last executing test programs:

1m31.336376113s ago: executing program 1 (id=1042):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
r4 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'team_slave_1\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x5c, r2, 0x1, 0x70bd28, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400}, 0x0)

1m31.193652494s ago: executing program 1 (id=1046):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, &(0x7f0000000180))
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x141000, &(0x7f00000006c0)=ANY=[])
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
dup(0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='rseq_update\x00', r2}, 0x18)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x40)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, 0x0, 0x28800)
rseq(&(0x7f0000000000)={0x0, 0x0, 0x0, 0xf}, 0x20, 0x20000000, 0x0)

1m31.025389334s ago: executing program 1 (id=1051):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000200)="ea00a0ffffa600c4c3ad0e76be51f3e1642e0f01c5c4c15211d4b9ae0b0000b8a75c9aa6baa0d6b23d0f300f01cf83cc00b9800000c00f3235000800000f30b9800000c00f3235000100000f30", 0x4d}], 0x1, 0x17, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@arm64={0x2, 0x8, 0x8, '\x00', 0x6})
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x9132, 0xffffffffffffffff, 0x9aa9b000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m30.81437859s ago: executing program 1 (id=1057):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
flistxattr(r0, 0x0, 0x0)

1m30.70541554s ago: executing program 1 (id=1059):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id'])
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

1m30.573386189s ago: executing program 1 (id=1064):
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x4, 0x6, "52a7d4", 0x0, 0x2c, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local}}}}, 0x0)

1m15.494440125s ago: executing program 32 (id=1064):
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x4, 0x6, "52a7d4", 0x0, 0x2c, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local}}}}, 0x0)

1m0.100261515s ago: executing program 5 (id=1324):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1ff, 0x9, 0x2dd0, 0x3, 0x7fffffff, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

48.671705751s ago: executing program 5 (id=1324):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1ff, 0x9, 0x2dd0, 0x3, 0x7fffffff, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

38.396659812s ago: executing program 5 (id=1324):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1ff, 0x9, 0x2dd0, 0x3, 0x7fffffff, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

27.557331816s ago: executing program 5 (id=1324):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1ff, 0x9, 0x2dd0, 0x3, 0x7fffffff, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

17.657833995s ago: executing program 5 (id=1324):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1ff, 0x9, 0x2dd0, 0x3, 0x7fffffff, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

6.63814131s ago: executing program 2 (id=1709):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x800000000000127, 0x6eddc12169eab0de)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r4 = syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000000)={0x25, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
landlock_create_ruleset(&(0x7f0000000080)={0x12}, 0x18, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r6, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$unix(r6, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000940))
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x8)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000001fc0)=""/184, 0xb8)

6.18149682s ago: executing program 5 (id=1324):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1ff, 0x9, 0x2dd0, 0x3, 0x7fffffff, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

5.145797656s ago: executing program 2 (id=1715):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000780)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000001e40)={&(0x7f0000000040)={0x1c, r1, 0xb094f4ca39c97ca1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40)

5.03038739s ago: executing program 2 (id=1719):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x800000000000127, 0x6eddc12169eab0de)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000000)={0x25, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_create_ruleset(&(0x7f0000000080)={0x12}, 0x18, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$unix(r5, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x8)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000001fc0)=""/184, 0xb8)

3.515808661s ago: executing program 2 (id=1725):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

3.331901319s ago: executing program 2 (id=1727):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = syz_usb_connect(0x2, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000544fb2f00090582"], 0x0)
syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000140)=[0x859, 0x5])
ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000080)=[0x2000002e, 0x7])
ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000100)=[0xfffffffe])

2.956852002s ago: executing program 3 (id=1732):
syz_usb_connect(0x0, 0x24, &(0x7f0000001400)={{0x12, 0x1, 0x0, 0x23, 0xbf, 0xdd, 0x10, 0x497, 0xc001, 0x273, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x58, 0x19, 0x30}}]}}]}}, 0x0)

2.578813584s ago: executing program 4 (id=1734):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000240)="957bc3871f54da01138019ebbb3587e39b0af28eea1dc1c5b6b0f27c1111d0f8b71e196a9bb19b466172df083b602f37901653c0b41e9ea3218f6680923cb44fcde97805fe3eaf057d955a0de7c0d566c5549dfde8c0703c0f633cd8c5f98fc10f484ec2ab2611e94e", 0x69}, {&(0x7f0000000380)="eed4fbdbc377aaa1f97890499828239f7ce11e4611999338e6da1d1d2deca77c81b916aaaa389580ca6ed38e8d0330bc2f0cce161f489d863da5d3adc46e5c8160ccc889403f20dae567d9969efc4355fd27ba3d6e13f78bf9e57c4e3b723dd7b8540917d4c38bd6d37c70c43032fb1cae37de9f57c3bf053fa22d788b5629b444cd80b5c5257223c6d71b597d9c77a96733b2c18bf7adbe30f66959119bbed4e063dbbad4", 0xa5}, {&(0x7f0000000440)="b9c8ea7741e24130b11e66fa8118a2cda01b3f0acd758075e1c9d7949dcabe424ea007a38ff2c228d330852a68f81c6d7ce898bd7e628ae1242068c2e81985e9ee753e1d02319449f6c878bb5726dbc4eda9097bc6315fec72ff234fb9f26512af7b647069e3415c0338618c7adb1ac5b2f77a9effa9b33193a6da989be1900ce5158f956fcb9510d3850911ba7792fbc8ceaff1c9d7ceba", 0x98}, {&(0x7f0000000140)="6b7a240a296a37fa753082010bbab360f5b4702580e51f24741ca0e156030aea99d1b437951913173b3187878dc29f77c7a9ec2bf03cada5b063cb819d7f8bf1dd40a6db89c1a2955a4cdde24c64c76d6020de2dd053d020203535947f6cf8", 0x5f}, {0x0}, {&(0x7f0000000300)="d4eb0cb9b5afe8a92397", 0xa}], 0x6, &(0x7f00000005c0)=[@tclass={{0x14, 0x29, 0x43, 0x2}}], 0x18}}], 0x1, 0x40004)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000004851000000600000018000000", @ANYRES32, @ANYBLOB="0000000000000004180000000000001000000000000200009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100200000ffffb702000008000000b50a00000000000085000000b400000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.36580873s ago: executing program 4 (id=1736):
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000100)=0x200000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r2, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
io_uring_enter(r2, 0x764c, 0x890b, 0x12, &(0x7f0000000200)={[0x1]}, 0x8)
socketpair(0x3, 0xa, 0x0, &(0x7f00000001c0))
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x7, &(0x7f0000000040)=[{0xfff9, 0x4, 0xf9, 0x2}, {0x70, 0xf, 0xff, 0x6ddf4b4}, {0x5, 0x4c, 0xb, 0x3}, {0x81, 0xf3, 0x1b}, {0x3, 0x8, 0x82, 0x9}, {0x5, 0x1, 0x6, 0x10001}, {0x3, 0x8, 0x7, 0x6}]})
bind$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbff}, 0xc)
bind$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc, 0x10000000}, 0xc)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbff}, 0xc)
getsockopt$CAN_RAW_FD_FRAMES(r3, 0x65, 0x5, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000019180), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00'})
r4 = socket$inet(0x2, 0x80007, 0x5)
socket(0x40000000015, 0x5, 0x0)
r5 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x2, 0x3}, &(0x7f0000002000)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000190c0)=ANY=[@ANYBLOB="010000ed0200ed05000000000000a2b8a5c65aadde15b3814de48d75ce642311490610e7cd16ae6135e98eb391ecb73db04776ff0878908eae76c8ac6e5c", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7, r8, 0xc00}, 0x38)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r5, 0x48e9, 0x4c17, 0x4, 0x0, 0x3d)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000))

2.116918361s ago: executing program 4 (id=1737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000730000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xf, 0x200cc, 0x6, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)='T', &(0x7f0000000240), 0x4af, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, &(0x7f0000000540)=""/245, &(0x7f00000000c0), &(0x7f0000000680), 0x2, r4}, 0x38)
mount$overlay(0x0, 0x0, &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1.18279101s ago: executing program 4 (id=1738):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfb}}, 0x10}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420fa62d", 0x11}], 0x1, 0x0, 0x5e}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}, 0x1c)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x4000000)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000000)=0x1, 0x1ff, 0x3)
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x3, 0xfffefffd}, 0x0, {0x0, 0x2}, 0x0, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000040)={0x36, 0x7, 0x4, 0x9, 0x1, 0x80})
tkill(r0, 0x7)
r2 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
process_vm_writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/248, 0xf8}], 0x1, &(0x7f0000000480)=[{&(0x7f00000021c0)=""/4096, 0x1000}], 0x1, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@updpolicy={0xb4, 0x19, 0x1, 0xffffffff, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x5}, 0x1c)

1.163018792s ago: executing program 0 (id=1739):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x49, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

