0)=0x1)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x101301)
r3 = memfd_create(&(0x7f0000000800)='uid<', 0x4)
fstatfs(r3, &(0x7f00000003c0)=""/146)
ioctl$USBDEVFS_REAPURB(r2, 0x4004550c, &(0x7f0000002680))
r4 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r4, 0xc0045103, &(0x7f0000000040))
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000380)='cmdline\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

7m24.061894745s ago: executing program 2 (id=832):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=<r1=>0x0, @ANYBLOB="030009db75ced2daf5b60100469cd1fcb705f50300008c0000050100000000035c48000000008000000000003983a93276924f3fcc67b69e7cda552c06eb089f458f3796a6cfee41fc43f34d79000000e53713da4702cf6630715da549fe"], 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x20000084)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0e00000004000000080000000800", @ANYRES16=r1, @ANYBLOB="08000000000000cbaabb5893cf72c20000000000", @ANYRES32=0x0, @ANYRES8=0x0], 0x50)
syz_emit_ethernet(0x80, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000001480), 0xe0080, 0x0)
getpid()
setns(0xffffffffffffffff, 0x24020000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r6, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r7, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)

7m22.631714189s ago: executing program 2 (id=833):
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"4ed53c21a0e371d637458b309525bd9b08ae8adaf6e958866bdd1aaa6b19d9ce"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x29)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='proc\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1000, 0x0)
getdents64(r0, 0x0, 0x0)
lstat(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
semget$private(0x0, 0x4000000009, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) (fail_nth: 1)

7m19.310910634s ago: executing program 2 (id=838):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2)
r1 = syz_usb_connect(0x6, 0x24, &(0x7f0000000180)=ANY=[], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
r2 = syz_io_uring_setup(0x4174, &(0x7f0000000300)={0x0, 0x7e05, 0x8000}, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x22000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0xd, 0x0, 0x40000000000, 0x0, 0x3, 0x248a, 0x0, 0x3, 0x8, 0x7, 0x3, 0xf, 0x0, 0x0, 0x200000000, 0x6, 0x4, 0x0, 0x0, 0xffffffffffffffff})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="8500000022000000350000000000000085000000230000009500000000000000f4670880271e3503000ffa95a2c8c037c5fcadf78683149e17e24e96a142dfa8ba6287066c5197fabd5f7010e81ae0b737126ea6f7dc39cd34d5aeed8d38665c01002ff5dde54704d25c79949c23e2eb15d755a2350ea7c09c6db5640c11664baf8adb2142a9c28de194f44800000000b0d3712c7e93363af3c075ff1e23160104d95433bb755af3d57609d700ab56e77201bc692c5a2ad40709d031f40f3012e9576e51a7f550afc852003b2ff346c744ae6af3c037102124e25cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d02ba536cdacecf7eb6baaa4a9779f8555eaea76899f2c221c110ef050000000ee282ab76f593d928cf95846be6277cd8a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf8496b9a9812ed03cee579251667dd58ea032eda2296efb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebf942f7297f7b2744419a2f238f173d0cd46dafc6e9d929e03e5309ec91d83cf4fbd775e629b3000000000000000000000000000000000000000000000000004e410700ff9cfa139a35a8a669689144ff0173b15aa0f3794dbe2b0e6523155f5c4631f4cd2947de92f74fe3889ea5786118a4a8010e1de54a7d37885343e2545cffe14c8206da26a9ebf6cda6f5c081a320020bb82f56c0ab09797161997af2ad43ab7347a8c2ba7726a60459f43f8482482cc85096f11f14eecff54dca4a32ee9cfa02b3"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @remote}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})

7m13.444601142s ago: executing program 32 (id=818):
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[], 0xe4}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r2 = socket$inet6(0xa, 0x3, 0xff)
write(r1, &(0x7f0000000000), 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00', <r4=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0)
getsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000240)={@dev}, &(0x7f0000000280)=0x14)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x400448ca, 0x0)
r8 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r9, 0x5403, &(0x7f0000000080)={0x1, 0x6, 0x8, 0x6, 0x4, "ea082b0100000063f700ecffff0500"})
r10 = dup(r9)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000100)=0xff)
read$nci(r10, 0x0, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r12=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000008001400200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r12], 0x50)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e041f0304"], 0x7)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r8, {0x4}}, './file0\x00'})
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x13d8}, 0x1, 0x0, 0x0, 0x40c0051}, 0xc000)

7m2.894641884s ago: executing program 33 (id=838):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2)
r1 = syz_usb_connect(0x6, 0x24, &(0x7f0000000180)=ANY=[], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
r2 = syz_io_uring_setup(0x4174, &(0x7f0000000300)={0x0, 0x7e05, 0x8000}, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x22000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0xd, 0x0, 0x40000000000, 0x0, 0x3, 0x248a, 0x0, 0x3, 0x8, 0x7, 0x3, 0xf, 0x0, 0x0, 0x200000000, 0x6, 0x4, 0x0, 0x0, 0xffffffffffffffff})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="8500000022000000350000000000000085000000230000009500000000000000f4670880271e3503000ffa95a2c8c037c5fcadf78683149e17e24e96a142dfa8ba6287066c5197fabd5f7010e81ae0b737126ea6f7dc39cd34d5aeed8d38665c01002ff5dde54704d25c79949c23e2eb15d755a2350ea7c09c6db5640c11664baf8adb2142a9c28de194f44800000000b0d3712c7e93363af3c075ff1e23160104d95433bb755af3d57609d700ab56e77201bc692c5a2ad40709d031f40f3012e9576e51a7f550afc852003b2ff346c744ae6af3c037102124e25cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d02ba536cdacecf7eb6baaa4a9779f8555eaea76899f2c221c110ef050000000ee282ab76f593d928cf95846be6277cd8a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf8496b9a9812ed03cee579251667dd58ea032eda2296efb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebf942f7297f7b2744419a2f238f173d0cd46dafc6e9d929e03e5309ec91d83cf4fbd775e629b3000000000000000000000000000000000000000000000000004e410700ff9cfa139a35a8a669689144ff0173b15aa0f3794dbe2b0e6523155f5c4631f4cd2947de92f74fe3889ea5786118a4a8010e1de54a7d37885343e2545cffe14c8206da26a9ebf6cda6f5c081a320020bb82f56c0ab09797161997af2ad43ab7347a8c2ba7726a60459f43f8482482cc85096f11f14eecff54dca4a32ee9cfa02b3"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @remote}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})

27.285487342s ago: executing program 4 (id=2003):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000001fc0)=@deltfilter={0x24}, 0x33fe0}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000140))
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
mkdirat(0xffffffffffffffff, 0x0, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000180)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="8c0000001000370400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002801400060020010000000000000000000000000002050016000100000014000700fc0200000000000000000000000000000400120005000800", @ANYBLOB], 0x8c}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000021c0)='maps\x00')

16.732872668s ago: executing program 4 (id=2035):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x2, 0x0}, @generic={0x66}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6f)

16.627628785s ago: executing program 4 (id=2037):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r6, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
sendmsg$TIPC_CMD_GET_NODES(r4, 0x0, 0x20008004)
getrusage(0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
setitimer(0x1, 0x0, 0x0)

15.314756279s ago: executing program 4 (id=2044):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

15.227949274s ago: executing program 4 (id=2046):
r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x4000, 0x60)
mkdirat(r0, &(0x7f0000000180)='./file0/../file0\x00', 0x248)
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
pipe2$9p(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESHEX=r3])
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
read$FUSE(0xffffffffffffffff, &(0x7f0000000600)={0x2020}, 0x2020)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x13c, 0x10, 0x413, 0x20000000, 0x25dfdbfb, {{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0xfffc}, {@in=@loopback, 0x0, 0x32}, @in=@dev, {}, {0x0, 0xb, 0x0, 0x6}, {0x0, 0x401}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}]}, 0x13c}}, 0x4000080)

13.660020079s ago: executing program 4 (id=2051):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x1280, 0x0)
ioctl$RTC_PIE_OFF(r0, 0x7006)

13.403425617s ago: executing program 34 (id=2051):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x1280, 0x0)
ioctl$RTC_PIE_OFF(r0, 0x7006)

13.394141758s ago: executing program 3 (id=2054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000380)=@generic={&(0x7f0000000300)='./file0\x00', r0}, 0x18)

13.273681288s ago: executing program 3 (id=2055):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000400000008000000080000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)

11.729832209s ago: executing program 3 (id=2060):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{0xb, 0x2, 0xc, 0x3}, {0x401, 0x9, 0x4, 0x737d}, {0x47c, 0x7, 0x3, 0x6}, {0xe0c, 0x9, 0x7, 0x9c79}, {0x80, 0x9, 0x4, 0x9e}, {0xfff, 0xfd, 0x9, 0xfffffffc}, {0x2, 0x4, 0x6, 0x6}, {0x2, 0x6, 0xf8}]})
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d80), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000dc0)={0x3c, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x4}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x3c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x4000000000000c5, 0x400)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

11.444327425s ago: executing program 5 (id=2061):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x408, 0x7}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x581, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002, 0x20}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8}, @IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x6}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

11.36670171s ago: executing program 0 (id=2062):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000280), &(0x7f0000000080)=r4}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
syz_emit_ethernet(0x4e, &(0x7f0000002940)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaa"], 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
connect$unix(r5, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

10.234225143s ago: executing program 0 (id=2064):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f00000041c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}], 0x1, 0xc044)
write$binfmt_misc(r4, &(0x7f0000000300), 0xfdef)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000f2ffffff00000000ff000000850000002a000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
setitimer(0x1, &(0x7f0000000180)={{}, {0x0, 0xea60}}, 0x0)

9.529584085s ago: executing program 6 (id=2065):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0xfffffffffffffde8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000040)=0x8000)
poll(0x0, 0x0, 0x5)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0xc6c3, 0x0)
utimensat(0xffffffffffffffff, &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x32)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00'})
close(r0)

7.985994093s ago: executing program 0 (id=2066):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r4, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

5.331107267s ago: executing program 0 (id=2067):
add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
keyctl$revoke(0x3, r0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

4.149269911s ago: executing program 6 (id=2068):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, 0x0, 0x104)

4.148663124s ago: executing program 3 (id=2069):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000400000008000000080000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)

3.96112042s ago: executing program 5 (id=2070):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
lstat(0x0, 0x0)

3.199962972s ago: executing program 0 (id=2071):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getgroups(0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x3e}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.19966657s ago: executing program 5 (id=2072):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

3.119277779s ago: executing program 6 (id=2073):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@private2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {@in=@private, 0x0, 0x3c}, @in6=@local, {0x0, 0x0, 0x0, 0x3c, 0x3ff}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}}}]}, 0x13c}}, 0x0)

2.9894167s ago: executing program 6 (id=2074):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f00000000c0)=r0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
readlink(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)=""/243, 0xf3)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x2}, 0x4)
socket(0x200000100000011, 0x803, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="580000001000010400"/18, @ANYBLOB="000000000000000024001280110001006272696467655f736c61766500000000", @ANYBLOB='\n'], 0x58}}, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000040)={0x0, &(0x7f0000000140)}, 0x10)
sendmmsg(r6, &(0x7f0000001c00), 0x400000000000159, 0x40840)

2.903956261s ago: executing program 3 (id=2075):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r0)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r3)

2.743722631s ago: executing program 5 (id=2076):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0)

1.328246627s ago: executing program 0 (id=2077):
syz_usb_connect(0x3, 0x2d, &(0x7f00000010c0)={{0x12, 0x1, 0x201, 0xbd, 0x61, 0x3a, 0x40, 0x6189, 0x2068, 0x5ac9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x4, 0x4, 0x20, 0x23, [{{0x9, 0x4, 0x72, 0x6, 0x1, 0x28, 0x46, 0x56, 0x0, [], [{{0x9, 0x5, 0xe, 0x3, 0x40, 0x0, 0x5, 0x9}}]}}]}}]}}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0})

1.011796201s ago: executing program 3 (id=2078):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x80, 0x5, 0x1000, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = userfaultfd(0x1)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r8, 0xc020aa07, &(0x7f0000000180)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}, 0x1})

1.011344095s ago: executing program 5 (id=2079):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
creat(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee6, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f0000000300))
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@bridge_delvlan={0x18, 0x2a, 0x1}, 0x18}}, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x670, 0x5, 0x428, 0x450, 0x2c0, 0xffffffff, 0x3a8, 0x2c0, 0x450, 0x450, 0xffffffff, 0x450, 0x450, 0x5, 0x0, {[{{@uncond, 0x0, 0x130, 0x168, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'kmp\x00', "0d01d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x801, {0x0, @broadcast, @multicast2, @port=0x1, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'veth1_vlan\x00'}, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30}, {0x890, 0x218, 0x0, 0x1}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0xe, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x65, @port=0x4e21}}}, {{@ip={@private=0xa010100, @rand_addr, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x488)
bind$bt_hci(r0, 0x0, 0x0)

885.430329ms ago: executing program 6 (id=2080):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f00000100000000000000", @ANYRES32], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))

156.799384ms ago: executing program 6 (id=2081):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wg0\x00'})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000600)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000980)=""/170}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
close_range(r1, 0xffffffffffffffff, 0x0)