1.020951322s ago: executing program 0 (id=1740):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, &(0x7f0000000600)=ANY=[@ANYBLOB="18080000d0ff0000000000000000", @ANYRESOCT=0x0, @ANYBLOB="0000000000000004180000000000001000000000000200009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010d57b90b013f4159400", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008004040"], 0x3c}, 0x1, 0x0, 0x0, 0x20040}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="180300"/14, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00f'], 0x0}, 0x94)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002780)=@newqdisc={0x48, 0x14, 0xf0b, 0x4, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4}, {0xb, 0x1}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xfc, 0x200, 0x80000a, 0x0, 0x1, 0xc0000000}}, {0x4}}]}]}, 0x48}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.019855291s ago: executing program 3 (id=1741):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file0\x00', 0x109281, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002280)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x110002, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000007080)="f5201a6b6542be6cbad26e239346ffe3dbc7125e4eb0daba2e9ba73337e45b1a2c2828afbe1d99c856f2d7c9b91364a83e3c477d5e9569cf8787de2fd830003be5c3bbb4a246c4e13764c6e255ef511c263c70adb80380cc2b3247fb61ebddd2b945820fc646375953f1322be813b875bf64256ac7a8debe881f8352dc9fd70b9473bf07932110a5d1a94144b2ab0b4cd92458041eef085b29b5c115df0d7db2bea67006c66b64015fc980343e5ff451373afc63f2ae21d63cddeb3b0c53bbb4e0e31663f5b1b53de22517869df6114ac9047ee98a692b4f0e3e7cfc4e42368f217cc705f2bc5d10454ab30eda651c6ee29f0cc5a6ca7b384949955785844742121b5734a8cf3f3fe1d3e5c2085da26a028ba6c84d5cbce6afbe13cbb179d4c251e1d2d68e8c7d9c34eee698ceeb6e40aed55c62c45d8c7fcb2cfe95ce261238ca5c4458647ed7a001788e991e3d2ecfc77bedec164efda9e4a5d5f03043628fd8b5f906371c52e7de2e760b820dce5c3629610a48a036cd54f23ec3ef274f8da724f45c482505864c87359d4411cad79d7434c9a9d79323410b671880a344b933a47d735abd0e63308cf7f6e15790a50ccbcce072526952c763775066125af0fcde57ba3c514301aef17391c76adfc2419829a88e0d91b947d278cd03d94ce98ec639a6163eaa9755b1813685080ce588251fbd4240a7f65cdc1074503b0fe49b24996e52c6899ac90014d9a58566e841bcac357ed59f7e7274b6e94f7a526a5b420c5d6ababab7e7f8ba6ef6f3455a5aed80f4aaadb58fb38f725d524b4fd63238dc7936d62e81ef46bb7346d7f55c4fdbe7606b1053f6faf6d80612311823efe1e6522fd5bbb77c52c868362f263e56ea1447b612d681828561adefdd28fb855fd81f27e2698cc02bbcf7d653cf8dc9eea252f2b1f48c0d2ab70ece454daf9b5829d7106eb8ca8807eebd07d1bf6af6a4523577db893995778759e1be294aea8edb9226a9acbd44f98f60641f87195521491e621b10cc2032434f319e76743601a0bcc99fb3636389172a790e25260de7cb58961f9ad44d16c7604402bbca8cf82be528a64107c0dd114fd3458c0f1e97888c1c739dc678b43b202c603946cb5720a1e7331282a48afb12b461c41b6fd92b97c6960ac9f664f509b02c8267d722f372b007befada669d4cc36fb931763ffd8744b10e78cb849d40f88d190778a70f902faa4f34cae0b9e163b59b1bae96a933afecbc6a768f1d7ae20bf2771f28c1a3d333ae0b6f691d2f985e1ed6d0e1c29d7db36234b9bec18a1ee98b9ae90e4706d1c952f6059cc4d64bfc14152a88443f260d179c705df71e006a60981fefaa8a51c9c368680b830967b01b60734b9924335d7700b083bd7e87b3ad2f3d497e914368a15c5456d08861fb7513e96acb49935dc3f46fcaa297cdbdc759cb8a5a2515a482ca60440da8b7d5a8c79659d99e3892f9086b372d78622d3689267652c4dd60754cb8eb45028b0c237adff5ffaeaf78ed5a541c57feeb014a53e2a98042d5712d5f7a779b7a12bc120b8cf6df35b258fe1ad7ebdbee88d25355560fad504dce4bd878df5e43c55e765ac324dd8d65ce29c2a93f9e085bb51ff75dbbf314ed6aa3a36330fd146d28654c659f1c6c5089c3619be1c7707be835500fb15bf873ab35517b743207621346db75d16fb21624c04ceddda2d607642004f611db7414e1c593ef38c62e4d27a8b7833436609c284a46edc9b973e790aba0bf4c6bc0069ce9372c6c7b93d15740771ddf9c704338f4af870c649ecdaeab106b1242dbb74c284bfb5d87aa688d27befe1dc0d1019fde1842e89eee67e11f925672ebff47e4503e02fa989297e9461d540000b5e0ed2d957efc3b77a10181597c7fb2c94e62db50e46c46d10c1127573bae01166170467b7641d7e07dcd879f04b8dc08dcf460bef8e83aae33151a72eddf9ccac4eb95c48cb4008ba3fea542b2e3c6c4c07850cd4ca551536a20d18ed18852baaaf7339908583aae41f08f3c6f5811cd730e849dc8382e8bdf3519ab900d38a0a9822400d619b52a957b1bbe8384619e5d65588a2ca6bf068ca27fce9aa0448a60d04b3b230db3a939409ec7df45d70a944b34baaf0bf951d205667c8281e9e87468d1a2f6edf79a7d5df12a8564e56d3a952efa4c4be2b09be2c3d699b05268e8cfe998a9f37b8714c92647ada8a8129bc4084624c6f1059f834193deef961f5dbfe500c1bf781f45441984d52800d81d814a82ec4f859c7217146ac447c8462612574a1a8603148ed46bf3e195d417bbe43aa6bf83ea8fb525941ef8dd56149bd6fdcbf626609ddb699e40e83fa4792b39384eb0d1b78c97c6798537b192753caed3a5eaa4a33d54b473b43851cb282cd857ae11a4d34c6b53fc1c334f8ec42672295b88a326b65d338a70bb3d5d866ff55a9ce0345c7a890cd6dee36012c76d862802c9cbaf1abbab99dc898eb432f50474ae6c202121d19f8d0467fcb1279457accf9b777c75390756762dde795d94aaba4c1729f559adc33966fbf517fc91fae21bd8ef22e914bbe6bae774246749ad63d8d16f21c9aebc80a97be408443ae60af610dd3ad9964b2401e049b09dbb46f6126d3d534a7786bb3663719943111231d18e51ed534b1e28807c062280924e5d53a8a1316ca2b5936911a267d5b799fd7d8e5e725271d5b8eb90e3dd9ef9eb1400c68eb8f88622f548af7df4846758cfb74aeb48588d1820f504e97ae1d818feb7113175b04e7c0bae6239672c987253cdf0e9845119f3f200d40f586ab986312144c3525acb78a5784f5707217105bae651e0c000792f4e88c1a924d33fbe5474a71b1e193a8d3a6a65dc485f2a299e7d07a6cf621260dcfc5d79c9243618f57507ca025baa53b3e684667f33dfb8ab9065cc548ad5c881bceb5d937462ea850fc197f5ae8c9489815b2cff853895e987e684195a094d8460ee52ef9d8f6fa0ba01092f0cdffcc7a682ca3125058ce9ed0064d7d0a868b0419b49ded3d93f0c7e1d700288350ff4c130cf6e0b507ce6064623294536c8fc4011b9b40299bfe02144806411d5b36997db26033a5ddeecd6bf3faefd3ca0a6cb70b0561106b2dabb06cf88bb6fa283e43dcd2fa1f33063183e15450385ba6fed4436502211d3181351db793a76ae11ebde2b23f340b7522748a4602ec469b88eb7f3d1325baa536ab8096c58c6f2b4863a541f618112643e194a5873cdae4172bb3005743782d8af22dbf23ab60e7d0f4ceb3ef0c46e23e1ecee1839558bc5c146dd97aba7651dfd2401fb8aec4eda71b1b15a2570130f0f5ff489ad4355a708a6eafa9752eb5c9f7a83f43c3e3b317e7e68133573f585fc27c5cfc0d90016f5be8594e1cfac36b24570cebb5be46d3f5917441ccadc355536b8b9b455b87667edd802b77178251afdefe9a4b5f0ff7e59fa5cf9b449e18bc4bf8154f15913128a2584f7d60a3c09f467233783690df422d3d9982200eb604ec2ef50830bba6f82e8b91823808fac0b07bc0e51a671c32dea0f2f9aa2cfbbc91cdf54b719b6009ce750bab1680cac77398b2a619d550161fa70e7e8b86fb535f8797fca75708efba7f0d95da4ac235d9de68a50c998a72c0c2da90f511ea456f776c881b8416b894cd835ad13c62b035ef4d220a66c86c1c00de534690e42d064bf4fff946af98aec3f9490d6f0586e891d272a4bfb776ab84bd693af6526c4b09beab2460634d929bcc61cf75b041f067e7b503ecd6a80934e169ebb0ac926a85b53cb1d7b63eee6abcd9e250834da6e4da23b3b3d90c2f726861760ca14b78d5e895eb7fa2e8b39f724a0371412b1c94c6a42f1beeae2328e353971531bddcda730b6a0d90f7c58e3ce5953cf5a6c9e3fd657c92fe4b5b8b0b659353944afa5c69c309527d6d4039e78c675c8d2f527fbcb2b765864fed987f785221862bd7deb66e6676ddebdd19cf4cb26869f562928dc98088bb69281615fc6a2dafc466e70ff9ea1a411e1a3ba3f94ed7d429796afc9f0c95da19a4db691c36407985e5f08473dd8afd9de88b2c26b6ebd2ea35177238e18dfc36d579a80074c06f5cca60cf6d64d27eeb121c6c8e5e09aa3165c101068cb748694695e803540d947f33740d30616001448173ef57bbcb82fcb213348a2a58e2d14480b1ce1ad346729631b91f7e343e37abd8e787274ff4598acc99cc58f3578979e6e6a1926333bd8818a256b58e67c6f77145ee26f24998cab89021423e03326c175adaa8ea905122553948ece311cbcb770222e7f4f373398497c8c301480d031fc53c2a7018d91777cec253e89e28a82d15e01c12c0ccae1b56ecff35b90b19769bff4b786d4624679abe852780e9e4b9985e0564ee604027dc2a60f65d2fcf1d354e163a8465f77eb67e2a6c9fa89ea0768f9cf117fd1ea8969e592da11d34f6f9b7adb24f3261dd14199fea6da6b5d31f825b3706492b3305cbf6ef553fadfcad51a0484f09a8d2491c8a937fdd36d9e0b94fb6bdca6e80a6079739cc1d455fd735e89fe89938a7132dc0c9f181953dd9cf2d106a3f1478b46ddf35aae9bc6932227d79ac4f534967be2cbc30fa254658b61752b534257fc10bd8db219ec394b41e7fe541f9086ce19d28e13d2b3c384745fc88ed0cb5ef414e23e8782f99307c49121a733875e9fb9c8559d8ad6bab256dde2bfdee4286c1419b80acf55dd09da71116c0fa902d8e89465c313c311f272a11cd17417372dc74e01f3ba1a9afd8bcb9fad57cde63ad59a6999caaa359e6e5b4216dd3b0bc8d310e28c8a1232cefcbd5070d0537097e370433bc1017b7b1c4efa694a25b4385bccbdf79affb0b6d203b3cefe637fd6f7b51f5ec297471c874a57145b254bd14b89fe62709c94ca3cae304739294c7b4a871768e11cb7a2db0aaeff4abbd00c70b4d4e5e8f8c6d34afe3d619404e20ccf628f7902c17ab1200644fe465751587800d59acb3abd1f8ad9cbd8bfa64c94c44fb3086fd21c046d7430a1faadbd9b1625ee70c1071bede890f1c07113aed9b1a35ab0fb823e2cb38d2ee6376800f63d28326ec3be129333e1024d17c46198e329779a79f4ee69b56374268fefdd29995e411052bcc92318c636aa9fa634f3e537712f720a52cd95d5472cdd6b4eb66bd1ed2c41cb37c615eb486855671d964ba46ee44eb61ffcb0b22b20632ce3222e4c3037f348d5dec196f9e2bcc2335284f5529e4de9e6b4b84fc559de63357bc8ca0a00c16bdea79372b13abb251fd4bc52f1f732811b65b4c51715da133b20caba229244060fdec0ad4c47fdf1963b6aa1acf998585c59867b5afcd08958dceb9937a97e87b2153f45970ca77e5524c5160c69963717630795e3a4768e2521617bc211926e5cb08edea70cae99c6d7eff4c1e041c7ab0d3473d6ceb3cbc24a9f45c5818896463360490911b1fb77a24aa3b394e3ee1155ea2fbc6686db2c715670dc9187b33f3051b4b894b616bdf7fb287113c315413d83e0540676fe9a48d523bef3280611165fb77c7bb33c0a087fc06e7702fc7d8ea4f7aa264c7ed332af03ae3e392bc0f96ec11e3bca6604ccb7941043fb043b4880de676efaf3f0fba185e90db8e8e6718058fd1d26c49d0a163264d4aaf7094d02d6898f75c6edf2e49edf7b0a645018220535e8694baa1e910df6e493c0812c2cbb16966cb22af208279947f9490f2f5d3a49596050604f920af8fa41c5a339609659f331f24fa0aec3787d052a02541137dd1ccdc30970a879e4a42e491137bb3cddf2c87ea6368bc4d9aad9089af50b71d56bd296d891ac2fbec84303486739a44850680353efa2203d7fcfa00d9cd81433adcad3e6aac009784b63a3b7aca58155b24274b2d41de998321bdf0229ce74a0c61a24d74ceb30d4ba766632c4a48d9db4e3b3334830b12f3136158fb16fa745c2ebad16b65b279d28332894755de3e7ae2aa88f9e2af8a46200c427540eb68907152ee7d53212b55c170ab67c47c884db89757b09dc035ea59fe2be1f384b3edef6925c399753832d32296100ca4e2699154d6ed86bc145e92d699e43c2269ed359a004aee75ac5e730dffec87f239328bc95cc281a9c0bba661f6d36ac11d1151851c70cf39fbbabff2190b619294db73008e3d32acb0b29aa3d28d1e50784dbe35eb911d838bd710336612170666ea5f42b72c32be4d83c4ff61987acd1b1f0cebe281806af8ad4b6e7041c31bcb8a93cf0f44826821b0bb9c053468b4d8d034c084ba1c8dfcad9fac6ec379da5425492dc6f770000000050bd9a930ead9e4faf5b557eebe4461320476a7ae12b0dcc9d171f6d2737b824db7259e62915779dc5e8a08bc69c0c68784202aa3462bdff06af76bdf9f106dd6228211534c4433717947dfaca4b7b61a21d706217e3718b5ccac40c3c4692bd59f222d0c2e98af1ff1919256d7b0540ed69b11f212a9598c7499ba634d1677ecf17517e207d40baed5aa0e25b7e70b6b16f6d6f0c36a146db0644ababd31bc50f5039b3bc4f12b603da2675e121b09fe92c69548dfb9df18d0e50c1387280b7bb1366bf5bbabfcef5557a05ce24df1a02f22f791e06c5e3e21e5fd6db7f2c90ffb83b154b0fd9866c46609dc10b274954caf80e83693f5581f23fd765a18aa4e294bbf7a8721015ea6a6e1ba64f79f6609924d43757fd0752024af79e296415b42de3428f14d9d89f84c2e076a0821cc8921fff677ec7b91178bcbd755ece28477a6bd01fd429d824ddfb62edcdab7c4495edc5a3d27826ea4bddaeacfa7cb17632cee0095ca55d3973812033d96ec5e5ed6880b3a998b4998fb7441e11dd060515bdbfd5aa32aac6ae1fceb8e92d7e8985949946a458ca2f69637de6b92410986f8fa5ba4b1598d8383fdbff2e004dee71500302e3e9270371b39237260bde0888702c7b2bcff69192bd381cfe59b197b9dbe5e2eee27b64c17e95a1dade453a6f29dc8bef1bdd34a92a5275972a2cb18f6f553f99c6098f50198b68cd35d2877d9cdd15074422b43b03170f23138dda44b62b5e161705405d2e9a007f8cc9ec7920d1a6e947ccc57b1a51a728fe1afcb84115fe48be15c894cce96391ab3cdc1bd9aa4cf58213c15d1a849c3f38c8ee34b208766129bbb493558c139f2bfc39df29fc73422127823fc9c993f20d9df9e0acaf0b1729437458e0a857ebfe4a373fd491952a475e9c391b7ee02b79554807c0f12293aa385a3c6b18bfbfc690a7aa9bc85d8adb705eac642ec8611ac62d09d2a6892cd671629d457c2191eb5940114113ed8cd4e8411d96200d3d66f947baa7915610c396402d38f109837d29c8e937fb6223a9d0d605a3d91312908fb5a7df36122c35f7e47855d526915c3a7cea432ca4524fcae3b5c6fbad196c1efef0d129d9b3f9d23104fc3c8a90dbcea0400311e51de50c5abb62fcbedf998ebc1cf23fd76bcc2aea2451f6d0d3b8fdd337ce8d24d7ce2a5b29318df58adb0006d4295c138b4b03060134802626e31a5da92b5a7a8677132523affbdc8d958b955eb4615370497429cd3767f2f708c2cadc233bc3e5efc8c837385749da08c6dd573e3b105ce459d659f790dcaf53c1d0b4d8e0c64b6bce15559e59e66b3b0b2695703e9bd5b1c5bb3c5b1028441391f8fbeadc032e890fe5e3be78569056d147a891f4bc85406e78f962b532eb436b0e047a7d3c88bb89455ffbf1da360207af5d827e9fbbedd8393a828a92382329ff444d9a8128c40e302453550426de4babcdee45108e79533b9747fd21b8f775a76e1d4d54a8a98a65ee3c183be34172877c26e600c89949ced85004d69c24d4fee6f87d2ff24900d41577c78dfbff698d438c0e26ebe15d7b75b49a5b2a5c627da3b13f6458aeff3f0a1944a339b4be5e13d58a71928bb77053beaf7b68568205b62f5a4a9b3c0fef441ede90f012047b0cf2228481fab85d94219ce9f417e4e2b6018b319270a6b6f0de93d0147842f582bd4e41f00720626be2b2f9116875ea4f92e380bcfc33058505ee0336e10c71a5abf6f32c72fe68c68c166454db8e101b3a271f04e4dda8947743e0ac408c73cff69c10e7c015c6b078bab0a1c7aab14a26df087b2b4c859e684aebadff5033d1ebd6c6589a27ac75a075e6ef801f5dece0dbd1e477bb70d2b8553a88b13e304e00735e183feab89edf469cb90c0a5bbf778809a9996f4e72b16417672cd97bdd1c0baa64ea2d782aea9d58ea357b54d06f316076b5c413417061b3c7485b534fcc8bf25d2adf043b47a3d47f0755fe6225bba7569fe672d3507c8e15f7139ef7f606c616c52733413befb248eee53c4a9a16f952ac56e18e221626c4f51eb90c1314167c9677a7eb7004b9b42fd6ec21dd38d5b9032c441166be3f8e9dfed39fb0e654ca3126003decf8e50bf8ace994e16fdbe3f53a36a11ed6f06d1bb8e54f574a83035eba379f2453f2346d11414cafbde87cb5d66b650a5e25ebaced402188c1b4b941e788e1af908fff3ef84c1dadef0550687f0b6aeef6063dc1c8c8efe09d611253efb4d288ea407ef3c043aacc3dfc19a18449b38fb97d9fc0bb67de3e1744f782d3a9d1fc449c3a902b1ec8789e336f731a51cc7fefc43736e04942167fbfdac9f15c5b3f921aaa3df0c9709c21339ce890cd4054828615f18fd12548258440a06dbec3d72719b3e9f5f9967525f90f16993cab09c9eab2b27b29c959c002dbb028cc96297d40822772c16b4b786cc57cd581c02f143d6e728eeac1ab4eca6170748002c0e2269611a2b402f9fa8190d9216b1e1b7de8f81074b8dbb665f0d69c52cf573d07ca0752fd6fe7da88dcf4a915ab1533f5686b766393fe9bf1aeef9d17414d1803708e61973dd205097eb1ed466c8dcfb2c7710caf9df713a11c774fd0469