0s ago: executing program 5 (id=2082):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x3000c81c)
pipe2(0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@getqdisc={0x24, 0x26, 0x705, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff1}, {0x10, 0x8}, {0x8, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4c88b}, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x1, 0x9ac, 0x1, 0x4, 0x2, 0x9, 0x48}]})

kernel console output (not intermixed with test programs):

ing 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  626.391806][ T5871] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  626.432589][ T5871] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  626.444746][ T5871] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  626.461104][ T5871] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  626.471963][ T5871] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.533600][T11586] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  626.678261][    T8] usb 6-1: new full-speed USB device number 20 using dummy_hcd
[  626.698897][ T5871] usb 1-1: config 0 descriptor??
[  626.704842][T11569] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  626.712317][T11569] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  626.730916][ T5871] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  627.045049][T11589] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  627.086705][T11589] 9pnet_fd: Insufficient options for proto=fd
[  627.144850][    T8] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  627.153213][    T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  627.184474][    T8] usb 6-1: config 0 has no interface number 0
[  627.195068][ T5822] usb 1-1: USB disconnect, device number 37
[  627.207547][ T5822] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  627.216692][    T8] usb 6-1: config 0 interface 12 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  627.240087][    T8] usb 6-1: config 0 interface 12 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  627.258415][    T8] usb 6-1: config 0 interface 12 has no altsetting 0
[  627.269255][    T8] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  627.277768][T11596] netlink: 'syz.3.1515': attribute type 10 has an invalid length.
[  627.286189][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.286219][    T8] usb 6-1: Product: syz
[  627.286236][    T8] usb 6-1: Manufacturer: syz
[  627.286252][    T8] usb 6-1: SerialNumber: syz
[  627.287973][    T8] usb 6-1: config 0 descriptor??
[  627.338801][T11596] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  627.347718][T11584] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  627.349916][    T8] f81534 6-1:0.12: required endpoints missing
[  627.812861][    T8] usb 6-1: USB disconnect, device number 20
[  627.877208][ T5830] Bluetooth: hci3: unexpected event for opcode 0x0403
[  627.898732][ T5822] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  628.075654][ T5822] usb 7-1: Using ep0 maxpacket: 32
[  628.094295][ T5822] usb 7-1: unable to get BOS descriptor or descriptor too short
[  628.103424][ T5822] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  628.116247][ T5822] usb 7-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  628.126749][ T5822] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  628.134844][ T5822] usb 7-1: Product: syz
[  628.139169][ T5822] usb 7-1: Manufacturer: syz
[  628.154947][T11596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  628.160220][ T5822] usb 7-1: SerialNumber: syz
[  628.178043][T11596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  628.191572][T11596] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  628.239613][ T5909] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  628.427169][ T5822] usb 7-1: Limiting number of CPorts to U8_MAX
[  628.434446][ T5822] usb 7-1: Not enough endpoints found in device, aborting!
[  628.442904][T11596] bond0 (unregistering): (slave netdevsim0): Releasing backup interface
[  628.477184][ T5909] usb 1-1: Using ep0 maxpacket: 8
[  628.484317][ T5909] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  628.494269][ T5909] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  628.505538][ T5909] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  628.528330][T11596] bond0 (unregistering): Released all slaves
[  628.566286][ T5909] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  628.596681][ T5909] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  628.616064][ T5909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.756850][ T7345] usb 7-1: USB disconnect, device number 18
[  629.199272][T11616] loop9: detected capacity change from 0 to 7
[  629.342571][ T5909] usb 1-1: GET_CAPABILITIES returned 0
[  629.348608][ T5909] usbtmc 1-1:16.0: can't read capabilities
[  629.360307][T11616] Dev loop9: unable to read RDB block 7
[  629.367760][T11616]  loop9: unable to read partition table
[  629.376069][T11616] loop9: partition table beyond EOD, truncated
[  629.383155][T11616] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  629.638072][ T7345] usb 1-1: USB disconnect, device number 38
[  630.325826][    T8] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  630.491561][    T8] usb 6-1: Using ep0 maxpacket: 16
[  630.511153][    T8] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  630.525252][    T8] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  630.535963][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  630.548833][    T8] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  630.560936][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.569108][    T8] usb 6-1: Product: syz
[  630.573280][    T8] usb 6-1: Manufacturer: syz
[  630.578011][    T8] usb 6-1: SerialNumber: syz
[  630.587845][ T5822] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  630.758841][ T9446] usb 1-1: new low-speed USB device number 39 using dummy_hcd
[  630.766943][ T5822] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  630.776030][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.786265][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.796274][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.807012][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.811719][   T29] audit: type=1400 audit(1738714289.561:991): avc:  denied  { bind } for  pid=11630 comm="syz.5.1526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  630.837951][ T5909] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  630.852137][   T29] audit: type=1400 audit(1738714289.561:992): avc:  denied  { name_bind } for  pid=11630 comm="syz.5.1526" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  630.873922][   T29] audit: type=1400 audit(1738714289.561:993): avc:  denied  { node_bind } for  pid=11630 comm="syz.5.1526" saddr=fe80::aa src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  630.874179][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.906386][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.916753][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.926956][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.937162][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.947609][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.957069][ T9446] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  630.965257][ T9446] usb 1-1: config 0 has no interface number 0
[  630.971361][ T9446] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  630.982613][ T9446] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  630.993671][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  631.003908][ T9446] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  631.015583][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  631.024997][ T9446] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  631.036477][ T9446] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  631.047625][ T5909] usb 5-1: Using ep0 maxpacket: 8
[  631.047648][ T9446] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  631.047792][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  631.059445][ T5909] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  631.081826][ T5909] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  631.085978][    T8] usb 6-1: 0:2 : does not exist
[  631.114631][ T5909] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  631.129209][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  631.150015][ T5909] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  631.150024][ T9446] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  631.150062][ T5909] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  631.150084][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.163236][ T9446] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.205220][ T9446] usb 1-1: config 0 descriptor??
[  631.211023][ T5822] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  631.230545][ T5822] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  631.242070][T11639] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  631.249461][T11639] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  631.264562][ T5822] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  631.274109][ T5822] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  631.282718][ T9446] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  631.294745][ T5822] usb 7-1: Product: syz
[  631.298984][ T5822] usb 7-1: Manufacturer: syz
[  631.303683][ T5822] usb 7-1: SerialNumber: syz
[  631.310582][ T5822] usb 7-1: config 0 descriptor??
[  631.320209][ T5822] yurex 7-1:0.0: Could not find endpoints
[  631.428724][ T5909] usb 5-1: GET_CAPABILITIES returned 0
[  631.438526][ T5909] usbtmc 5-1:16.0: can't read capabilities
[  631.486095][ T5909] usb 1-1: USB disconnect, device number 39
[  631.495133][ T5909] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  631.557394][ T7345] usb 7-1: USB disconnect, device number 19
[  631.749396][    T8] usb 6-1: 1:0: cannot get min/max values for control 4 (id 1)
[  631.792184][    T8] usb 6-1: USB disconnect, device number 21
[  631.801933][ T7345] usb 5-1: USB disconnect, device number 61
[  632.153594][   T29] audit: type=1400 audit(1738714290.814:994): avc:  denied  { read write } for  pid=11646 comm="syz.0.1531" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  632.180739][   T29] audit: type=1400 audit(1738714290.814:995): avc:  denied  { open } for  pid=11646 comm="syz.0.1531" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  633.534298][   T29] audit: type=1400 audit(1738714292.096:996): avc:  denied  { write } for  pid=11662 comm="syz.4.1537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  633.837778][    T8] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  633.998222][    T8] usb 6-1: Using ep0 maxpacket: 8
[  634.016361][    T8] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  634.026869][    T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  634.042892][    T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  634.067160][    T8] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  634.107488][    T8] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  634.130998][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.369519][    T8] usb 6-1: GET_CAPABILITIES returned 0
[  634.380072][    T8] usbtmc 6-1:16.0: can't read capabilities
[  634.689446][    T8] usb 6-1: USB disconnect, device number 22
[  634.725522][   T45] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  634.886568][   T45] usb 7-1: config index 0 descriptor too short (expected 146, got 18)
[  634.897179][   T45] usb 7-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  634.906407][   T45] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.017298][   T45] usb 7-1: Product: syz
[  635.021520][   T45] usb 7-1: Manufacturer: syz
[  635.026266][   T45] usb 7-1: SerialNumber: syz
[  635.048558][   T45] usb 7-1: config 0 descriptor??
[  635.210418][T11682] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1539'.
[  635.791725][   T29] audit: type=1400 audit(1738714294.219:997): avc:  denied  { module_request } for  pid=11683 comm="syz.5.1542" kmod="netdev-syzkaller1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  635.884984][   T45] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  635.901806][   T45] asix 7-1:0.0: probe with driver asix failed with error -61
[  636.212744][T11693] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  636.270104][T11692] 9pnet_fd: Insufficient options for proto=fd
[  636.516322][T11696] misc userio: Invalid payload size
[  636.558878][T11696] misc userio: No port type given on /dev/userio
[  636.717937][T11696] misc userio: The device must be registered before sending interrupts
[  638.585499][   T29] audit: type=1400 audit(1738714296.352:998): avc:  denied  { ioctl } for  pid=11699 comm="syz.3.1547" path="socket:[31966]" dev="sockfs" ino=31966 ioctlcmd=0x8b04 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  638.964944][   T29] audit: type=1400 audit(1738714297.184:999): avc:  denied  { connect } for  pid=11718 comm="syz.3.1549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  639.019682][T11695] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1545'.
[  639.045808][   T29] audit: type=1400 audit(1738714297.184:1000): avc:  denied  { setopt } for  pid=11718 comm="syz.3.1549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  639.418659][ T9446] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  639.590927][ T9446] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  639.614609][ T9446] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[  639.640007][ T9446] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  639.655093][ T9446] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.672247][ T9446] usb 5-1: Product: syz
[  639.681170][ T9446] usb 5-1: Manufacturer: syz
[  639.692778][ T9446] usb 5-1: SerialNumber: syz
[  639.899561][ T1200] usb 7-1: USB disconnect, device number 20
[  640.546543][ T9446] usb 5-1: USB disconnect, device number 62
[  640.701098][ T5822] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  640.937606][ T5822] usb 4-1: Using ep0 maxpacket: 32
[  641.151288][ T5822] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  641.166549][ T5822] usb 4-1: config 0 has no interface number 0
[  641.196291][ T5822] usb 4-1: config 0 interface 184 has no altsetting 0
[  641.249330][ T5822] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  641.259050][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.267470][ T5822] usb 4-1: Product: syz
[  641.274750][ T5822] usb 4-1: Manufacturer: syz
[  641.279470][ T5822] usb 4-1: SerialNumber: syz
[  641.300729][ T5822] usb 4-1: config 0 descriptor??
[  641.330730][ T5822] smsc75xx v1.0.0
[  641.596166][T11744] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  642.251595][ T5822] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  642.314853][ T5822] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  642.389307][T11757] FAULT_INJECTION: forcing a failure.
[  642.389307][T11757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  642.476705][T11757] CPU: 0 UID: 0 PID: 11757 Comm: syz.0.1559 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  642.476741][T11757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  642.476752][T11757] Call Trace:
[  642.476758][T11757]  <TASK>
[  642.476765][T11757]  dump_stack_lvl+0x16c/0x1f0
[  642.476792][T11757]  should_fail_ex+0x50a/0x650
[  642.476824][T11757]  _copy_from_user+0x2e/0xd0
[  642.476852][T11757]  copy_msghdr_from_user+0x99/0x160
[  642.476876][T11757]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  642.476912][T11757]  ___sys_sendmsg+0xff/0x1e0
[  642.476936][T11757]  ? __pfx____sys_sendmsg+0x10/0x10
[  642.476969][T11757]  ? __pfx_lock_release+0x10/0x10
[  642.476994][T11757]  ? trace_lock_acquire+0x14e/0x1f0
[  642.477024][T11757]  ? __fget_files+0x206/0x3a0
[  642.477050][T11757]  __sys_sendmsg+0x16e/0x220
[  642.477073][T11757]  ? __pfx___sys_sendmsg+0x10/0x10
[  642.477114][T11757]  do_syscall_64+0xcd/0x250
[  642.477136][T11757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.477161][T11757] RIP: 0033:0x7fad7f18cda9
[  642.477177][T11757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.477194][T11757] RSP: 002b:00007fad7ff23038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  642.477214][T11757] RAX: ffffffffffffffda RBX: 00007fad7f3a5fa0 RCX: 00007fad7f18cda9