880534ae2ccd1e40216ffa145f0fc832b166896810a678f3a47dd24bc2e6835c16e405a444971068dbd47926f430871121be8f19c8ac4fd0a9e3ff7cd961f90f24265de455694cc291de76437953ac314b1791acbe96d3fcae4fa397287a02eac86f13c931f4d4f49ad52cf1db0efdf7027ee8e468d64d316a2208ae33d8fc3274861b41f2e064c99fbba37b7a0c46a3df8dc4589de7ac28df63ed697a48011c863049345c371f10f7d53a56947e348d07e4ff71eaaaf9aaa09bf1147b80d62a60dcec6d7dd4cbf52f2b0b89d2c7de1f16d63ccc0260b0982fcf105736b50001c19eda998426284713670aab21ce128a80b57920d8c3436edb859d4afd7ed835985b5bec01df5447e66ee8511b28671646e71c0669ab2203c4c9a020000279ba87f089d04924cb33ff82f59da9399ce3f20932c073289938e4e7101d357cce920a2aae72f94d6e1aaf9a3905f4da18a7ee849a39f0d1e83adc67ffab826490d4bfff1f80e8c2c180b08e013daf6d054be660390fc4f872b8d60f14951f05ac0dcb4c4281f71ac2d4cb4d68ffdfe8f5c43160d99ea0077486219bb9400a8fc1faacf12878379a7ea5eae2adbbe2871c1664bea1985d594963935019446d605a61ff79802e114a34610d002cf27e0f4b96c6ff880785307161813f48b68c6f9130a6faee6f332e77755fb68b68248ec113030575b1c262c2430c000d11b269ce4e98a32eea3af403630e83aeaaed1420c9fd66eadcf34d6d1fbe457c5216481ddaf6b397912630999fbc5298eab15ab3cce9de7741367264a4e30a61ff7f1d5e7e64290218d9f6f5c9898cd23ee1ac35ab8d3691bf3df31cef54c161bdf3093390ad2322b6f71f22199ac68c5eab4aa7523b4957202751b675fe82c9d42432c92c2fec148da6e5514e9d5f2618d5a616cdbc4a560b3e36eb6cb8baca3251d8e819ea8f552f07ecca0664e7ef22a3a6c11d023eade70f1b872cf58e89c625f561e4858877e39d324dd448b041e4435b676ce0e86de9045e8b9e8305ae60cb7a41c01ce2318af7f9fa011d24aac2b2d31360ce7b437c46df5756d94d1005a0359b57534c49d1e8e173ba183666a19ff6e6c63388250985249eb40f0f981a2bc34e8196e9c468b1bf329c4ac9cf5f19e46734b1238f99f1e6d8c95ecca9cfafc15c756bb4780b675ec9781bfdb583bd91a7df33ed49daec1d65d14f26d7cfadb9e1de06e922939e924b034e4d128cd66a2f7a87c9399c622922e6e33af68c5115053f42c519a054e295b5f8e420630dc116bb2562ac87a6402e4635bd6c6b95943820f86acd5f48ac519b06f1b0bf1c7a70d69e84c95600e017a67e64536197447b810c21cf86a9d09c37aaf6cc39333b414844ce883cec0ffb23e36d5560e9ff6922a9237a6503c72346ebebf57e59c13e7320f670e1826c802b9cc674b55284ddb061e6e38b16c58532497709028ccc4c000604d4a72b3255170a217ac411ea68e64fb3b63653b985abc42bf21629775a05812ef159992320c3cb93805bbebb250e2f9f92b2c8795c388fea24de5e70d45f8ad1764a6e39a1d588191f77fd7bd0408252c784deef806464edc1b4d3de83df34f1b615e10ba20948ca9f28c4f435163e1f5a6fdd0bc8ef397c25b7d704e1ff1dca065022b99778c05ad39f806c3f7ae4278b768eac09b7d317ec5e07db3fc5579a29fb42658ba66c68afb3b8401b2e09c13bc0652309b26cfab2febc3e96a6da6341e6e860468aca74caf06bfc576124594c3f123d5e987319862b0700bd257cff3ea8abff23ebf1a62e575741db2902761578de5c72f4d37bf9186c2391dfff0fcdf2969df27ac0c34d3f07feb0d1887de871e96916add75c15ce2f795749ceadacca94df5808a1629ccd906b3776e7c2a9e94393243de87656432ec21be389731be9821fc035859fffd503f9c8279bd4a36f3be1e3ba0beecaaf6ee44203d8b76c4ca97da38f63fd07ed7812601ab9095a77d52397ecc31819b91d3c28f639bda94c46a5d527abe34bc579338a4db395c57dbeec31a37685ee8121284b63583e026783e47d58deaad78a17e9a946ae7a3db89d8d78d9f37ee5861de7ca92e7335dade99819ecfd63770413b17de97bf403a6d97e163f7eead7d8c182b77cc3d0e0f28f30839445ef751bcf4f21b5803a4e8754fd9a3addb2553ad1d81879addbdc2668e5f2e15926ed805ce7b4ae01be9677c322d59d619cfc806a4946f59010aac481e49d0a0b2ccd0fbd88abf07d4912a081c81633f4a6e0e68eceee686d58a43c45d3bec1046d3bb8d7fc727dda7cfe22af174219bc8e928ca15ff9ce2c707bcea190f8fdeb86a2dc99d7ca81b78efdb0062f1967bb66132164d227e149aa52f39af5e763705373c864323a5885dc6061b5a2ee5501d0b1aa465d93052f29d033a750b1b9cc85fddc0cf168ddc62fb2d1570458d246906fbb689bc8ee3864901eb43f96c19482a7ba7a52fe08b241a32aa9a2774359132b5e1905a08ba37244265070f6d69a428a5834f10d9ba45f476f9e88e856ac223d8cf6ff04894faa2590ecd0a3f6938d661d8aecf6223ae99c414962a86fdc1c2599cee39e9f0153a57ed809bd90023c8d688cc1aa7b5eec5fcd01d07d00100", 0x2000, &(0x7f0000006dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006600)={0x20, 0x0, 0x0, {0x0, 0x7}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(r0, &(0x7f0000009080)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r4}, 0x10)
syz_fuse_handle_req(r0, &(0x7f0000002380)="d37f438c8ff0a793bb0fd85e80a3add0f8f65f17e46f60227e8b09439e47ae441d91f7c50d52383be1a08cfa58969071ef9251774b2aa82db4b537beb0834e94c9f625097a9fd8ae5d86ccc28ae9a5fbf7a931329d6c0aa28650849abea29afd035f5eb12f8126d5b8c277c8c14f25965396c229226cf8b0c6da769454f1981c1b0a8180b80469005a03d24fee1d6f5543a43d7156a0da6f40f6e4344cdfe5f96f373459fabd8c1fb029f3cbb965f11e04c92468dc54884926996135312816573b5f052907705fb31ed724a8097b4eb9a547bd0a4f9c66421393b19fe59fbc07bc8c6319225509823784428ca5f20741130774b9090811966d1de850ef61c965ba07e2fe52380c4bee79f58db0931b3d0c06cfac96c9e8676eb0e10ddcecb47f17e8c4ea80d3f67a9e04f5edae06ec33863b9fb5edf40c87fbdc5a00936d260eb32c3df5a905d3041a54d0fade7b220027169911111af6142645e771ce84efdff5ef5f3fe5b1efdb67ba83dd9f94008f787ecee2ec9849c34a8699900b3151e799fb1704100f2075cf313f719efba77efdfdf5e37379232785af24729608cf1099a9eeb643813fe492fbd86788f43e231fe0a6f3f0bf302efeaffa32890b1e48818959d7d2aabb83f062e356a81605f55da96df097b11471c46947910bb3e5e40a5a5c92077231d68efaec50b848907d1e37e18d885f5bd95d939ade1852a5e2f516781e1868f0894c8c0872c84d9c80fcfe085ac88e2a8caf63b3444f6d5f63c4582e766f1fb06a204d7b8c266e29bb43e04f42dc241b0f6926ea4b0340f0b3ac232d92677f2ec099b17361d988b72311e5e93d6d93ca3bb711c5fb979684f67f6ba32901b8adb223fea467157c55e8d5540743af46d36e6670fe21254ed91e207044db3424d42a63d780f2269ca3417aeb73632fb93dd42b07eff0f5ed90707423066f834c2881ae5272af5b3c04c6b9cadb8b234d24c5341696960a23f242837d91d6751695e9f07577bb81aea171df43b27c44ca5b815e66f63848403320ffdf2926f500b16e7496b835ae7a09288847cbb232e2e271cd732e38309d41ffb55391dc4a157e0c02505f54430a70a9ac197f5573a0b11722aec13a9adea4d8e0022810ca28414964d40cbcbf9d2704aa82637e13d561c4fed2ed602be375e547a7fa7198e6a75293abb3903d0b8204ba21dd369a79159cdd810162c2a2ee722bf4e43b7679dfb8b4ac9e768fb3d391fc4f1839f2e91f1c62050b8154cafb6dd19a3f8716a5c072725c5dad281281605ac02632d041accf07bed8135f4cab566db7e01c6902be5728fb01cd6b17edb8870e3417897a604ec795c440334b1bf9b6180ac13d13298b80b8f4352b0bb36ac151607d6ebedae06f8a0582ecd3963a6df647c38c64402ab29ed79533efbe311df5c29d9f1928371e99094f3e7d8aa3d277fe0e3471c6746ca5dab72d6ec161e05b46829c7b437cbbfd82e8606153f23205f051002e23a17906056a50a0d402814df2bfc1de9906b2ab651770a482315e06146af144acf0beea22a5a9bc61931d293483d0f3bf04e62e89cce3e3ee781b3340f59f8a026228e6f3cab05f23ea71334eadcaa1068f1b67f1eee3ee1698e92bc68759a3534069de9132ef7d853f4e20dc1cac32b42a995da861ee19c52e8387528db1ff0245807a1fb19c1670bc3c56f44db0333d7568eef79964f00d6d242a3735cf372c844d6cfcd9bd8934f14dbd5cb907108190fb7ed919840429d4da052d95a242e93db7f07c2c1f8f141026e15a767cc9386b31a18ecc82c4603354236446e9c79ad6899049648b4244446dad02225c5837fb8b033ce4db1fb044df7131bc99316434f232b8049701d33235e581341c5bb08208703e4daa83c0d4e1ab73e8c0724d0e9d6be114927acd0b792ab9464dd3b67963ed235243ebbc16e6af057e984fffc2554582cdd6548d9a929a89b39650a12511ea208ea9553703ec994318d50cea6a632724b08b0af3c11a4ca9d95dba675112563fbd166463cde649917402548547d54cede66d711d805060beed06c79be0c682dde2548a899bb121926ac690ecf1220764874c37810abc3c64291fef538f8959ed50a4b9f6058b8c45735fc783f3ec592c022b066583950037fed74e12f0fc8f04db78cae682c706fdc3783a206167336ff9e4707ce741893beec04916626c4ed07db0a73bfa5d786e3f3585e4b7b37f3968f08f8971963fefa07b7311d4bef7b5a5d72d3c40297da80d995d866220e005713d69b5dec9a4481301e9aa6ba8a6bb1f911c1d9f827838edb81348231f3da450c1044c9c722d31a1fadccbbac0d82de32f2a46c0a083ec89e2baf21b2b1655702e7d58b950df5904f76f129d15c93f95550e3b52c72eb79a1e09aa253c35fce97977f881f61acc6268c2596b755f18d1c95be938b390565d780929c4c6ba4c8d417775facfffce5c0bcc1f075913f5477563d06b3583c3bdcc7330bd6d1a8bdcce29f8452668a9f2a613f21d5195ba1a1bf134e80be88ee8fdd994936b1b40a0f2e98723d8bc53aef7b5af884f5fccd3eaf2dda01278be0b26eccd63cf68278e06e59889b8b9327550b615df368d99bd6d19636477c4d592e365b0c8c43a23d434ec3d622184f325d6d1c8b704aeac87359d9c09012deb32db9bc034fbf10b4662d6618b4d849a9546f00ed3265c22807072482b0ea4eacad35e10bded78ddc4e4025c7ba521b709e4923cfa8b6964fff4ef513965c4c71a77447daf08f7ddd10f2319b57c8075046ed4820e135f883fd4358edf30fc9965b16885aeb0f82cef2556f67bd33c44edad1a2e3bafe648f5e3797a62931218a468f637832f7ec481526824ebb8de5c207733c54313add8a24131f6de8eb8ddab462b5ac7693f7b278b38728449c9d595af99ba5b1548fd942b7b8538456a261a3ee3a7d18fb3e6180b6cfc9adc76a1defa797b57bcbcb9cb47fdeb2316fd2d913dd4aa0239638fc5c3d29df965aec2ade1f556ad58c9159c9f1b6e05691f476c5ff73230eb74a891f7b285de923d1cab7cf1fe2c82cc6ebcee9dd0be04bbc4d01b2ba8c2525fc4120ffae3df6bfe44663ee532ceb5a21db4f2204386f84e2f51666af55cda90dba169a9cd1adeadd7c90322af2656c3166fee2dc39b2db56e2e18b6f7a24bb7b0494320d2000d629e93427d224587dedb5c196b1796fec0c526a8a0355951045677733b33cb42ec170f137b934c4c6e141a8f8ebbeb1970797a29225901780f96521939b2edf85b1a456e9f97d02782104583757126159f264d9ed95e801561d63f0ca075543813c732e75deb01e585fb5b7bdbd7311d9f346e512b36e972489988f53f42118bbfefd3a52ff1fb97f47eaab7f8baa8e1f397bf877588c1c898690885273e47c1bdce3f220f80828fb7489283d5529756514842974a55cd95aa5a75a18627897836311486300bde4fec1c312c735e5ba3419028cbeeaef709d97752a12f83650aec7305232f22f90b8718113f06b3cf48cae0b365c456aa17610a78454fb81020c84ab51e27891dfe6e3820bb8c4ce0a5f72c72f2523b10be64a3c05f76e7bcb7b6c9aab9e49bc0c2b6044b66c475988f0a078f53912a9c442a40243da943376c8f75e74eac306c61004f6a88a818e3e992c0ccadf44e48c95472359c79f04462598dd467cc140e665e57b9b98702096750b82f291ee11b80a9064dc4a0c790107ac0aca2166e4a964aeadab9ec1ed1ca686b36ff00f75a3a131c09e3297d0471b689475941d09e09c62d94840a6083b1e8d80c22c9e10f3575cf53fe80702e0ef82f43bb13a1128a4f76a1728da93d86a5c86fe831334442deb1e003c96cc40a65ee721e219c06c01e75176d1035ec855258d3fc565f0d6eb31910c3c4e4450c65755ca563f0d877861df816160dbccce49865e0c6e9dc7cc281481b9f6bb8dee95d6a572421f1b2dc1995e0a3fde00ae6073015ae4176519e586ef434df534667d30ab103b7815f5a992e51004471ecdbbd8d9d464e7c24124a928b5aa925458825024ad03ad526a5b08ba1b30fef04288035749c266612bdd5caf4ed5245f67f5fccaabc6b2d8994c395dc7f8ce00089f4eacefb18e65a2d9d04136cd9172ce5aedad596d11fdd4b599f7f544f92a398042821b7c1e6ffdf053a35f95f9997791bbf6a0ecbc69531d14b2fd6b18dce4267816ef2fc135b24d76be1b59e35fd76796e9fd92dcb38c08968d9be724eb8a22575e7a7e2649f2a27fb3fac57f6aa53917ae27cd8efc4b6469de6155c3b9654a70ca7fa318682d1fbbf7e3e9f85f3fdf91f96eba538c899f3aebb79fa0ff96f122859061c2aca2a2fbac5640807cc7dec2a5f37a84cfe69af9775a703281d271a38ce08adcfe26ad3df7d0a1065393791dcb526634ceb5c33061fd83b4e1c72fa175585e0f839c9651002896fc7a6ced33919105de91d17083c8f6985e24ffd0fb35dd558af58cab9003e1fb7f87075704396ff677ae7a99725ac2c50c3a9edb15cce24de9a734f81f5187099b2ec316c6cf536c628445799bfc13803c6e94fa844de4b294b6f9b7f96ecf666c1088eee0997dc3d925e45fe9157ff86699e68ad786e973468de54ca6c9156c2e30541e97fb7b845ec2acdbfab05a03009de8260b444c48c0e64940a441d56446b33c698631f480dbcd6f8726e4c287c262bbb6de251c930e717797af777283e0575e8e1304af50cdc493f429dcbfa518e592550e980bf4516ff177a725c59ed0f8d9384bf9bbfe024560062eaf58bc6dd4ad29d71a39f02e00f6ca44ea68b9019387add513c767693d5535e46b3ff697aaeaeffe8e85b86ae877586fd706fbdcc492208c1b61556b80af1f80b018391a4d42e030d89e57c8c8c323c23805551954bcfeffb2c08f9043f24db22a9285f9edb6c66e1091b9dd8e51a228dac137df945491c53014a79b3e033305b1678d7664afc79bd04b0c397c0fb4a12fe3116b24e4d42830e3fb611b337f449c1e0e9667b09690b37789e45cc3007f4a56539c782fa41cbc30f8b213f36e03a1bcee413ae9b4706561c5c68e0ad645423eb5e799ca52a0cbb7e9468a7a0e253b5ea76f6a79a5dc9d72d5aab07703a814922f1fbe1eba0336659ae0acc46b46088b895846435a02bbacd4663f652c0e1289411bada43f1335d48d8ca7a021a60c8a19a8a894aa3375758a140bd040e24aabb0736f79ad95f2090a78418360cfba57398dbf3645bd6c964e53923ded0751512e8cadb650ab833ec3167e8bf385bfbbba46e0845e745810d0133cea434ddab18ef066caea680f16604baf0ee56b1f631f5ccf754fc79285af9d17d99346f7bcd7048dcbb3f0fbd6c2aaa415821f73e4ef5c09fffa911a7ecda2961342d0db95a92d597e8755e41fda1e39c65efc82ca82b22172b3e2017ec5bfbbdbecccc318190eca29ca4dfe393afbbaede3fbc53aa54fde14a1d98a3f0e673bd710d73a978cd7b37901915811c1a8478c61c4021792bd07d42a0e4f7f367139fd78ad1b6cc23c94bfc98bf73c8891c5c69c00c0aa4ba3d76472543fd8d2fef44f4fa928906a60f726a7aed2c6435ea80ffa1d91efc4a605b48845a1e66a7a79c92a869549383256e7724f796aa893c3a86c8c501dcef329d79d7ad5836cd41d48d0ddee68cd5dce8e59724bcf7a0d6872deae7dd15939db46b978fdb77158c3076ecc720b3fe3fefff15b28f7f1304c375a435f20c714576dfc8c9f53af9b6dd7d7ba14d8fe4408f8ffbd61aa0f1194e3c57d63519f96e42fdc97e7adfd686fdbef39bdca9a2716b337e406a909f3b2eed19e24408e8dbe91b5aa98fa62b6fb6f9f13dee6a5da24b24cd2cd859029aabb2bace5492de4985a19c508d2062e6b580bac1a55a41aecabf0d63f48315a6497f11a5a09bdfd1649203eedcd03069cac0bde4f7691e57e2a054e1c192f6d78f2647af7cfffc4daad033521b87103c5bbb81eafb0ff72c4cfc7beab3cd7074ed50f23021e917e85a0ea2dec4dd0d7f8efa68f15a1296ca768fac34f630014743eeeed57f80165e268c1cef7d5d385edb955195a3e44b8b388dcab72083fc2dc23d71913bb98ef2a34ad6df1675b936e294ebba47dbd74daa8098fcb627a1e17616d8775cf1fdec8676d57ce31bd4bfbe821a03ef251f651ce97dbae57f99c6755470e9cdd17699c568ada69a64621dd5625d95b0b550c596292b1816b9516cc7d8f02f8be32afda1f4357419b28363ced9bf7429e7687531fb00de4d2e03fe4ca448e66ad17c58d909df244f4f7ed265164b42273187816e0872e6818b8bdf48097d108f4c67ffa10038f7d2a705b4489c9af1284a7b34dec3e5b56f350c880277fca26427e0746eece173de1ae1104b7822a9fd45b262e5f3ce16a64dfa69e84f077296144f0c119bd2aac2251f463b3e8177dc259088c8a1794953b248b95e7c6e6f91ed45a7d3bce7e91ec72b98c06ba6c625bfdefc69c7416d89a0b1f3bcab5aed96370d74c6812ef0338368756f83f4be0331cde6d11d9a917483f25beda96af71882c3d4d1b3785932fa0bc93d611c919dcb116699db1a3d26ad6826937a984fa121fac7a45ff220520f702ee942793dbf7023b98c9cca4f150bccd29f26aff58e2255aa73fb7a7abd24b501bd403f24900d42e88c57494ab5ef8bacc07ff9904b100d709cc9b1018cacfa42d839476b7aeceeb2236e2c1151d441b167036bef84069401d67a1473d5d11cc109bd39a1fca5d5aa347c4fd5f6f3c12a8f5d1ec344dc1717f5e8e1aae6d7b7c42aa633ffdcb46c32ac667d933cb9fdaf6d83eefe77d8733a59fcf394d063efa474df67697f881991a34fa79bb78f3b19e9b29cc7b03ca7390b0ca6064a961f3fed249db4ff2c01840373b6242034cbac645d59743f