[  642.477227][T11757] RDX: 0000000000000800 RSI: 0000000020006040 RDI: 0000000000000004
[  642.477239][T11757] RBP: 00007fad7ff23090 R08: 0000000000000000 R09: 0000000000000000
[  642.477250][T11757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.477261][T11757] R13: 0000000000000000 R14: 00007fad7f3a5fa0 R15: 00007ffc77e9a6d8
[  642.477286][T11757]  </TASK>
[  642.875150][ T5822] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  642.894611][ T5822] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  642.919050][T11750] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  642.939877][ T5822] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  642.964363][ T5822] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  643.038870][ T5822] usb 4-1: USB disconnect, device number 63
[  643.373737][ T9446] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  643.534106][ T9446] usb 7-1: Using ep0 maxpacket: 32
[  643.551311][ T9446] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  643.723140][ T9446] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  643.748858][ T9446] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  643.758319][ T9446] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  643.778171][ T9446] usb 7-1: config 0 descriptor??
[  643.787609][ T9446] hub 7-1:0.0: bad descriptor, ignoring hub
[  643.798214][ T9446] hub 7-1:0.0: probe with driver hub failed with error -5
[  643.811498][ T9446] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  644.165111][T11776] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  644.609394][T11777] loop9: detected capacity change from 0 to 7
[  644.624620][T11777] Dev loop9: unable to read RDB block 7
[  644.662736][T11777]  loop9: unable to read partition table
[  644.765571][T11782] fuseblk: Unknown parameter 'grou00000000000000000000'
[  644.799075][T11777] loop9: partition table beyond EOD, truncated
[  645.298302][T11777] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  645.319499][T11782] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  645.693624][ T9446] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  645.886075][ T9446] usb 1-1: Using ep0 maxpacket: 32
[  645.933597][ T9446] usb 1-1: unable to get BOS descriptor or descriptor too short
[  645.947042][ T9446] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  645.973627][ T9446] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  645.987458][ T9446] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.995776][ T9446] usb 1-1: Product: syz
[  646.000119][ T9446] usb 1-1: Manufacturer: syz
[  646.004864][ T9446] usb 1-1: SerialNumber: syz
[  646.804943][ T9446] usb 1-1: Limiting number of CPorts to U8_MAX
[  646.874829][ T9446] usb 1-1: Not enough endpoints found in device, aborting!
[  646.900968][ T9446] usb 1-1: USB disconnect, device number 40
[  647.016397][T11803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  647.124274][ T5869] usb 7-1: USB disconnect, device number 21
[  647.167219][T11802] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  647.442361][T11802] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  647.451101][T11803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  647.512862][T11802] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  647.810653][T11809] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  649.302504][T11826] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1578'.
[  650.094106][T11829] loop9: detected capacity change from 0 to 7
[  650.324277][T11829] Dev loop9: unable to read RDB block 7
[  650.345470][T11829]  loop9: unable to read partition table
[  650.351256][T11829] loop9: partition table beyond EOD, truncated
[  650.956206][T11829] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  651.072136][T11842] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1582'.
[  652.022413][ T5869] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  652.816006][T11856] loop9: detected capacity change from 0 to 7
[  652.827301][ T5869] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  652.860774][T11856] Dev loop9: unable to read RDB block 7
[  652.863617][ T5869] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  652.880539][T11856]  loop9: unable to read partition table
[  652.967008][T11856] loop9: partition table beyond EOD, truncated
[  652.977498][ T5869] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  652.987134][T11856] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  653.018579][ T5869] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.090193][ T5869] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  653.121356][ T5869] usb 1-1: invalid MIDI out EP 0
[  653.384311][ T5869] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[  653.519303][ T5869] usb 1-1: USB disconnect, device number 41
[  653.626879][    T8] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  653.841484][    T8] usb 5-1: Using ep0 maxpacket: 8
[  653.907314][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  653.987259][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  654.071082][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  654.148364][    T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  654.165932][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  654.177054][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.490560][    T8] usb 5-1: GET_CAPABILITIES returned 0
[  654.510192][    T8] usbtmc 5-1:16.0: can't read capabilities
[  654.588147][   T29] audit: type=1400 audit(1738714311.795:1001): avc:  denied  { listen } for  pid=11870 comm="syz.6.1592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  654.716601][ T1200] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  654.759841][   T29] audit: type=1400 audit(1738714311.833:1002): avc:  denied  { connect } for  pid=11870 comm="syz.6.1592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  654.790462][    T8] usb 5-1: USB disconnect, device number 63
[  655.486170][ T1200] usb 4-1: Using ep0 maxpacket: 32
[  655.496566][ T1200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  655.523963][ T1200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  655.580364][ T1200] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  655.614425][ T1200] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.658562][ T1200] usb 4-1: config 0 descriptor??
[  655.681311][ T1200] hub 4-1:0.0: USB hub found
[  655.909787][T11885] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1595'.
[  656.514312][ T1200] hub 4-1:0.0: 1 port detected
[  657.820646][ T1200] usb 4-1: USB disconnect, device number 64
[  659.821105][T11899] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1600'.
[  659.835712][T11913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1603'.
[  659.898578][T11913] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1603'.
[  660.214875][T11918] FAULT_INJECTION: forcing a failure.
[  660.214875][T11918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  660.228120][T11918] CPU: 0 UID: 0 PID: 11918 Comm: syz.3.1605 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  660.228145][T11918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  660.228156][T11918] Call Trace:
[  660.228160][T11918]  <TASK>
[  660.228165][T11918]  dump_stack_lvl+0x16c/0x1f0
[  660.228181][T11918]  should_fail_ex+0x50a/0x650
[  660.228199][T11918]  _copy_from_user+0x2e/0xd0
[  660.228222][T11918]  copy_msghdr_from_user+0x99/0x160
[  660.228237][T11918]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  660.228256][T11918]  ___sys_sendmsg+0xff/0x1e0
[  660.228270][T11918]  ? __pfx____sys_sendmsg+0x10/0x10
[  660.228288][T11918]  ? __pfx_lock_release+0x10/0x10
[  660.228303][T11918]  ? trace_lock_acquire+0x14e/0x1f0
[  660.228319][T11918]  ? __fget_files+0x206/0x3a0
[  660.228333][T11918]  __sys_sendmsg+0x16e/0x220
[  660.228346][T11918]  ? __pfx___sys_sendmsg+0x10/0x10
[  660.228368][T11918]  do_syscall_64+0xcd/0x250
[  660.228380][T11918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.228395][T11918] RIP: 0033:0x7febdc98cda9
[  660.228405][T11918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.228417][T11918] RSP: 002b:00007febdd718038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  660.228427][T11918] RAX: ffffffffffffffda RBX: 00007febdcba6080 RCX: 00007febdc98cda9
[  660.228434][T11918] RDX: 0000000020000000 RSI: 0000000020000140 RDI: 0000000000000004
[  660.228441][T11918] RBP: 00007febdd718090 R08: 0000000000000000 R09: 0000000000000000
[  660.228447][T11918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.228453][T11918] R13: 0000000000000001 R14: 00007febdcba6080 R15: 00007ffe1d6ad4e8
[  660.228467][T11918]  </TASK>
[  660.691340][   T29] audit: type=1400 audit(1738714317.511:1003): avc:  denied  { read } for  pid=11919 comm="syz.5.1606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  660.872957][T11924] IPVS: Error connecting to the multicast addr
[  661.441329][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  661.448440][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  662.585011][   T29] audit: type=1326 audit(1738714319.241:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.5.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  663.339750][   T29] audit: type=1326 audit(1738714319.241:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.5.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  663.403233][ T9446] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  663.420365][   T29] audit: type=1326 audit(1738714319.241:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.5.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  663.678980][   T29] audit: type=1326 audit(1738714319.241:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.5.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  663.704779][   T29] audit: type=1326 audit(1738714319.241:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.5.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  663.752633][ T9446] usb 4-1: Using ep0 maxpacket: 32
[  663.759632][   T29] audit: type=1326 audit(1738714319.250:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.5.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  663.830564][ T9446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  663.852353][ T9446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  663.874304][ T9446] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  663.889004][ T9446] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.898482][ T9446] usb 4-1: config 0 descriptor??
[  663.904768][ T9446] hub 4-1:0.0: USB hub found
[  663.932005][ T5869] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  664.004947][T11948] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1614'.
[  664.015917][T11948] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1614'.
[  664.209988][ T5909] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  664.305879][   T29] audit: type=1400 audit(1738714320.887:1010): avc:  denied  { shutdown } for  pid=11946 comm="syz.5.1614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  664.374373][ T9446] hub 4-1:0.0: 1 port detected
[  664.669417][ T5909] usb 7-1: Using ep0 maxpacket: 32
[  664.674861][ T5869] usb 5-1: Using ep0 maxpacket: 8
[  664.688477][ T5869] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  664.697046][ T5909] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  664.708052][ T5869] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  664.717844][ T5909] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  664.728608][ T5869] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  665.331909][ T5869] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  665.342189][ T5909] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  665.352127][ T5869] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  665.365285][ T5909] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.373475][ T5869] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  665.463489][ T5869] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.481720][ T5909] usb 7-1: config 0 descriptor??
[  665.502661][ T5909] hub 7-1:0.0: USB hub found
[  665.550188][ T9446] hub 4-1:0.0: activate --> -90
[  665.551082][   T25] usb 4-1: USB disconnect, device number 65
[  665.991588][ T5869] usb 5-1: usb_control_msg returned -71
[  666.258686][ T5869] usbtmc 5-1:16.0: can't read capabilities
[  666.424064][ T5909] hub 7-1:0.0: config failed, can't read hub descriptor (err -22)
[  666.486166][ T5869] usb 5-1: USB disconnect, device number 64
[  666.705263][T11968] atomic_op ffff88805e97e198 conn xmit_atomic 0000000000000000
[  666.732432][ T5909] usbhid 7-1:0.0: can't add hid device: -71
[  666.997000][ T5909] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  667.049927][ T5909] usb 7-1: USB disconnect, device number 22
[  667.619922][   T29] audit: type=1400 audit(1738714323.993:1011): avc:  denied  { mount } for  pid=11974 comm="syz.4.1621" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  667.674113][   T29] audit: type=1400 audit(1738714324.021:1012): avc:  denied  { write } for  pid=11974 comm="syz.4.1621" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  667.864281][   T29] audit: type=1400 audit(1738714324.086:1013): avc:  denied  { open } for  pid=11974 comm="syz.4.1621" path="/317/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  668.017993][ T1200] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  668.185269][T11979] loop9: detected capacity change from 0 to 7
[  668.193013][T11979] Dev loop9: unable to read RDB block 7
[  668.218816][T11979]  loop9: unable to read partition table
[  668.236042][ T1200] usb 4-1: Using ep0 maxpacket: 32
[  668.245554][T11979] loop9: partition table beyond EOD, truncated
[  668.256318][ T1200] usb 4-1: unable to get BOS descriptor or descriptor too short
[  668.266219][T11979] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  668.266881][ T1200] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  668.316955][ T1200] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  668.328519][ T1200] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  668.346121][ T1200] usb 4-1: Product: syz
[  668.355570][ T1200] usb 4-1: Manufacturer: syz
[  668.366040][ T1200] usb 4-1: SerialNumber: syz
[  668.619263][T11985] misc userio: No port type given on /dev/userio
[  668.673387][T11986] misc userio: The device must be registered before sending interrupts
[  668.746235][ T1200] usb 4-1: Limiting number of CPorts to U8_MAX
[  668.763659][ T1200] usb 4-1: Not enough endpoints found in device, aborting!
[  668.955757][ T5869] usb 4-1: USB disconnect, device number 66
[  669.213955][T11986] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1623'.
[  669.464766][   T29] audit: type=1400 audit(1738714325.723:1014): avc:  denied  { unmount } for  pid=5816 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  669.683758][ T5869] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  669.811888][ T9446] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  669.864961][ T5869] usb 7-1: Using ep0 maxpacket: 32
[  669.877915][ T5869] usb 7-1: unable to get BOS descriptor or descriptor too short
[  669.879294][ T5869] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  670.070309][ T9446] usb 4-1: config 0 has an invalid interface number: 153 but max is 0
[  670.089091][ T9446] usb 4-1: config 0 has no interface number 0
[  670.102545][ T9446] usb 4-1: too many endpoints for config 0 interface 153 altsetting 255: 255, using maximum allowed: 30
[  670.120438][ T9446] usb 4-1: config 0 interface 153 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  670.126659][ T5869] usb 7-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  670.134233][ T9446] usb 4-1: config 0 interface 153 has no altsetting 0
[  670.456081][ T9446] usb 4-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[  670.461111][ T5869] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.465326][ T9446] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.494425][ T5869] usb 7-1: Product: syz
[  670.513698][ T5869] usb 7-1: Manufacturer: syz
[  670.513718][ T9446] usb 4-1: Product: syz
[  670.513758][ T9446] usb 4-1: Manufacturer: syz