1a90f372ee0c17efade2cef03e3f0edc640dfb629c6b98dc2f28ce06aff3574a2cbdb4b06fba31b2dfe34bba7e34e02a786fa4473d5ba847f4f1e644c1bad62ebd5ca9306219ad6beacb8a54ba299e1bad887293f1b65ff956ea2a562e290df607a608503afee3ae180d600f1d14a9459cd5a399c7e2c7bbde19c11ac869d34ea5e990a759e346c3d538108a277894d6ec7bc6fcd65862a2d9d0696551a4a37379feafb313a09f2575c52641db9f46f4cc5e851f67ce633572b6ffcea7b7c24b44b40d32e55e4f3b426e464c07741648f30d51fe3eb162cadcecf21b7182cc915ffd887e85c385b5989f87910c5c990d639f8d2cd9234c534400088ef49733c94f39131fd51d784a407a07eae6d5359acfa35994ec3760ca3866404a5faed0fb210ce1b849868a6007c8e839ac7518172928277bf2dc43d163d2a0f6146cca1738ec3526762e8e2caf69606a3980bd08fba42ec7cbf48d315e45b834bfb14221de8259250c4ae9590520288c73bfc7d8076d3fe46b772491173ea0daa76cb5cb40637a038ce734d72c0c020494062843715e762d71a8f8518fa7d837391c06b62c96efc17651158657db8ea9a57634b0b5628b06fd5d568fb02185a63a6beb56013cfb4fd1695b102fb58f39161232af39f6d87c5ff6af247df3d549b7f6f81cddf4e3cb12b18634e69df5af55127f72670a3104ce5aba7877c32ee4b0cfa076247a95750e830a240b092baec2f473e83581e5799d69593247f0e78ad8e44c0e0d09fc55888107c4badcdb20b2c82d5915b3b03060e53d199b20b29ad6742655bf62343421f826daf1a3c0c493c96bf719bdf0a8dc9a4fc3f75bcebec3aebfd898ef161cd4e2e33a142c36f673cd8da72edae4f691a4271881d326d77fca0af396bc1eaf9e9d2a047562f91f0e87972e3ae5abb75e352f28c81351c4be6a34e5a01b8ed8461f14e21d1afc9260d838b43e9e2ae078d64b6c718232bcd2b26d3c57beb3c605e00c6f9c1031a3bae4b1872ba5d6c23199253929f1cf57a2e961d798ca9d315fa6b9855c8e7efcc24ccde498a3f1ba23755360044f024753f886f97016bd45a56d802f3e9e040a84f6c46cd5aa99fd4471b97cdb0bd8d265853fb79c42b4cad7eda49ca08d3cefffee2d3f1b5f083a06ea4be4b0acf84ca27e5a8d579d3135f3e59bd5b823b2bef7708189f54c8f0d576e4c6bdbf932b55bc792bb302cddc5c555e4903eff45b493f9498f7bf184035335ad1ba1547795a443c9afb30f932e7d1b042fe1690cd34d98e2331cbe38108be26f8ed615590e8bd99fd01b700b21e6ed61de92297d8b447c723089cee359ccd4517328d54ebc43a3f9173698c4362a6130508c9a0ea57b9a8a74a997a21e3e2a7223ad3debd80f70aff2eba5a862aa667052462bf6635eca2dd3350ef70fda58f8492d34c5b819c802f97b8765680c39fcab3b92f8a8be88a93b5bfc1dbba3fbfd3051c4443e766f4cc6a9d0f96b66a081e9316a44efe5973479ae74bf13c18711218f75d7f4e6f70b0a34ff2a1aec8d1e3181a65b4d5f21f0c19789a2ff90ae5e1298e707628e97e6a5048ac29d916193577506a7f5a9cfb0c73d16a67a2e1f872c8026891e98df07579877460c845bf967f87d75295ed29ddf626340f313bb35a04f9304e34773eda19650f25a08b2bd603297d9edd7f7d1b88d0b18e7bc35b0593961e7403a03550a20a0eab83cb00e659f5fccc189d14b28f11b8f55db517ab124b3718e70868d2131c74640bc682ee785a75cf960a79fead7965d0798d98e386598efb5ce92b0ceeec4e63e2eee3a15642ac72691517c4197a667de3e57a56e2d6e4ecb5a2bc401f90ec2239baf6a9a418267fe2228f7776c7f932a048cd9aada01c2e6d9466ecc434ba61eb97a0d6eb00e719940b3dca3ae25b94e9040ee238184eeaf46e51b61d855ce476d10dd9cb09df18c585304bc4f9e88060e4bdd6e624dd90d7ae8874c0af1e17e67d3bb27babd15880cc61f22b6a0b24df6d03faa13f0c918a7b960f47d939934d9ae90edc40251fb53c9fde3ee255e49c8541d995a644d35b46ab202e56ad1de3da1c5ee587f167b398392d0fba4a43eedeaccb0ba16f571055381fe3885490c71e0805b1b3186bf2652b9a9df69d8d1232cf704fddfb5e7d3ff78ba5ae3b843f4f9b82161e223343240c33a9cd21eb312806163ebb2e60bc98b68b3d95bdd923f6ea831083c13ca65e4a06e999b2d014d0ed218d72c5b776fd21ae21d14e23e9074de20d6d16520b1061aa4db3b5b8077b1c43aa375c68a6243ad582a148dc6878ceb2ab6792cac38ef21765df51171436a412f60f5dc68fba51aae8c4909efa690340fd8a63cbfa4af6235c1c904a20578f54b9c91b1fb8017d05321e0bb9eda1502c1506f3d2939977af87d1f9329e237c129d5cb65e093396f016eb0c2f0aa5cab92a00259f6056532ef188be500fec4cd4614e29daf5b41da2b4742b02999e651c42d2f405344a232e36278785dc7a681d0ee2014ce3214f44ff9d2c3e083e18c299cd7cc8ddea4b805c673cb7479a553f28349235d37874ae3da878a5b6321e501c2b77470dd15b35ace69b1b8e3ba20cce47acb8350f206d136dfdcea697bf558bf3426bb1e0ebcf2797a1c7a181fad43b8c68633b361d40868c279896eb1c628656a9b57dcde8444ff92f2cc1d2dfa1998054487d8fcf11b852019ac21ae0582b1c8f4ff90f31d862e20740d7b803b0f109a8d1506137ca58167e8be1d13e6a5590e2bf2af5cbb7e79db2f4cdec83983463e1e830f54f8534e4c660039c0d372c7c757be3498f6be9ff6b6d13b88ca0ee07a0fd4df8cb13de0fa094cd3b9eb87032a6aaa757a6391ccf98fa7f9d99065b4f747e70ca497af77fbad520c589445d3401c67972ff7e274571b8c35a17ae78de90c81f791a69d70975208153f94ac7199c45de1ca5746887ec677452fd1a018b7287ac45e14ecdf1876229964153cfe6b39f1d50a9be63a0eb10016607ff338751cf9bb97c917d532be1174d0410e26dcfab873769b71db87758c0ad015b1db4b7565e244925ea0dc24313ac65f0355abcfa96c786b8ab7b32166bbf4c7ddae0d3f63d1aad63a9b105e05825aa012e075ba3e1c20b757e1dce75f6fe14e891a20988d365cb5e69206a1b7d8caf2effc73eb577330cb56495fbeaa6b7aef3467a32f53634e468208a8e55d626f98a2b51d39b48341c27306e59c0fc5c8058719b526eac245ce857288976abdfc9be1d4f220817f879c15cf0a258f89cd8269113821b0a1073165923748c6e8e0331ae9e7df11e62a80bf28559850cce385a98e0f48209ebcf69e8938a7605e96f4ffcf580b6c1df742766458763dc91b34035c12396b06ca5995b8feee35e1a3891cca0402fb9e739d8f8aa1a637b7c8c2c458493a323fbe5a76f866e2d9adf0d1d76950bc527a969f61c8519508eb5a93447d212e209c724aa16a949d8be1b14c8711d4c85e728e9d50b5b78b76242f9d59d866a86da0f129201a5b665611360ab3f4b678746cbba1b47884d2bfe4d3e38bf441fac354654c5077620cdf5870fda1fd5ca2bf4780d474a27cb660dd9d7ea83d423240c7ffe743dbefa3b922ac6d5f9544a7d5477dc44761a1d47633f67fe220f37630d678daeb62360b5f4f5d40493169f6554897c5d05c4909834fb2ef1494f8bbbf9e986761b931a26b0ab76b88d4f9b9bd9a024dc39819e0a139eefba8f617401811b4a7b97212aa82965e6008447979d19bfeacceedd48a24d65b8a1705d686fa8c44100d27dca9bc764b74345e1da71bfd9604e2f5bfdd28097f90e98f91ca81b08e827f7a3e742e6c019691afb612042a375985b01b94b3eb61a484fc2ece84f53ba5738273c80047663ec335d31f1ce43c6205a78fe7712626e8e6ff691b5bb9fe1a41909db60d8644d73936c4eb663bbfef030499c8c7d31f4eacae3cbf736a1eba6f85008139ba7eaf5f1ef8804f617e56c820c24f139b7036887f2ed2de32fd63574d0359ad4026e67c550b4ae960a2ce234a20e076da3f91a7ed60bd59a38e1acd7941a66bf3e755a431cead3f01600c6e47564167340f3f853efae37b036988bf4b30849d9dd5d0d09b1799bf9fadca76c497a1345018c8724065291bd8cc633e06359b72040a7673ffe5e86c240d043963bf2d76a0fbf50243a63d45d7f3358e1b9d1f3cbffd7e60429afee778f305e7d8f07c3e49a104f3a4e92118ce84cd11839f507656757d6e89ff296cf792ca2f1429aa80c8092b970d6f065eda3fb25b6b8a699561f8fe5236bbbc96f15860e29326a5a2671a88545a65e587d986615998a124a97820a65f81779b3101086e6f261177a66858d788c5c66521408a9e70238719614aa6232a3ef7a33e99d3b1dcdc20c33e8124b1dabe50ce9e4eadf34685560039e7d7e08f038f2004da7703bc4a30a28409719092e6640e743ee8a4e75dea106314a26ed5cae5d02bf9c8b0e96020a6b7941db7f0c311476f377a992caccff7f1919062f9db36ba72b29e9dc0880fb8eb24f41e0a6cbaa487058c6fbe6b062b372e0b84c9fcfd64d84724b6cda7fb3f582abaa6757782b20f9c1fad78f98273129caaa9496c1dbbbd167b52bae60dc327d1e18d82450ff9b6b108a0f20cbee5", 0x2000, &(0x7f0000004b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000045c0)={0x78, 0x0, 0x10006, {0x8, 0x7, 0x0, {0x3, 0x7fffffffffffffff, 0x1, 0x40000000000, 0x4, 0x100000000004, 0xe767, 0x8, 0x10000, 0x8000, 0xffffffff, r2, r3, 0x80000001}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