[  670.527231][ T5822] usb 5-1: new full-speed USB device number 65 using dummy_hcd
[  670.529727][ T5869] usb 7-1: SerialNumber: syz
[  670.582941][ T9446] usb 4-1: SerialNumber: syz
[  670.599559][ T9446] usb 4-1: config 0 descriptor??
[  670.610662][ T9446] hub 4-1:0.153: bad descriptor, ignoring hub
[  670.617410][ T9446] hub 4-1:0.153: probe with driver hub failed with error -5
[  670.626890][ T9446] sierra 4-1:0.153: Sierra USB modem converter detected
[  670.733055][ T5822] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  670.755908][ T5822] usb 5-1: config 0 has no interface number 0
[  670.772369][ T5869] usb 7-1: Limiting number of CPorts to U8_MAX
[  670.772408][ T5822] usb 5-1: config 0 interface 12 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  670.779049][ T5869] usb 7-1: Not enough endpoints found in device, aborting!
[  670.798747][ T5822] usb 5-1: config 0 interface 12 altsetting 2 has a duplicate endpoint with address 0x82, skipping
[  670.812001][ T5822] usb 5-1: config 0 interface 12 has no altsetting 0
[  670.822907][ T5822] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  670.878418][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.890600][ T5822] usb 5-1: Product: syz
[  670.896696][ T9446] usb 4-1: USB disconnect, device number 67
[  670.903287][ T5822] usb 5-1: Manufacturer: syz
[  670.908046][ T5822] usb 5-1: SerialNumber: syz
[  670.918241][ T9446] sierra 4-1:0.153: device disconnected
[  670.927844][ T5822] usb 5-1: config 0 descriptor??
[  670.933469][T12003] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  670.942387][ T5822] f81534 5-1:0.12: required endpoints missing
[  671.034807][T12012] misc userio: Invalid payload size
[  671.083977][T12012] misc userio: No port type given on /dev/userio
[  671.126556][T12012] misc userio: The device must be registered before sending interrupts
[  671.351807][ T9446] usb 7-1: USB disconnect, device number 23
[  671.358297][T12015] misc userio: Invalid payload size
[  671.363801][T12015] misc userio: No port type given on /dev/userio
[  671.370393][T12015] misc userio: The device must be registered before sending interrupts
[  671.687307][T12021] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1630'.
[  671.710368][T12022] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  671.899692][ T5869] usb 5-1: USB disconnect, device number 65
[  672.194636][T12029] loop9: detected capacity change from 0 to 7
[  672.212854][T12029] Dev loop9: unable to read RDB block 7
[  672.220194][T12029]  loop9: unable to read partition table
[  672.226099][T12029] loop9: partition table beyond EOD, truncated
[  673.253972][T12029] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  673.311589][T12032] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1634'.
[  673.405704][ T9446] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  674.226765][ T9446] usb 7-1: Using ep0 maxpacket: 16
[  674.455747][ T9446] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  674.483837][   T29] audit: type=1400 audit(1738714330.410:1015): avc:  denied  { bind } for  pid=12047 comm="syz.4.1638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  674.514079][ T9446] usb 7-1: config 0 interface 0 has no altsetting 0
[  674.538663][ T9446] usb 7-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  674.565586][ T9446] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.588871][ T9446] usb 7-1: config 0 descriptor??
[  677.102569][ T5909] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  677.145661][T12071] fuseblk: Unknown parameter 'group_id00000000000000000000'
[  677.317063][ T5909] usb 1-1: Using ep0 maxpacket: 32
[  677.356039][ T5909] usb 1-1: unable to get BOS descriptor or descriptor too short
[  677.439124][ T5909] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  677.466254][ T5909] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  677.486576][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.496952][ T5909] usb 1-1: Product: syz
[  677.501644][ T5909] usb 1-1: Manufacturer: syz
[  677.532000][ T5909] usb 1-1: SerialNumber: syz
[  678.129299][ T5909] usb 1-1: Limiting number of CPorts to U8_MAX
[  678.147942][ T5909] usb 1-1: Not enough endpoints found in device, aborting!
[  678.446972][ T5909] usb 1-1: USB disconnect, device number 42
[  678.475635][ T9446] usbhid 7-1:0.0: can't add hid device: -71
[  678.492642][ T9446] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  678.534130][ T9446] usb 7-1: USB disconnect, device number 24
[  678.821181][T12087] FAULT_INJECTION: forcing a failure.
[  678.821181][T12087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  678.834942][T12087] CPU: 1 UID: 0 PID: 12087 Comm: syz.6.1648 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  678.834967][T12087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  678.834978][T12087] Call Trace:
[  678.834984][T12087]  <TASK>
[  678.834992][T12087]  dump_stack_lvl+0x16c/0x1f0
[  678.835018][T12087]  should_fail_ex+0x50a/0x650
[  678.835049][T12087]  _copy_from_user+0x2e/0xd0
[  678.835079][T12087]  move_addr_to_kernel+0x68/0x160
[  678.835100][T12087]  __sys_connect+0xb0/0x170
[  678.835120][T12087]  ? __pfx___sys_connect+0x10/0x10
[  678.835150][T12087]  ? __pfx_ksys_write+0x10/0x10
[  678.835185][T12087]  __x64_sys_connect+0x72/0xb0
[  678.835204][T12087]  ? lockdep_hardirqs_on+0x7c/0x110
[  678.835224][T12087]  do_syscall_64+0xcd/0x250
[  678.835246][T12087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.835272][T12087] RIP: 0033:0x7f542df8cda9
[  678.835287][T12087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.835306][T12087] RSP: 002b:00007f542ee82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  678.835325][T12087] RAX: ffffffffffffffda RBX: 00007f542e1a6160 RCX: 00007f542df8cda9
[  678.835338][T12087] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000007
[  678.835350][T12087] RBP: 00007f542ee82090 R08: 0000000000000000 R09: 0000000000000000
[  678.835362][T12087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  678.835374][T12087] R13: 0000000000000000 R14: 00007f542e1a6160 R15: 00007ffe6ddc9198
[  678.835399][T12087]  </TASK>
[  680.451267][ T5822] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  680.620007][T12103] loop9: detected capacity change from 0 to 7
[  680.638420][T12103] Dev loop9: unable to read RDB block 7
[  680.644250][ T5822] usb 4-1: Using ep0 maxpacket: 32
[  680.650089][T12103]  loop9: unable to read partition table
[  681.238985][ T5822] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  681.249672][ T5822] usb 4-1: config 0 has no interface number 0
[  681.257520][ T5822] usb 4-1: config 0 interface 12 has no altsetting 0
[  681.302057][T12103] loop9: partition table beyond EOD, truncated
[  681.368173][T12103] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  681.378317][ T5822] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  681.405195][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.424238][ T5822] usb 4-1: Product: syz
[  681.433169][ T5822] usb 4-1: Manufacturer: syz
[  681.538024][ T5822] usb 4-1: SerialNumber: syz
[  681.544603][ T5822] usb 4-1: config 0 descriptor??
[  681.779222][T12120] pim6reg: entered allmulticast mode
[  681.794602][T12120] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1657'.
[  683.250342][    C1] sl0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 20380 ms
[  683.258409][    C1] sl0: transmit timed out, driver error?
[  683.409372][T12130] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  684.920019][ T1200] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  684.931294][ T5822] f81534 4-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  684.941475][ T5822] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  684.949425][ T5822] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  684.958455][ T5822] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  685.150127][T12139] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  685.292892][ T5822] usb 4-1: USB disconnect, device number 68
[  685.302800][ T1200] usb 6-1: Using ep0 maxpacket: 16
[  685.333924][ T1200] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  685.358042][ T1200] usb 6-1: config 0 interface 0 has no altsetting 0
[  685.381191][ T1200] usb 6-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  685.412125][ T1200] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.773604][ T1200] usb 6-1: config 0 descriptor??
[  686.765326][T12156] FAULT_INJECTION: forcing a failure.
[  686.765326][T12156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  686.778788][T12156] CPU: 0 UID: 0 PID: 12156 Comm: syz.4.1663 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  686.778814][T12156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  686.778825][T12156] Call Trace:
[  686.778830][T12156]  <TASK>
[  686.778837][T12156]  dump_stack_lvl+0x16c/0x1f0
[  686.778860][T12156]  should_fail_ex+0x50a/0x650
[  686.778893][T12156]  _copy_from_user+0x2e/0xd0
[  686.778920][T12156]  copy_msghdr_from_user+0x99/0x160
[  686.778945][T12156]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  686.778971][T12156]  ? __pfx___lock_acquire+0x10/0x10
[  686.779003][T12156]  ___sys_recvmsg+0xdc/0x1a0
[  686.779027][T12156]  ? __pfx____sys_recvmsg+0x10/0x10
[  686.779050][T12156]  ? __pfx_lock_release+0x10/0x10
[  686.779074][T12156]  ? trace_lock_acquire+0x14e/0x1f0
[  686.779112][T12156]  do_recvmmsg+0x2f8/0x740
[  686.779139][T12156]  ? __pfx_do_recvmmsg+0x10/0x10
[  686.779159][T12156]  ? vfs_write+0x306/0x1150
[  686.779194][T12156]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  686.779223][T12156]  ? __fget_files+0x206/0x3a0
[  686.779246][T12156]  __x64_sys_recvmmsg+0x239/0x290
[  686.779270][T12156]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  686.779302][T12156]  do_syscall_64+0xcd/0x250
[  686.779324][T12156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.779347][T12156] RIP: 0033:0x7fb86198cda9
[  686.779361][T12156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  686.779377][T12156] RSP: 002b:00007fb86270f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  686.779395][T12156] RAX: ffffffffffffffda RBX: 00007fb861ba5fa0 RCX: 00007fb86198cda9
[  686.779408][T12156] RDX: 0000000000000002 RSI: 0000000020003f40 RDI: 0000000000000004
[  686.779418][T12156] RBP: 00007fb86270f090 R08: 0000000000000000 R09: 0000000000000000
[  686.779428][T12156] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  686.779438][T12156] R13: 0000000000000000 R14: 00007fb861ba5fa0 R15: 00007ffc8e7a2ab8
[  686.779460][T12156]  </TASK>
[  686.782465][T12156] trusted_key: syz.4.1663 sent an empty control message without MSG_MORE.
[  687.130322][ T9446] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  687.344858][ T9446] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  687.353061][ T9446] usb 7-1: config 0 has no interface number 0
[  687.359580][ T9446] usb 7-1: config 0 interface 12 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  687.504561][ T9446] usb 7-1: config 0 interface 12 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  687.550972][ T9446] usb 7-1: config 0 interface 12 has no altsetting 0
[  687.575697][ T9446] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  687.587179][ T9446] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.607138][ T9446] usb 7-1: Product: syz
[  687.621687][ T9446] usb 7-1: Manufacturer: syz
[  687.632413][ T9446] usb 7-1: SerialNumber: syz
[  687.828624][ T9446] usb 7-1: config 0 descriptor??
[  687.836666][T12154] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  687.845364][ T9446] f81534 7-1:0.12: unsupported endpoint max packet size
[  689.016774][   T25] usb 7-1: USB disconnect, device number 25
[  690.282132][ T1200] usbhid 6-1:0.0: can't add hid device: -71
[  690.288258][ T1200] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  690.328112][ T1200] usb 6-1: USB disconnect, device number 23
[  690.489644][T12181] misc userio: Invalid payload size
[  690.503203][T12181] misc userio: No port type given on /dev/userio
[  690.519740][T12181] misc userio: The device must be registered before sending interrupts
[  690.641466][T12183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1673'.
[  690.957615][ T1200] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  691.001341][ T5830] Bluetooth: hci1: unexpected event for opcode 0x0403
[  691.143734][ T1200] usb 6-1: config index 0 descriptor too short (expected 146, got 18)
[  691.181834][ T1200] usb 6-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  691.257180][ T1200] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  691.265210][ T1200] usb 6-1: Product: syz
[  691.298317][ T1200] usb 6-1: Manufacturer: syz
[  691.315849][ T1200] usb 6-1: SerialNumber: syz
[  691.538593][ T1200] usb 6-1: config 0 descriptor??
[  692.073667][ T1200] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  692.112478][ T1200] asix 6-1:0.0: probe with driver asix failed with error -61
[  692.360595][T12193] loop9: detected capacity change from 0 to 7
[  692.375265][T12193] Dev loop9: unable to read RDB block 7
[  692.385460][T12193]  loop9: unable to read partition table
[  692.391817][T12193] loop9: partition table beyond EOD, truncated
[  692.398088][T12193] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  692.600479][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x130
[  692.642530][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x130
[  692.669182][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x130
[  692.700339][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x130
[  692.739993][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x21c4
[  692.808196][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7191
[  692.850524][T12196] kvm: kvm [12195]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x61a9
[  693.627021][   T25] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  693.804485][   T25] usb 5-1: Using ep0 maxpacket: 16
[  693.832272][   T25] usb 5-1: config 0 interface 0 has no altsetting 0
[  693.842062][   T25] usb 5-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  693.874356][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.889863][   T25] usb 5-1: config 0 descriptor??
[  694.039221][T12209] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  694.495127][   T25] hid (null): unknown global tag 0x31
[  694.526049][   T25] hid (null): unknown global tag 0xb7
[  694.553255][   T25] hid (null): global environment stack underflow
[  694.581370][   T25] hid (null): unknown global tag 0xc
[  694.586846][   T25] hid (null): global environment stack underflow
[  694.613390][   T25] hid (null): global environment stack underflow
[  694.628238][   T25] hid (null): report_id 0 is invalid
[  694.653805][   T25] input: HID 0458:5013 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5013.0019/input/input76
[  694.796589][T12216] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  695.116576][ T5822] usb 6-1: USB disconnect, device number 24
[  695.224535][   T25] input: HID 0458:5013 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5013.0019/input/input77
[  695.458447][   T25] kye 0003:0458:5013.0019: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.4-1/input0
[  695.483483][   T25] usb 5-1: USB disconnect, device number 66
[  695.589182][   T29] audit: type=1400 audit(1738714350.156:1016): avc:  denied  { map } for  pid=12219 comm="syz.0.1683" path="/dev/vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  695.661507][   T29] audit: type=1400 audit(1738714350.156:1017): avc:  denied  { execute } for  pid=12219 comm="syz.0.1683" path="/dev/vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  697.518237][T12247] misc userio: Invalid payload size
[  697.582171][T12249] misc userio: No port type given on /dev/userio
[  697.607456][T12249] misc userio: The device must be registered before sending interrupts
[  697.735425][    T9] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  697.915281][T12253] FAULT_INJECTION: forcing a failure.
[  697.915281][T12253] name failslab, interval 1, probability 0, space 0, times 0
[  697.928114][T12253] CPU: 0 UID: 0 PID: 12253 Comm: syz.5.1688 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  697.928138][T12253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  697.928150][T12253] Call Trace:
[  697.928157][T12253]  <TASK>
[  697.928165][T12253]  dump_stack_lvl+0x16c/0x1f0
[  697.928191][T12253]  should_fail_ex+0x50a/0x650
[  697.928218][T12253]  ? fs_reclaim_acquire+0xae/0x150
[  697.928248][T12253]  ? tomoyo_realpath_from_path+0xb9/0x720
[  697.928275][T12253]  should_failslab+0xc2/0x120
[  697.928297][T12253]  __kmalloc_noprof+0xcb/0x510
[  697.928317][T12253]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  697.928349][T12253]  tomoyo_realpath_from_path+0xb9/0x720
[  697.928378][T12253]  ? tomoyo_path_number_perm+0x235/0x590
[  697.928404][T12253]  tomoyo_path_number_perm+0x248/0x590
[  697.928426][T12253]  ? tomoyo_path_number_perm+0x235/0x590
[  697.928451][T12253]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  697.928500][T12253]  ? __pfx_lock_release+0x10/0x10
[  697.928524][T12253]  ? trace_lock_acquire+0x14e/0x1f0
[  697.928549][T12253]  ? lock_acquire+0x2f/0xb0
[  697.928572][T12253]  ? __fget_files+0x40/0x3a0
[  697.928595][T12253]  ? __fget_files+0x206/0x3a0
[  697.928617][T12253]  security_file_ioctl+0x9b/0x240
[  697.928644][T12253]  __x64_sys_ioctl+0xb7/0x200
[  697.928673][T12253]  do_syscall_64+0xcd/0x250
[  697.928696][T12253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.928723][T12253] RIP: 0033:0x7f17bf38cda9
[  697.928738][T12253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  697.928757][T12253] RSP: 002b:00007f17c023c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  697.928775][T12253] RAX: ffffffffffffffda RBX: 00007f17bf5a6160 RCX: 00007f17bf38cda9
[  697.928788][T12253] RDX: 0000000020000000 RSI: 00000000000089a2 RDI: 0000000000000007
[  697.928800][T12253] RBP: 00007f17c023c090 R08: 0000000000000000 R09: 0000000000000000
[  697.928812][T12253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  697.928824][T12253] R13: 0000000000000000 R14: 00007f17bf5a6160 R15: 00007ffcdee45f58
[  697.928850][T12253]  </TASK>
[  697.928876][T12253] ERROR: Out of memory at tomoyo_realpath_from_path.
[  698.150185][T12253] bridge0: port 4(hsr_slave_1) entered blocking state
[  698.157459][T12253] bridge0: port 4(hsr_slave_1) entered disabled state
[  698.165296][T12253] hsr_slave_1: entered allmulticast mode
[  698.217048][T12253] hsr_slave_1: left allmulticast mode
[  698.255060][    T9] usb 5-1: config index 0 descriptor too short (expected 146, got 18)
[  698.366303][    T9] usb 5-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  698.398279][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  698.407195][    T9] usb 5-1: Product: syz
[  698.607840][T12254] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  698.612027][    T9] usb 5-1: Manufacturer: syz
[  698.623053][    T9] usb 5-1: SerialNumber: syz
[  698.645203][    T9] usb 5-1: config 0 descriptor??
[  698.936322][T12264] misc userio: Invalid payload size
[  699.022001][T12265] misc userio: No port type given on /dev/userio
[  699.123749][T12264] misc userio: The device must be registered before sending interrupts
[  699.243276][    T9] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  699.254778][    T9] asix 5-1:0.0: probe with driver asix failed with error -61
[  699.373744][ T1200] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  699.574402][ T1200] usb 4-1: Using ep0 maxpacket: 16
[  699.592982][ T1200] usb 4-1: config 0 interface 0 has no altsetting 0
[  699.678780][ T1200] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  699.798699][ T1200] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  699.836595][ T1200] usb 4-1: config 0 descriptor??
[  700.036919][T12274] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1698'.
[  700.067427][T12274] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1698'.
[  700.416333][ T1200] hid (null): unknown global tag 0x31
[  700.430975][ T1200] hid (null): unknown global tag 0xb7
[  700.436389][ T1200] hid (null): global environment stack underflow
[  700.452574][ T1200] hid (null): unknown global tag 0xc
[  700.463179][ T1200] hid (null): global environment stack underflow
[  700.475914][ T1200] hid (null): global environment stack underflow
[  700.488623][ T1200] hid (null): report_id 0 is invalid
[  701.093969][ T1200] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.001A/input/input78
[  701.415114][T12291] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  701.521617][ T1200] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.001A/input/input79
[  701.825054][ T1200] kye 0003:0458:5013.001A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.3-1/input0
[  702.645420][    T8] usb 5-1: USB disconnect, device number 67
[  702.664137][ T1200] usb 4-1: USB disconnect, device number 69
[  704.166860][T12325] loop9: detected capacity change from 0 to 7
[  704.205008][T12325] Dev loop9: unable to read RDB block 7
[  704.210728][T12325]  loop9: unable to read partition table
[  704.225177][ T5869] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  704.255575][T12325] loop9: partition table beyond EOD, truncated
[  704.286523][T12325] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  704.438610][ T5869] usb 1-1: Using ep0 maxpacket: 32
[  704.489783][ T5869] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  704.523796][ T5869] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  704.542292][ T5869] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  704.571823][ T5869] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.624075][ T5869] usb 1-1: config 0 descriptor??
[  704.635713][ T5869] hub 1-1:0.0: USB hub found
[  704.887152][T12338] fuseblk: Bad value for 'user_id'
[  704.892546][T12338] fuseblk: Bad value for 'user_id'
[  704.900243][ T5869] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  704.943650][T12338] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  705.389955][    T8] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  705.534858][ T5869] usbhid 1-1:0.0: can't add hid device: -71
[  705.541275][ T5869] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  705.578671][ T5869] usb 1-1: USB disconnect, device number 43
[  706.379511][T12351] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  706.448765][ T5869] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  706.544459][    T8] usb 6-1: Using ep0 maxpacket: 16
[  706.550965][    T8] usb 6-1: config 0 interface 0 has no altsetting 0
[  706.558188][    T8] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  706.567325][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  706.580729][    T8] usb 6-1: config 0 descriptor??
[  706.593539][T12356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  706.619362][ T5869] usb 4-1: Using ep0 maxpacket: 32
[  706.653085][ T5869] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  706.684882][T12355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  706.699023][ T5869] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  706.726274][T12355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  706.736145][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  706.764616][ T5869] usb 4-1: config 0 descriptor??
[  706.774491][T12356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  706.806859][ T5869] hub 4-1:0.0: bad descriptor, ignoring hub
[  707.058496][T12355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  707.068538][ T5869] hub 4-1:0.0: probe with driver hub failed with error -5
[  707.077247][ T5869] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  707.671444][    T8] hid (null): unknown global tag 0x31
[  707.681104][    T8] hid (null): unknown global tag 0xb7
[  707.686512][    T8] hid (null): global environment stack underflow
[  707.693375][    T8] hid (null): unknown global tag 0xc
[  707.698684][    T8] hid (null): global environment stack underflow
[  707.705211][    T8] hid (null): global environment stack underflow
[  707.833912][    T8] hid (null): report_id 0 is invalid
[  707.848581][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.001B/input/input80
[  707.870703][    T8] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.001B/input/input81
[  708.002666][    T8] kye 0003:0458:5013.001B: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.5-1/input0
[  708.023931][    T8] usb 6-1: USB disconnect, device number 25
[  708.148369][ T5869] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  708.310681][ T5869] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  708.326217][ T5869] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  708.336387][ T5869] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  708.349086][ T5869] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  708.388619][T12364] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  708.407146][ T5869] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  708.458346][   T25] usb 1-1: new low-speed USB device number 44 using dummy_hcd
[  708.697715][   T25] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  708.776205][   T25] usb 1-1: config 0 has no interface number 0
[  708.806531][   T25] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  708.914554][   T25] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  708.926360][   T25] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  708.938270][   T25] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  708.949493][   T25] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  708.960946][   T25] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  709.192188][T12378] loop9: detected capacity change from 0 to 7
[  709.370667][T12378] Dev loop9: unable to read RDB block 7
[  709.376532][   T25] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  709.376635][T12378]  loop9: unable to read partition table
[  709.390535][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  709.391629][T12378] loop9: partition table beyond EOD, truncated
[  709.406862][T12378] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  709.411095][   T25] usb 1-1: config 0 descriptor??
[  709.586102][T12369] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  709.602995][T12369] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  709.637191][   T25] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  709.677089][    T8] usb 4-1: USB disconnect, device number 70
[  710.098075][   T25] usb 1-1: USB disconnect, device number 44
[  710.121510][   T25] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  710.393366][T12389] atomic_op ffff88807cbbe198 conn xmit_atomic 0000000000000000
[  710.656670][T12382] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  711.248883][   T45] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  711.551235][   T45] usb 5-1: Using ep0 maxpacket: 16
[  711.552465][T12405] loop9: detected capacity change from 0 to 7
[  711.571305][T12405] Dev loop9: unable to read RDB block 7
[  711.590284][T12405]  loop9: unable to read partition table
[  711.654663][T12405] loop9: partition table beyond EOD, truncated
[  711.686641][T12405] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  711.816224][   T45] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  711.862050][   T45] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  711.925270][   T45] usb 5-1: New USB device found, idVendor=0c70, idProduct=f001, bcdDevice= 0.00
[  711.934377][   T45] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.945034][   T45] usb 5-1: config 0 descriptor??
[  711.969995][ T1200] usb 7-1: USB disconnect, device number 26
[  712.053233][T12412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  712.074183][T12407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  712.118182][T12407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  712.136207][T12416] misc userio: Invalid payload size
[  712.143676][T12416] misc userio: No port type given on /dev/userio
[  712.152532][T12416] misc userio: The device must be registered before sending interrupts
[  712.318222][   T25] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  712.343031][T12418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1737'.
[  712.561337][T12407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  712.603392][T12407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  712.616061][   T45] aquacomputer_d5next 0003:0C70:F001.001C: unknown main item tag 0x0
[  712.633059][   T45] aquacomputer_d5next 0003:0C70:F001.001C: unknown main item tag 0x0
[  712.659555][   T45] aquacomputer_d5next 0003:0C70:F001.001C: unknown main item tag 0x0
[  712.721988][   T45] aquacomputer_d5next 0003:0C70:F001.001C: unknown main item tag 0x0
[  712.735350][   T45] aquacomputer_d5next 0003:0C70:F001.001C: unknown main item tag 0x0
[  712.745424][   T25] usb 6-1: Using ep0 maxpacket: 16
[  712.752100][   T45] aquacomputer_d5next 0003:0C70:F001.001C: hidraw0: USB HID v0.00 Device [HID 0c70:f001] on usb-dummy_hcd.4-1/input0
[  712.767818][   T25] usb 6-1: config 0 interface 0 has no altsetting 0
[  712.774688][   T25] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  712.784297][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.808801][   T25] usb 6-1: config 0 descriptor??
[  712.880880][   T45] usb 5-1: USB disconnect, device number 68
[  713.030039][T12424] loop9: detected capacity change from 0 to 7
[  713.050033][T12424] Dev loop9: unable to read RDB block 7
[  713.058186][T12424]  loop9: unable to read partition table
[  713.064650][T12424] loop9: partition table beyond EOD, truncated
[  713.072575][T12424] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  713.404316][   T25] hid (null): unknown global tag 0x31
[  713.413221][   T25] hid (null): unknown global tag 0xb7
[  713.433776][   T25] hid (null): global environment stack underflow
[  714.114031][   T25] hid (null): unknown global tag 0xc
[  714.134628][   T25] hid (null): global environment stack underflow
[  714.227859][   T25] hid (null): global environment stack underflow
[  714.245440][   T25] hid (null): report_id 0 is invalid
[  714.271784][   T25] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.001D/input/input83
[  714.386444][T12436] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1740'.
[  714.400763][T12436] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1740'.
[  714.762363][   T25] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.001D/input/input84
[  714.867759][T12441] atomic_op ffff888049041198 conn xmit_atomic 0000000000000000
[  715.179230][   T25] kye 0003:0458:5013.001D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.5-1/input0
[  715.228883][   T25] usb 6-1: USB disconnect, device number 26
[  715.567863][T12452] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  718.240622][   T25] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  718.351864][T12461] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  718.365924][T12460] 9pnet_fd: Insufficient options for proto=fd
[  718.622169][T12462] netlink: 'syz.5.1743': attribute type 9 has an invalid length.
[  718.640913][T12462] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1743'.
[  718.783429][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  718.805691][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  718.828182][   T25] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  718.866253][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.104310][   T25] usb 6-1: config 0 descriptor??
[  719.398966][   T25] usbhid 6-1:0.0: can't add hid device: -71
[  719.430236][   T25] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  719.453571][   T25] usb 6-1: USB disconnect, device number 27
[  719.789992][T12471] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  720.392140][T12475] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  720.983461][ T9446] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  721.052722][T12486] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1756'.
[  721.062913][T12486] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1756'.
[  721.169803][ T7031] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  721.316180][ T9446] usb 1-1: Using ep0 maxpacket: 16
[  721.327425][T12481] loop9: detected capacity change from 0 to 7
[  721.403722][ T9446] usb 1-1: config 0 interface 0 has no altsetting 0
[  721.421402][ T9446] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  721.426331][ T7031] usb 5-1: Using ep0 maxpacket: 32