926.200167ms ago: executing program 3 (id=1742):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000011c0)={0x14, 0x0, 0x5953a6d8b15e6715, 0x70bd2c}, 0x14}}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r1)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x29, 0xa, 0x3, 0x6, 0x30, @rand_addr=' \x01\x00', @private2={0xfc, 0x2, '\x00', 0x1}, 0x8, 0x10, 0x100, 0x3}})
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(r5, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r7, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=""/19, 0x13}, 0x6}], 0x1, 0x1832b, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
setsockopt$inet6_int(r7, 0x29, 0x4d, &(0x7f0000000180)=0x8, 0x4)
r8 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r8, 0x0, 0x0, 0x2409c8c1, 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000100)=<r9=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x30, 0x18, 0x1, 0x70bd26, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1ff}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000)
sendmsg$NFC_CMD_FW_DOWNLOAD(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r3, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000040)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r2)

887.587621ms ago: executing program 0 (id=1743):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x1, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[])

681.366839ms ago: executing program 3 (id=1744):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4004, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc79}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000000), &(0x7f0000000140)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

575.834683ms ago: executing program 3 (id=1745):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x9, 0x2, 0x3, 0x8, 0x4}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, 0x0)

518.447173ms ago: executing program 0 (id=1746):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000001640)=ANY=[@ANYBLOB="01000000000000002100004000000000"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

487.86868ms ago: executing program 3 (id=1747):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfb}}, 0x10}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420fa62d", 0x11}], 0x1, 0x0, 0x5e}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}, 0x1c)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x4000000)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000000)=0x1, 0x1ff, 0x3)
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x3, 0xfffefffd}, 0x0, {0x0, 0x2}, 0x0, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000040)={0x36, 0x7, 0x4, 0x9, 0x1, 0x80})
tkill(r0, 0x7)
r2 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
process_vm_writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/248, 0xf8}], 0x1, &(0x7f0000000480)=[{&(0x7f00000021c0)=""/4096, 0x1000}], 0x1, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@updpolicy={0xb4, 0x19, 0x1, 0xffffffff, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x5}, 0x1c)

394.052722ms ago: executing program 4 (id=1748):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000000640)="52348bf9812fc081678b5760a4c4967393fd8939aaf12a894c5424df616c4eea14fbac2dad114a75c405d89fafa5715b56abba4bbceca456d8225e3f6eb57a03287e74c7bd74e40e3fda3150f92d181e7c82cb2f8ea0416fc4c0f111161cdb9a52911925644e25f871d02f403c83214f830f93b30b874e75cab53f1ed7871f21c0d654a47fab0637868517d7e8d9915e99b4dc2dcafdcb2ef2a012ec95418a544c32181fb969e01318e00a12fd1b2a0eb57bcf7de086e320f2d4be4e1453010be849e4d7db", 0xc5}], 0x1}}], 0x1, 0x4000840)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

295.617678ms ago: executing program 4 (id=1749):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000011c0)={0x14, 0x0, 0x5953a6d8b15e6715, 0x70bd2c}, 0x14}}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r1)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x29, 0xa, 0x3, 0x6, 0x30, @rand_addr=' \x01\x00', @private2={0xfc, 0x2, '\x00', 0x1}, 0x8, 0x10, 0x100, 0x3}})
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(r5, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r7, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=""/19, 0x13}, 0x6}], 0x1, 0x1832b, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
setsockopt$inet6_int(r7, 0x29, 0x4d, &(0x7f0000000180)=0x8, 0x4)
r8 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r8, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x30, 0x18, 0x1, 0x70bd26, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1ff}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000)
sendmsg$NFC_CMD_FW_DOWNLOAD(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r3, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000040)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r2)

227.950037ms ago: executing program 0 (id=1750):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="ad43"], 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet(r1, &(0x7f0000000d00)=[{{&(0x7f0000000c80)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000c40)}}], 0x1, 0x4000)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[], 0x20}], 0x1}, 0x300)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000200)=ANY=[@ANYBLOB="00000000000007000001000000000000000000001294200c8d8a2ef2eb0831614ff8bf4afa37724e7ec462c046576ad80265177e5e4e429ebe422ffc3c94fb48959e3779871a3fb0e93616c2"], 0x14}, 0x1, 0x0, 0x0, 0x20040815}, 0x800)
shutdown(r1, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000003c0)=[@in6={0xa, 0x4e23, 0x20000000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}], 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b05, &(0x7f0000000000)={'wlan1\x00'})
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000100)={r6, r6, 0xfffe, 0x0, 0x0, 0xc2, 0x85, 0x15c2, 0x5886, 0x6, 0x0, 0x0, 'syz0\x00'})

218.84816ms ago: executing program 2 (id=1751):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r0)
sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000001e40)={&(0x7f0000000040)={0x1c, r1, 0xb094f4ca39c97ca1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40)