[  721.474314][T12481] Dev loop9: unable to read RDB block 7
[  721.490177][T12481]  loop9: unable to read partition table
[  721.513524][ T7031] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  721.522216][T12481] loop9: partition table beyond EOD, 
[  721.524540][ T9446] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.555308][ T7031] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  721.560160][T12481] truncated
[  721.610158][T12481] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  721.618231][ T7031] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  721.650372][ T9446] usb 1-1: config 0 descriptor??
[  721.681348][ T7031] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.763713][ T7031] usb 5-1: config 0 descriptor??
[  721.779578][ T7031] hub 5-1:0.0: USB hub found
[  722.180858][ T7031] hub 5-1:0.0: 1 port detected
[  722.183636][ T9446] hid (null): unknown global tag 0x31
[  722.377573][ T9446] hid (null): unknown global tag 0xb7
[  722.383027][ T9446] hid (null): global environment stack underflow
[  722.397505][ T9446] hid (null): unknown global tag 0xc
[  722.403676][ T9446] hid (null): global environment stack underflow
[  722.410227][ T9446] hid (null): global environment stack underflow
[  722.416716][ T9446] hid (null): report_id 0 is invalid
[  722.426740][ T9446] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.001E/input/input85
[  722.497188][ T9446] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.001E/input/input86
[  722.568323][ T9446] kye 0003:0458:5013.001E: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  722.586233][ T9446] usb 1-1: USB disconnect, device number 45
[  722.681986][T12499] FAULT_INJECTION: forcing a failure.
[  722.681986][T12499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.695277][T12499] CPU: 0 UID: 0 PID: 12499 Comm: syz.5.1759 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  722.695302][T12499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  722.695314][T12499] Call Trace:
[  722.695322][T12499]  <TASK>
[  722.695331][T12499]  dump_stack_lvl+0x16c/0x1f0
[  722.695357][T12499]  should_fail_ex+0x50a/0x650
[  722.695399][T12499]  _copy_to_user+0x32/0xd0
[  722.695420][T12499]  simple_read_from_buffer+0xd0/0x160
[  722.695448][T12499]  proc_fail_nth_read+0x198/0x270
[  722.695475][T12499]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  722.695504][T12499]  ? rw_verify_area+0xcf/0x680
[  722.695529][T12499]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  722.695555][T12499]  vfs_read+0x1df/0xbf0
[  722.695583][T12499]  ? __fget_files+0x1fc/0x3a0
[  722.695602][T12499]  ? __pfx___mutex_lock+0x10/0x10
[  722.695622][T12499]  ? __pfx_vfs_read+0x10/0x10
[  722.695655][T12499]  ? __fget_files+0x206/0x3a0
[  722.695680][T12499]  ksys_read+0x12b/0x250
[  722.695704][T12499]  ? __pfx_ksys_read+0x10/0x10
[  722.695738][T12499]  do_syscall_64+0xcd/0x250
[  722.695762][T12499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.695789][T12499] RIP: 0033:0x7f17bf38b7bc
[  722.695805][T12499] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  722.695823][T12499] RSP: 002b:00007f17c023c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  722.695840][T12499] RAX: ffffffffffffffda RBX: 00007f17bf5a6160 RCX: 00007f17bf38b7bc
[  722.695853][T12499] RDX: 000000000000000f RSI: 00007f17c023c0a0 RDI: 0000000000000005
[  722.695865][T12499] RBP: 00007f17c023c090 R08: 0000000000000000 R09: 0000000000000000
[  722.695877][T12499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  722.695888][T12499] R13: 0000000000000000 R14: 00007f17bf5a6160 R15: 00007ffcdee45f58
[  722.695913][T12499]  </TASK>
[  722.698551][   T45] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  722.895255][   T25] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  723.072614][   T25] usb 4-1: Using ep0 maxpacket: 16
[  723.078766][   T45] usb 7-1: Using ep0 maxpacket: 8
[  723.091224][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  723.113369][   T45] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  723.135027][   T45] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  723.153879][ T7031] hub 5-1:0.0: activate --> -90
[  723.154550][ T9446] usb 5-1: USB disconnect, device number 69
[  723.159408][   T25] usb 4-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  723.185867][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.195385][   T45] usb 7-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  723.205222][   T45] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.221858][   T25] usb 4-1: Product: syz
[  723.226069][   T25] usb 4-1: Manufacturer: syz
[  723.230755][   T45] usb 7-1: Product: syz
[  723.235408][   T45] usb 7-1: Manufacturer: syz
[  723.240025][   T45] usb 7-1: SerialNumber: syz
[  723.253889][   T25] usb 4-1: SerialNumber: syz
[  723.262312][   T25] usb 4-1: config 0 descriptor??
[  723.268669][   T45] usb 7-1: config 0 descriptor??
[  723.285819][   T25] mcba_usb 4-1:0.0: Can't find endpoints
[  723.294680][   T45] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  723.308074][   T45] imon 7-1:0.0: unable to initialize intf0, err -19
[  723.314790][   T45] imon:imon_probe: failed to initialize context!
[  723.321253][   T45] imon 7-1:0.0: unable to register, err -19
[  723.479007][T12506] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  723.944890][T12492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.960238][T12492] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  724.019796][   T29] audit: type=1400 audit(1738714376.749:1018): avc:  denied  { read } for  pid=12490 comm="syz.6.1757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  724.090134][T12493] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1015 sclass=netlink_route_socket pid=12493 comm=syz.3.1758
[  724.553702][T12513] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  724.674391][T12511] loop9: detected capacity change from 0 to 7
[  724.687270][T12511] Dev loop9: unable to read RDB block 7
[  724.694319][T12511]  loop9: unable to read partition table
[  724.701795][T12511] loop9: partition table beyond EOD, truncated
[  724.708507][T12511] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  726.330038][T12523] fuseblk: Bad value for 'fd'
[  726.355160][T12523] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  726.417706][ T1200] usb 4-1: USB disconnect, device number 71
[  726.653310][T12529] loop9: detected capacity change from 0 to 7
[  726.799725][T12529] Dev loop9: unable to read RDB block 7
[  726.807345][T12529]  loop9: unable to read partition table
[  726.818343][T12529] loop9: partition table beyond EOD, truncated
[  726.825138][T12529] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  727.098311][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  727.114241][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  728.263653][   T45] usb 7-1: USB disconnect, device number 27
[  729.399138][T12550] misc userio: Invalid payload size
[  729.411866][T12550] misc userio: No port type given on /dev/userio
[  729.443951][T12550] misc userio: The device must be registered before sending interrupts
[  729.830919][   T29] audit: type=1400 audit(1738714380.781:1019): avc:  denied  { accept } for  pid=12544 comm="syz.3.1772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  729.844018][T12555] atomic_op ffff88804a130198 conn xmit_atomic 0000000000000000
[  730.070335][   T29] audit: type=1400 audit(1738714380.856:1020): avc:  denied  { ioctl } for  pid=12544 comm="syz.3.1772" path="socket:[33707]" dev="sockfs" ino=33707 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  730.261212][T12561] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1775'.
[  730.397959][T12564] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1773'.
[  731.196406][   T29] audit: type=1326 audit(1738714380.865:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12544 comm="syz.3.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  731.229835][   T29] audit: type=1326 audit(1738714380.865:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12544 comm="syz.3.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  734.337208][T12586] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1782'.
[  734.348469][T12586] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1782'.
[  734.747603][T12581] fuseblk: Bad value for 'fd'
[  734.768256][T12581] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  735.994322][T12606] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  737.326024][T12615] misc userio: Invalid payload size
[  737.333664][T12615] misc userio: No port type given on /dev/userio
[  737.343180][T12615] misc userio: The device must be registered before sending interrupts
[  737.611666][T12621] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1791'.
[  738.670002][T12633] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  738.765656][T12632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  740.034176][T12632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  740.296130][T12632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  740.346180][T12632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.514953][T12663] fuseblk: Bad value for 'fd'
[  742.532347][T12663] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  742.869029][T12661] atomic_op ffff888082db5198 conn xmit_atomic 0000000000000000
[  743.438010][T12665] loop9: detected capacity change from 0 to 7
[  743.823821][T12665] Dev loop9: unable to read RDB block 7
[  743.837382][T12665]  loop9: unable to read partition table
[  743.848286][T12665] loop9: partition table beyond EOD, truncated
[  743.854530][T12665] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  744.111970][T12679] misc userio: Invalid payload size
[  744.143191][T12679] misc userio: No port type given on /dev/userio
[  744.468954][T12686] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  744.801562][T12689] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1806'.
[  746.474078][    T8] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  747.455204][T12721] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  747.942747][T12730] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  748.089053][   T45] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  748.103670][ T7345] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  748.260904][ T1200] usb 4-1: new low-speed USB device number 72 using dummy_hcd
[  748.419623][   T45] usb 7-1: Using ep0 maxpacket: 32
[  748.432712][T12733] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  748.457116][   T45] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  748.781693][ T7345] usb 5-1: config index 0 descriptor too short (expected 146, got 18)
[  748.781749][ T1200] usb 4-1: config 0 has an invalid interface number: 134 but max is 0
[  748.798571][ T1200] usb 4-1: config 0 has no interface number 0
[  748.806129][ T1200] usb 4-1: New USB device found, idVendor=04f2, idProduct=b6ba, bcdDevice=fd.15
[  748.816429][ T1200] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.824941][   T45] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  748.846551][   T45] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  748.864187][   T45] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.868480][ T1200] usb 4-1: config 0 descriptor??
[  748.872834][ T7345] usb 5-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  748.894221][   T45] usb 7-1: config 0 descriptor??
[  748.899399][ T7345] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.912009][   T45] hub 7-1:0.0: USB hub found
[  748.916828][ T7345] usb 5-1: Product: syz
[  748.931181][ T7345] usb 5-1: Manufacturer: syz
[  748.935880][    C1] sl0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 20400 ms
[  748.935963][    C1] sl0: transmit timed out, driver error?
[  748.954185][ T7345] usb 5-1: SerialNumber: syz
[  748.961003][ T7345] usb 5-1: config 0 descriptor??
[  749.203551][   T45] hub 7-1:0.0: 1 port detected
[  749.236565][ T1200] usb 4-1: USB disconnect, device number 72
[  749.883068][ T7345] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  749.886430][T12738] loop9: detected capacity change from 0 to 7
[  749.994721][ T7345] asix 5-1:0.0: probe with driver asix failed with error -61
[  750.007067][T12738] Dev loop9: unable to read RDB block 7
[  750.014911][T12738]  loop9: unable to read partition table
[  750.025645][T12738] loop9: partition table beyond EOD, truncated
[  750.032687][T12738] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  750.973837][ T7345] hub 7-1:0.0: activate --> -90
[  750.974255][    T8] usb 7-1: USB disconnect, device number 28
[  751.140529][T12750] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  751.147357][   T29] audit: type=1400 audit(1738714402.127:1023): avc:  denied  { setopt } for  pid=12751 comm="syz.0.1825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  751.434557][ T9446] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  751.458041][T12762] ieee802154 phy0 wpan0: encryption failed: -22
[  751.568503][   T29] audit: type=1400 audit(1738714402.520:1024): avc:  denied  { bind } for  pid=12767 comm="syz.3.1831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  751.589763][ T9446] usb 1-1: device descriptor read/64, error -71
[  751.851425][ T9446] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  751.962705][T12785] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  752.002059][ T9446] usb 1-1: device descriptor read/64, error -71
[  752.022882][   T29] audit: type=1326 audit(1738714402.941:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.024959][    T8] usb 5-1: USB disconnect, device number 70
[  752.060789][   T29] audit: type=1326 audit(1738714402.941:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.095368][   T29] audit: type=1326 audit(1738714402.969:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.129468][ T9446] usb usb1-port1: attempt power cycle
[  752.146661][   T29] audit: type=1326 audit(1738714402.969:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.190174][   T29] audit: type=1326 audit(1738714402.969:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.221141][   T29] audit: type=1326 audit(1738714402.969:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.260900][   T29] audit: type=1326 audit(1738714402.978:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.296976][   T29] audit: type=1326 audit(1738714402.978:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12786 comm="syz.3.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  752.492866][ T9446] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  752.530397][ T9446] usb 1-1: device descriptor read/8, error -71
[  752.557542][T12798] bridge0: port 1(bridge_slave_0) entered disabled state
[  752.633179][T12798] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  752.645418][T12798] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  752.703677][T12798] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  752.714879][T12798] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  752.724265][T12798] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  752.733380][T12798] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  752.792142][ T9446] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  752.827234][ T9446] usb 1-1: device descriptor read/8, error -71
[  752.956708][ T9446] usb usb1-port1: unable to enumerate USB device
[  753.003860][T12810] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1850'.
[  753.014682][T12810] openvswitch: netlink: Message has 8 unknown bytes.
[  754.728119][T12864] syz.6.1873 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  754.740537][   T45] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  754.972730][   T45] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.169317][   T45] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.203923][   T45] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  755.229967][   T45] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.268921][   T45] usb 5-1: config 0 descriptor??
[  755.938877][   T45] usb 5-1: language id specifier not provided by device, defaulting to English
[  756.843345][   T45] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.001F/input/input88
[  756.975354][   T45] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.001F/input/input89
[  756.998108][   T45] uclogic 0003:256C:006D.001F: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[  757.064481][   T45] usb 5-1: USB disconnect, device number 71
[  757.104227][   T29] kauditd_printk_skb: 299 callbacks suppressed
[  757.104242][   T29] audit: type=1404 audit(1738714407.702:1332): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  757.194507][   T29] audit: type=1404 audit(1738714407.777:1333): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  757.228691][   T29] audit: type=1400 audit(1738714407.777:1334): avc:  denied  { read write } for  pid=9156 comm="syz-executor" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  757.303661][   T29] audit: type=1400 audit(1738714407.777:1335): avc:  denied  { open } for  pid=9156 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  757.376496][   T29] audit: type=1400 audit(1738714407.777:1336): avc:  denied  { ioctl } for  pid=9156 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=653 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  757.437934][   T29] audit: type=1400 audit(1738714407.908:1337): avc:  denied  { read } for  pid=12884 comm="syz.6.1881" dev="nsfs" ino=4026533554 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  757.508635][   T29] audit: type=1400 audit(1738714407.908:1338): avc:  denied  { open } for  pid=12884 comm="syz.6.1881" path="net:[4026533554]" dev="nsfs" ino=4026533554 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  757.580724][   T29] audit: type=1400 audit(1738714407.908:1339): avc:  denied  { create } for  pid=12884 comm="syz.6.1881" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  757.633282][   T29] audit: type=1400 audit(1738714407.926:1340): avc:  denied  { bind } for  pid=12884 comm="syz.6.1881" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  757.690479][   T29] audit: type=1400 audit(1738714407.945:1341): avc:  denied  { create } for  pid=12886 comm="syz.5.1882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  760.270792][T12918] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12918 comm=syz.6.1891
[  760.340165][T12920] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1892'.
[  760.349308][T12920] netlink: 'syz.6.1892': attribute type 10 has an invalid length.
[  760.359872][T12920] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1892'.
[  761.043949][   T45] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  761.365956][   T45] usb 4-1: Using ep0 maxpacket: 32
[  761.545660][   T45] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  761.686319][   T45] usb 4-1: config 0 has no interfaces?
[  761.962463][T12944] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1902'.
[  762.243248][   T45] usb 4-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[  762.252385][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.261628][   T45] usb 4-1: Product: syz
[  762.268563][   T45] usb 4-1: Manufacturer: syz
[  762.273208][   T45] usb 4-1: SerialNumber: syz
[  762.289981][   T45] usb 4-1: config 0 descriptor??
[  762.572652][ T5822] usb 4-1: USB disconnect, device number 73
[  762.653265][   T29] kauditd_printk_skb: 68 callbacks suppressed
[  762.653281][   T29] audit: type=1400 audit(1738714412.893:1410): avc:  denied  { mounton } for  pid=12963 comm="syz.6.1910" path="/199/file0" dev="tmpfs" ino=1070 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  762.690510][T12964] fuse: Bad value for 'fd'
[  762.701555][   T29] audit: type=1326 audit(1738714412.931:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.732053][   T29] audit: type=1326 audit(1738714412.931:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.766007][   T29] audit: type=1326 audit(1738714412.931:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.796143][   T29] audit: type=1326 audit(1738714412.931:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.823285][   T29] audit: type=1326 audit(1738714412.931:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.848088][   T29] audit: type=1326 audit(1738714412.931:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.872523][   T29] audit: type=1326 audit(1738714412.931:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.942582][   T29] audit: type=1326 audit(1738714412.931:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  762.995781][   T29] audit: type=1326 audit(1738714412.931:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12963 comm="syz.6.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  764.013173][T12986] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1913'.
[  765.763879][T12995] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  765.926340][T12995] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  767.291027][T13025] 8021q: adding VLAN 0 to HW filter on device bond0
[  767.318309][T13025] 8021q: adding VLAN 0 to HW filter on device team0
[  767.373371][T13025] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  768.860990][   T29] kauditd_printk_skb: 80 callbacks suppressed
[  768.861007][   T29] audit: type=1400 audit(1738714418.702:1500): avc:  denied  { unmount } for  pid=13039 comm="syz.5.1934" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  768.953456][   T29] audit: type=1400 audit(1738714418.777:1501): avc:  denied  { create } for  pid=13045 comm="syz.6.1936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  768.999593][   T29] audit: type=1400 audit(1738714418.777:1502): avc:  denied  { setopt } for  pid=13045 comm="syz.6.1936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  769.359091][T13057] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1937'.
[  770.487333][   T29] audit: type=1400 audit(1738714419.712:1503): avc:  denied  { execute } for  pid=13053 comm="syz.3.1940" dev="tmpfs" ino=1399 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  770.573210][   T29] audit: type=1400 audit(1738714419.722:1504): avc:  denied  { execute_no_trans } for  pid=13053 comm="syz.3.1940" path=2F6D656D66643A5B0BDBD8AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1399 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  770.986164][T13077] macsec0: entered promiscuous mode
[  771.211833][   T29] audit: type=1400 audit(1738714420.891:1505): avc:  denied  { setopt } for  pid=13079 comm="syz.5.1949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  772.135600][   T29] audit: type=1326 audit(1738714421.602:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13074 comm="syz.6.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  772.135641][   T29] audit: type=1326 audit(1738714421.611:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13074 comm="syz.6.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  772.135674][   T29] audit: type=1326 audit(1738714421.686:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13074 comm="syz.6.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f542df8b710 code=0x7ffc0000
[  772.135707][   T29] audit: type=1326 audit(1738714421.695:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13074 comm="syz.6.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  775.369314][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  775.369331][   T29] audit: type=1400 audit(1738714424.782:1527): avc:  denied  { read } for  pid=13141 comm="syz.3.1970" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  775.481801][   T29] audit: type=1400 audit(1738714424.820:1528): avc:  denied  { open } for  pid=13141 comm="syz.3.1970" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  775.552096][   T29] audit: type=1400 audit(1738714424.838:1529): avc:  denied  { create } for  pid=13139 comm="syz.6.1969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  775.597157][   T29] audit: type=1400 audit(1738714424.838:1530): avc:  denied  { ioctl } for  pid=13141 comm="syz.3.1970" path="/dev/usbmon0" dev="devtmpfs" ino=716 ioctlcmd=0x4b72 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  776.701768][T13151] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  776.719612][   T29] audit: type=1400 audit(1738714426.026:1531): avc:  denied  { connect } for  pid=13139 comm="syz.6.1969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  777.018898][   T29] audit: type=1400 audit(1738714426.223:1532): avc:  denied  { create } for  pid=13143 comm="syz.5.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  777.077173][   T29] audit: type=1400 audit(1738714426.382:1533): avc:  denied  { create } for  pid=13153 comm="syz.0.1974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  777.104424][   T29] audit: type=1400 audit(1738714426.400:1534): avc:  denied  { write } for  pid=13153 comm="syz.0.1974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  777.233706][   T29] audit: type=1400 audit(1738714426.531:1535): avc:  denied  { write } for  pid=13156 comm="syz.6.1976" name="001" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  777.318248][    T8] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  777.500892][    T8] usb 4-1: Using ep0 maxpacket: 32
[  777.573251][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  777.591715][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  778.022146][ T7031] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  778.213940][    T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  778.223193][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.233062][    T8] usb 4-1: config 0 descriptor??
[  778.239931][    T8] hub 4-1:0.0: USB hub found
[  778.344900][ T7031] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  778.364045][ T7031] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  778.396394][ T7031] usb 5-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00
[  778.405482][ T7031] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.433449][ T7031] usb 5-1: config 0 descriptor??
[  778.458113][    T8] hub 4-1:0.0: 3 ports detected
[  778.936391][   T29] audit: type=1400 audit(1738714428.084:1536): avc:  denied  { mount } for  pid=13181 comm="syz.0.1982" name="/" dev="configfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  779.355009][    T8] usb 4-1: USB disconnect, device number 74
[  779.379317][ T7031] nintendo 0003:057E:2009.0020: unknown main item tag 0x7
[  779.395858][ T7031] nintendo 0003:057E:2009.0020: unknown main item tag 0x7
[  779.416253][ T7031] nintendo 0003:057E:2009.0020: hidraw0: USB HID v81.01 Device [HID 057e:2009] on usb-dummy_hcd.4-1/input0
[  779.548807][ T7031] nintendo 0003:057E:2009.0020: Failed to get joycon info; ret=-38
[  779.560556][ T7031] nintendo 0003:057E:2009.0020: Failed to retrieve controller info; ret=-38
[  779.997438][ T7031] nintendo 0003:057E:2009.0020: Failed to initialize controller; ret=-38
[  780.019166][ T7031] nintendo 0003:057E:2009.0020: probe - fail = -38
[  780.063992][ T7031] nintendo 0003:057E:2009.0020: probe with driver nintendo failed with error -38
[  780.106002][ T7031] usb 5-1: USB disconnect, device number 72
[  780.155954][T13195] binfmt_misc: register: failed to install interpreter file ./file0
[  780.401981][T13203] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1987'.
[  781.988527][   T45] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  782.652348][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  782.652363][   T29] audit: type=1400 audit(1738714431.601:1551): avc:  denied  { bind } for  pid=13222 comm="syz.4.1995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  782.655066][T13223] netlink: 'syz.4.1995': attribute type 2 has an invalid length.
[  782.690525][T13225] veth0_vlan: entered allmulticast mode
[  782.704477][   T45] usb 1-1: Using ep0 maxpacket: 16
[  782.740656][   T45] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  782.774470][   T45] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.804706][T13225] ÿÿÿÿÿÿ: renamed from vlan1
[  782.820432][   T45] usb 1-1: Product: syz
[  782.845561][   T45] usb 1-1: Manufacturer: syz
[  782.861152][   T45] usb 1-1: SerialNumber: syz
[  782.900169][   T45] r8152-cfgselector 1-1: Unknown version 0x0000
[  782.906478][   T45] r8152-cfgselector 1-1: config 0 descriptor??
[  783.675059][   T29] audit: type=1400 audit(1738714431.601:1552): avc:  denied  { setopt } for  pid=13222 comm="syz.4.1995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  783.703377][   T29] audit: type=1400 audit(1738714431.882:1553): avc:  denied  { ioctl } for  pid=13212 comm="syz.0.1992" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x550a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  783.703422][   T29] audit: type=1400 audit(1738714431.910:1554): avc:  denied  { execmem } for  pid=13229 comm="syz.4.1998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  783.703454][   T29] audit: type=1400 audit(1738714432.163:1555): avc:  denied  { prog_load } for  pid=13212 comm="syz.0.1992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  783.703488][   T29] audit: type=1400 audit(1738714432.163:1556): avc:  denied  { bpf } for  pid=13212 comm="syz.0.1992" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  783.703521][   T29] audit: type=1400 audit(1738714432.163:1557): avc:  denied  { perfmon } for  pid=13212 comm="syz.0.1992" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  783.703553][   T29] audit: type=1400 audit(1738714432.172:1558): avc:  denied  { prog_run } for  pid=13212 comm="syz.0.1992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  783.703585][   T29] audit: type=1400 audit(1738714432.256:1559): avc:  denied  { map_create } for  pid=13229 comm="syz.4.1998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  783.703623][   T29] audit: type=1400 audit(1738714432.265:1560): avc:  denied  { map_read map_write } for  pid=13229 comm="syz.4.1998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  783.926716][   T45] r8152-cfgselector 1-1: Unknown version 0x0000
[  783.933137][   T45] r8152-cfgselector 1-1: bad CDC descriptors
[  783.945368][   T45] r8152-cfgselector 1-1: USB disconnect, device number 50
[  785.030945][T13248] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2003'.
[  785.670032][T13255] xt_hashlimit: size too large, truncated to 1048576
[  788.724384][   T29] kauditd_printk_skb: 44 callbacks suppressed
[  788.724401][   T29] audit: type=1400 audit(1738714437.279:1605): avc:  denied  { write } for  pid=13290 comm="syz.3.2017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  788.927156][   T29] audit: type=1400 audit(1738714437.307:1606): avc:  denied  { read } for  pid=13290 comm="syz.3.2017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  788.948191][   T29] audit: type=1400 audit(1738714437.307:1607): avc:  denied  { create } for  pid=13290 comm="syz.3.2017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  789.595179][T13284] xt_CT: No such helper "pptp"
[  789.605131][   T29] audit: type=1400 audit(1738714438.084:1608): avc:  denied  { mount } for  pid=13290 comm="syz.3.2017" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  791.173635][   T29] audit: type=1400 audit(1738714438.692:1609): avc:  denied  { map } for  pid=13297 comm="syz.3.2018" path="socket:[38047]" dev="sockfs" ino=38047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  791.329219][   T29] audit: type=1326 audit(1738714438.701:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13297 comm="syz.3.2018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  791.358591][   T29] audit: type=1326 audit(1738714438.701:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13297 comm="syz.3.2018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  791.455909][   T29] audit: type=1326 audit(1738714438.701:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13297 comm="syz.3.2018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  791.484730][   T29] audit: type=1326 audit(1738714438.701:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13297 comm="syz.3.2018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  791.509449][   T29] audit: type=1326 audit(1738714438.701:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13297 comm="syz.3.2018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febdc98cda9 code=0x7ffc0000
[  792.745184][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  792.752586][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  794.873536][T13324] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2028'.
[  794.902688][T13338] tipc: Started in network mode
[  794.907776][T13338] tipc: Node identity ac14140f, cluster identity 4711
[  794.918471][T13338] tipc: New replicast peer: 255.255.255.0
[  794.945976][T13338] tipc: Enabled bearer <udp:s>, priority 10
[  795.117059][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  795.117076][   T29] audit: type=1326 audit(1738714443.228:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13344 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  795.243085][   T29] audit: type=1326 audit(1738714443.228:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13344 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  795.289292][   T29] audit: type=1326 audit(1738714443.228:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13344 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  795.424233][   T29] audit: type=1326 audit(1738714443.228:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13344 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  795.454931][   T29] audit: type=1326 audit(1738714443.228:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13344 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  795.495501][   T29] audit: type=1326 audit(1738714443.228:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13344 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542df8cda9 code=0x7ffc0000
[  795.554828][ T7031] usb 4-1: new full-speed USB device number 75 using dummy_hcd
[  795.757653][ T7031] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 10
[  795.892227][ T7031] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  796.193878][   T45] tipc: Node number set to 2886997007
[  796.301748][ T7031] usb 4-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  796.315738][ T7031] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  796.335458][ T7031] usb 4-1: Product: syz
[  796.339768][ T7031] usb 4-1: Manufacturer: syz
[  796.344498][ T7031] usb 4-1: SerialNumber: syz
[  796.452580][   T29] audit: type=1400 audit(1738714444.444:1647): avc:  denied  { unmount } for  pid=5816 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  796.560830][ T7031] usb 4-1: config 0 descriptor??
[  796.576358][ T7031] hub 4-1:0.0: bad descriptor, ignoring hub
[  796.591574][ T7031] hub 4-1:0.0: probe with driver hub failed with error -5
[  796.601237][ T7031] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  797.239386][ T7031] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -12
[  797.305154][ T7031] usb 4-1: USB disconnect, device number 75
[  797.378295][   T29] audit: type=1400 audit(1738714445.370:1648): avc:  denied  { write } for  pid=13369 comm="syz.0.2047" name="unix" dev="proc" ino=4026533181 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  797.547181][   T29] audit: type=1400 audit(1738714445.520:1649): avc:  denied  { create } for  pid=13353 comm="syz.5.2041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  797.625057][   T29] audit: type=1400 audit(1738714445.520:1650): avc:  denied  { write } for  pid=13353 comm="syz.5.2041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  798.566209][T13389] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  800.102358][T10533] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  800.115050][T10533] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  800.124247][T10533] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  800.136135][T10533] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  800.143920][T10533] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  800.152890][T10533] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  800.260906][T13405] netlink: 'syz.3.2060': attribute type 2 has an invalid length.
[  800.444618][   T52] bridge_slave_1: left promiscuous mode
[  800.487823][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.113390][   T52] bridge_slave_0: left allmulticast mode
[  801.380341][   T52] bridge_slave_0: left promiscuous mode
[  801.387464][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  803.264645][T10533] Bluetooth: hci0: command tx timeout
[  803.843577][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  803.843616][   T29] audit: type=1400 audit(1738714451.385:1663): avc:  denied  { create } for  pid=13421 comm="syz.6.2065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  804.211889][   T29] audit: type=1400 audit(1738714451.413:1664): avc:  denied  { connect } for  pid=13421 comm="syz.6.2065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  805.473766][T10533] Bluetooth: hci0: command tx timeout
[  805.656423][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  805.671818][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  805.683323][   T52] bond0 (unregistering): Released all slaves
[  806.070355][   T52] hsr_slave_0: left promiscuous mode
[  806.080948][   T52] hsr_slave_1: left promiscuous mode
[  806.088003][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  806.102205][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  806.722266][   T52] team0 (unregistering): Port device team_slave_1 removed
[  806.792722][   T52] team0 (unregistering): Port device team_slave_0 removed
[  807.369656][T13405] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  807.379724][T13405] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  807.480761][T13401] chnl_net:caif_netlink_parms(): no params data found
[  807.531122][   T29] audit: type=1400 audit(1738714454.865:1665): avc:  denied  { name_bind } for  pid=13440 comm="syz.6.2068" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  807.557962][   T29] audit: type=1400 audit(1738714454.865:1666): avc:  denied  { node_bind } for  pid=13440 comm="syz.6.2068" saddr=255.255.255.255 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  807.688510][T10533] Bluetooth: hci0: command tx timeout
[  807.780594][   T29] audit: type=1326 audit(1738714455.099:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13446 comm="syz.5.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  808.064183][   T29] audit: type=1326 audit(1738714455.099:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13446 comm="syz.5.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  808.352329][   T29] audit: type=1326 audit(1738714455.099:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13446 comm="syz.5.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  808.378136][T13401] bridge0: port 1(bridge_slave_0) entered blocking state
[  808.386863][   T29] audit: type=1326 audit(1738714455.099:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13446 comm="syz.5.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  808.394616][T13401] bridge0: port 1(bridge_slave_0) entered disabled state
[  808.673395][   T29] audit: type=1326 audit(1738714455.099:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13446 comm="syz.5.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  808.697918][T13401] bridge_slave_0: entered allmulticast mode
[  808.711150][T13401] bridge_slave_0: entered promiscuous mode
[  808.728886][   T29] audit: type=1326 audit(1738714455.099:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13446 comm="syz.5.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17bf38cda9 code=0x7ffc0000
[  808.757223][T13401] bridge0: port 2(bridge_slave_1) entered blocking state
[  808.893513][T13401] bridge0: port 2(bridge_slave_1) entered disabled state
[  808.994620][T13401] bridge_slave_1: entered allmulticast mode
[  809.191935][T13401] bridge_slave_1: entered promiscuous mode
[  809.198564][   T29] audit: type=1400 audit(1738714455.819:1673): avc:  denied  { write } for  pid=13456 comm="syz.6.2073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  809.271638][   T29] audit: type=1400 audit(1738714455.819:1674): avc:  denied  { nlmsg_write } for  pid=13456 comm="syz.6.2073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  810.288315][T10533] Bluetooth: hci0: command tx timeout
[  810.300419][T13401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  810.312928][T13401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  810.394610][   T29] audit: type=1400 audit(1738714457.484:1675): avc:  denied  { sys_module } for  pid=13461 comm="syz.3.2075" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  810.418619][T13464] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2074'.
[  810.521129][T13401] team0: Port device team_slave_0 added
[  810.535642][T13401] team0: Port device team_slave_1 added
[  810.635109][T13401] batman_adv: batadv0: Adding interface: batadv_slave_0
[  810.705009][T13401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.713974][ T5822] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  810.911222][T13401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  811.020174][ T5822] usb 1-1: unable to get BOS descriptor or descriptor too short
[  811.053107][ T5822] usb 1-1: config 4 has an invalid interface number: 114 but max is 0
[  811.077522][ T5822] usb 1-1: config 4 has no interface number 0
[  811.141187][ T5822] usb 1-1: config 4 interface 114 altsetting 6 endpoint 0xE has an invalid bInterval 0, changing to 7
[  811.181497][ T5822] usb 1-1: config 4 interface 114 has no altsetting 0
[  811.228228][ T5822] usb 1-1: New USB device found, idVendor=6189, idProduct=2068, bcdDevice=5a.c9
[  811.266399][ T5822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.312248][ T5822] usb 1-1: Product: syz
[  811.336605][ T5822] usb 1-1: Manufacturer: syz
[  811.359217][ T5822] usb 1-1: SerialNumber: syz
[  811.468426][T13401] batman_adv: batadv0: Adding interface: batadv_slave_1
[  811.475702][T13401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.507141][T13401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  811.637803][T13486] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  811.639613][   T29] audit: type=1400 audit(1738714458.709:1676): avc:  denied  { create } for  pid=13485 comm="syz.6.2081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  811.650596][T13486] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]
[  811.650614][T13486] CPU: 0 UID: 0 PID: 13486 Comm: syz.6.2081 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  811.650635][T13486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  811.650647][T13486] RIP: 0010:__lock_acquire+0xe4/0x3c40
[  811.650682][T13486] Code: 08 84 d2 0f 85 15 14 00 00 44 8b 0d fa fe cb 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 a7 82 93 0f 84
[  811.650702][T13486] RSP: 0018:ffffc900047cf988 EFLAGS: 00010006
[  811.650718][T13486] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  811.650730][T13486] RDX: 0000000000000003 RSI: 1ffff920008f9f43 RDI: 0000000000000018
[  811.650743][T13486] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  811.650755][T13486] R10: ffffffff90622817 R11: 0000000000000006 R12: 0000000000000018
[  811.650766][T13486] R13: ffff88802bf78000 R14: 0000000000000000 R15: 0000000000000000
[  811.650779][T13486] FS:  00007f542eec46c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  811.650799][T13486] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  811.650813][T13486] CR2: 000000110c314f23 CR3: 000000004dfca000 CR4: 00000000003526f0
[  811.650823][T13486] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  811.650833][T13486] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  811.671559][   T29] audit: type=1400 audit(1738714458.709:1677): avc:  denied  { bind } for  pid=13485 comm="syz.6.2081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  811.679471][T13486] Call Trace:
[  811.679481][T13486]  <TASK>
[  811.679490][T13486]  ? die_addr+0x3b/0xa0
[  811.679521][T13486]  ? exc_general_protection+0x155/0x230
[  811.679549][T13486]  ? asm_exc_general_protection+0x26/0x30
[  811.679579][T13486]  ? __lock_acquire+0xe4/0x3c40
[  811.679607][T13486]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  811.679637][T13486]  ? find_held_lock+0x2d/0x110
[  811.679658][T13486]  ? __pfx_mark_lock+0x10/0x10
[  811.679681][T13486]  ? __queue_work+0x431/0x1080
[  811.679705][T13486]  ? __pfx_lock_release+0x10/0x10
[  811.679730][T13486]  ? __pfx___lock_acquire+0x10/0x10
[  811.679756][T13486]  lock_acquire.part.0+0x11b/0x380
[  811.690729][   T29] audit: type=1400 audit(1738714458.709:1678): avc:  denied  { listen } for  pid=13485 comm="syz.6.2081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  811.700509][T13486]  ? add_wait_queue+0x45/0x230
[  811.700536][T13486]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  811.706043][   T29] audit: type=1400 audit(1738714458.709:1679): avc:  denied  { connect } for  pid=13485 comm="syz.6.2081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  811.725806][T13486]  ? rcu_is_watching+0x12/0xc0
[  811.725829][T13486]  ? trace_lock_acquire+0x14e/0x1f0
[  811.725848][T13486]  ? queue_work_on+0x9d/0x140
[  811.725872][T13486]  ? add_wait_queue+0x45/0x230
[  811.725891][T13486]  ? lock_acquire+0x2f/0xb0
[  811.725915][T13486]  ? add_wait_queue+0x45/0x230
[  811.725936][T13486]  _raw_spin_lock_irqsave+0x3a/0x60
[  811.725962][T13486]  ? add_wait_queue+0x45/0x230
[  811.725980][T13486]  add_wait_queue+0x45/0x230
[  811.726001][T13486]  virtio_transport_release+0x644/0xa40
[  811.726028][T13486]  ? find_held_lock+0x2d/0x110
[  811.726049][T13486]  ? __pfx_virtio_transport_release+0x10/0x10
[  811.726073][T13486]  ? __pfx_lock_release+0x10/0x10
[  811.726097][T13486]  ? __pfx_woken_wake_function+0x10/0x10
[  811.726127][T13486]  ? mark_held_locks+0x9f/0xe0
[  811.726148][T13486]  ? __local_bh_enable_ip+0xa4/0x120
[  811.726177][T13486]  __vsock_release+0x109/0x580
[  812.030372][T13486]  ? __pfx_down_write+0x10/0x10
[  812.035314][T13486]  vsock_release+0x99/0x130
[  812.039909][T13486]  __sock_release+0xb0/0x270
[  812.044511][T13486]  ? __pfx_sock_close+0x10/0x10
[  812.049366][T13486]  sock_close+0x1c/0x30
[  812.053523][T13486]  __fput+0x3ff/0xb70
[  812.057510][T13486]  ? _raw_spin_unlock_irq+0x23/0x50
[  812.062718][T13486]  task_work_run+0x14e/0x250
[  812.067309][T13486]  ? __pfx_task_work_run+0x10/0x10
[  812.072421][T13486]  ? __pfx___do_sys_close_range+0x10/0x10
[  812.078131][T13486]  syscall_exit_to_user_mode+0x27b/0x2a0
[  812.084049][T13486]  do_syscall_64+0xda/0x250
[  812.088591][T13486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.094496][T13486] RIP: 0033:0x7f542df8cda9
[  812.098907][T13486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  812.118597][T13486] RSP: 002b:00007f542eec4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  812.127001][T13486] RAX: 0000000000000000 RBX: 00007f542e1a5fa0 RCX: 00007f542df8cda9
[  812.134965][T13486] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000004
[  812.142930][T13486] RBP: 00007f542e00e2a0 R08: 0000000000000000 R09: 0000000000000000
[  812.150890][T13486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  812.158847][T13486] R13: 0000000000000000 R14: 00007f542e1a5fa0 R15: 00007ffe6ddc9198
[  812.166815][T13486]  </TASK>
[  812.169820][T13486] Modules linked in:
[  812.173715][T13486] ---[ end trace 0000000000000000 ]---
[  812.179247][T13486] RIP: 0010:__lock_acquire+0xe4/0x3c40
[  812.184702][T13486] Code: 08 84 d2 0f 85 15 14 00 00 44 8b 0d fa fe cb 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 a7 82 93 0f 84
[  812.204310][T13486] RSP: 0018:ffffc900047cf988 EFLAGS: 00010006
[  812.210806][T13486] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  812.218763][T13486] RDX: 0000000000000003 RSI: 1ffff920008f9f43 RDI: 0000000000000018
[  812.226732][T13486] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  812.234717][T13486] R10: ffffffff90622817 R11: 0000000000000006 R12: 0000000000000018
[  812.243632][T13486] R13: ffff88802bf78000 R14: 0000000000000000 R15: 0000000000000000
[  812.251590][T13486] FS:  00007f542eec46c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  812.260527][T13486] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  812.267108][T13486] CR2: 000000110c314f23 CR3: 000000004dfca000 CR4: 00000000003526f0
[  812.275070][T13486] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  812.283029][T13486] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  812.290999][T13486] Kernel panic - not syncing: Fatal exception
[  812.297281][T13486] Kernel Offset: disabled
[  812.301602][T13486] Rebooting in 86400 seconds..