0s ago: executing program 0 (id=1752):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010d57b", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008004040"], 0x3c}, 0x1, 0x0, 0x0, 0x20040}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

bytes leftover after parsing attributes in process `syz.3.351'.
[  130.785177][ T7105] netlink: 'syz.4.350': attribute type 39 has an invalid length.
[  130.810161][ T7103] netlink: 28 bytes leftover after parsing attributes in process `syz.3.351'.
[  130.837342][ T7108] netlink: 24 bytes leftover after parsing attributes in process `syz.1.352'.
[  130.878078][ T7098] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  130.931211][ T7103] netlink: 128 bytes leftover after parsing attributes in process `syz.3.351'.
[  130.945662][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.1.352'.
[  130.962778][ T7102] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.293988][ T7122] netlink: 'syz.1.355': attribute type 16 has an invalid length.
[  131.316111][ T7122] netlink: 'syz.1.355': attribute type 17 has an invalid length.
[  131.395524][ T7122] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  131.534019][ T5837] vhci_hcd: vhci_device speed not set
[  132.045264][ T7131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.358'.
[  132.350187][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.358415][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  132.868800][ T7143] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  132.877525][ T7143] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  132.889071][ T7143] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  133.103846][ T1207] usb 4-1: new low-speed USB device number 5 using dummy_hcd
[  133.141059][ T7152] netlink: 'syz.2.364': attribute type 39 has an invalid length.
[  133.253823][ T5837] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  133.323841][ T1207] usb 4-1: Invalid ep0 maxpacket: 16
[  133.473271][ T1207] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  133.832196][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 116, changing to 10
[  133.846091][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25971, setting to 1024
[  133.881518][ T5837] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  133.910323][ T5837] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  133.929747][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.949052][ T5837] usb 1-1: config 0 descriptor??
[  134.017456][ T7148] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  134.034269][ T1207] usb 4-1: Invalid ep0 maxpacket: 16
[  134.124413][ T1207] usb usb4-port1: attempt power cycle
[  134.370527][ T7169] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input13
[  134.946314][ T5837] plantronics 0003:047F:FFFF.0001: reserved main item tag 0xd
[  134.994061][ T1207] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  135.638316][ T5837] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  135.737411][ T1207] usb 4-1: device descriptor read/8, error -71
[  135.737672][ T5837] usb 1-1: USB disconnect, device number 3
[  135.977642][ T7180] fido_id[7180]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  136.301429][ T7198] netlink: 'syz.2.377': attribute type 16 has an invalid length.
[  136.312044][ T7198] netlink: 'syz.2.377': attribute type 17 has an invalid length.
[  136.325519][ T7194] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.337913][ T7194] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.908094][ T7198] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  137.081910][ T7203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.379'.
[  137.135205][ T7203] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input15
[  137.325072][   T30] audit: type=1400 audit(1753969077.074:390): avc:  denied  { allowed } for  pid=7212 comm="syz.0.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  137.454352][   T30] audit: type=1400 audit(1753969077.094:391): avc:  denied  { create } for  pid=7212 comm="syz.0.384" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  138.093812][   T30] audit: type=1400 audit(1753969077.094:392): avc:  denied  { map } for  pid=7212 comm="syz.0.384" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=12069 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  140.223832][   T30] audit: type=1400 audit(1753969077.094:393): avc:  denied  { read write } for  pid=7212 comm="syz.0.384" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=12069 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  140.273814][   T30] audit: type=1400 audit(1753969077.314:394): avc:  denied  { getopt } for  pid=7209 comm="syz.2.382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  141.361983][ T7231] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.427643][ T7238] tipc: Started in network mode
[  141.432562][ T7238] tipc: Node identity 0a5b6a5d28c8, cluster identity 4711
[  141.448619][ T7238] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  141.462980][ T7238] syzkaller0: entered promiscuous mode
[  141.480390][ T7238] syzkaller0: entered allmulticast mode
[  141.564551][ T7238] tipc: Resetting bearer <eth:syzkaller0>
[  141.573182][ T7236] tipc: Resetting bearer <eth:syzkaller0>
[  141.583381][ T7236] tipc: Disabling bearer <eth:syzkaller0>
[  141.731697][ T7254] Failed to initialize the IGMP autojoin socket (err -2)
[  142.339975][ T3449] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x7
[  143.018690][ T7281] netlink: 24 bytes leftover after parsing attributes in process `syz.0.404'.
[  143.151179][ T7281] netlink: 4 bytes leftover after parsing attributes in process `syz.0.404'.
[  143.722102][ T7295] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  143.752811][ T7294] Failed to initialize the IGMP autojoin socket (err -2)
[  144.057005][ T7312] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  144.100448][ T7315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.414'.
[  144.875378][ T7332] netlink: 16 bytes leftover after parsing attributes in process `syz.3.423'.
[  146.902527][   T30] audit: type=1400 audit(1753969086.644:395): avc:  denied  { read } for  pid=7325 comm="syz.2.419" name="usbmon1" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  147.011672][   T30] audit: type=1400 audit(1753969086.644:396): avc:  denied  { open } for  pid=7325 comm="syz.2.419" path="/dev/usbmon1" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  147.049841][   T30] audit: type=1400 audit(1753969086.644:397): avc:  denied  { ioctl } for  pid=7325 comm="syz.2.419" path="/dev/usbmon1" dev="devtmpfs" ino=717 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  147.104253][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  147.415950][   T24] usb 1-1: Using ep0 maxpacket: 16
[  147.434492][   T24] usb 1-1: config 0 has no interfaces?
[  147.558558][   T24] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  147.822293][   T24] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  147.906950][   T24] usb 1-1: Manufacturer: syz
[  147.930934][   T24] usb 1-1: config 0 descriptor??
[  148.170743][ T7359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.192078][ T7359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.413546][   T30] audit: type=1400 audit(1753969088.044:398): avc:  denied  { mounton } for  pid=7384 comm="syz.1.438" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  148.437463][ T7387] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  149.058465][  T974] usb 1-1: USB disconnect, device number 4
[  149.403893][ T5900] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  150.943891][ T5900] usb 5-1: device descriptor read/64, error -71
[  151.714018][ T5900] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  152.003861][ T7421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.450'.
[  152.385883][ T7436] netlink: 28 bytes leftover after parsing attributes in process `syz.1.454'.
[  152.395721][ T7436] netlink: 28 bytes leftover after parsing attributes in process `syz.1.454'.
[  156.069192][ T7455] syzkaller0: entered promiscuous mode
[  156.078258][ T7455] syzkaller0: entered allmulticast mode
[  156.343982][ T5955] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  156.623858][ T5955] usb 4-1: Using ep0 maxpacket: 8
[  156.637195][ T7465] netlink: 'syz.2.463': attribute type 16 has an invalid length.
[  156.662284][ T5955] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  156.671895][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.673956][ T7465] netlink: 'syz.2.463': attribute type 17 has an invalid length.
[  156.679980][ T5955] usb 4-1: Product: syz
[  156.692095][ T5955] usb 4-1: Manufacturer: syz
[  156.697397][ T5955] usb 4-1: SerialNumber: syz
[  156.999929][ T7471] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  157.155597][ T5955] usb 4-1: config 0 descriptor??
[  157.174494][ T7465] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  157.371238][ T5955] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  158.534974][ T7486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.469'.
[  158.870885][ T7496] netlink: 100 bytes leftover after parsing attributes in process `syz.4.473'.
[  158.924845][ T5955] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  159.097866][ T5955] usb 4-1: USB disconnect, device number 9
[  159.766432][ T7502] syzkaller0: entered promiscuous mode
[  159.840006][ T7502] syzkaller0: entered allmulticast mode
[  160.308261][ T7518] netlink: 4 bytes leftover after parsing attributes in process `syz.2.479'.
[  160.360997][ T7518] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input16
[  160.464002][ T7520] kvm: user requested TSC rate below hardware speed
[  160.475575][ T7520] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  160.496975][ T7525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.482'.
[  161.213927][ T5837] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  161.657791][   T30] audit: type=1400 audit(1753969101.404:399): avc:  denied  { unmount } for  pid=7534 comm="syz.3.485" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  161.764864][ T7533] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  161.771390][ T7533] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  161.778964][ T7533] vhci_hcd vhci_hcd.0: Device attached
[  161.791792][ T7544] vhci_hcd: connection closed
[  161.803934][ T5837] usb 5-1: device descriptor read/64, error -71
[  161.868186][ T3499] vhci_hcd: stop threads
[  161.872440][ T3499] vhci_hcd: release socket
[  162.483868][ T1207] vhci_hcd: vhci_device speed not set
[  162.719062][ T3499] vhci_hcd: disconnect device
[  162.811957][ T1207] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  162.832229][ T1207] usb 33-1: enqueue for inactive port 0
[  162.833849][ T5837] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  162.913859][ T1207] vhci_hcd: vhci_device speed not set
[  162.983896][ T5837] usb 5-1: device descriptor read/64, error -71
[  163.105039][ T5837] usb usb5-port1: attempt power cycle
[  163.132114][ T7558] netlink: 24 bytes leftover after parsing attributes in process `syz.0.490'.
[  163.228678][ T7560] netlink: 'syz.1.489': attribute type 39 has an invalid length.
[  163.344246][ T7565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.490'.
[  163.453879][ T5837] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  163.486817][ T5837] usb 5-1: device descriptor read/8, error -71
[  163.853827][ T5837] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  164.039412][ T7575] v: renamed from dummy0 (while UP)
[  164.043816][ T5837] usb 5-1: device descriptor read/8, error -71
[  164.174659][ T5837] usb usb5-port1: unable to enumerate USB device
[  164.326708][   T30] audit: type=1400 audit(1753969104.064:400): avc:  denied  { write } for  pid=7580 comm="syz.1.495" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  164.549619][ T7583] netlink: 4 bytes leftover after parsing attributes in process `syz.4.494'.
[  165.010658][ T7590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.496'.
[  165.048744][ T7590] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input17
[  166.286659][ T5879] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  166.517660][ T7615] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  166.724171][ T5879] usb 4-1: Using ep0 maxpacket: 16
[  166.737909][ T5879] usb 4-1: config 0 has no interfaces?
[  166.859386][ T5879] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  166.935261][ T5879] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  166.943666][ T5879] usb 4-1: Manufacturer: syz
[  167.922258][ T5879] usb 4-1: config 0 descriptor??
[  167.953945][ T7628] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  168.679391][ T7632] netlink: 4 bytes leftover after parsing attributes in process `syz.2.507'.
[  168.731962][ T7632] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input18
[  168.738021][ T7637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.508'.
[  168.771594][ T5900] usb 4-1: USB disconnect, device number 10
[  171.626811][ T7667] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  171.718136][ T7674] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  172.513993][ T7686] netlink: 28 bytes leftover after parsing attributes in process `syz.1.521'.
[  172.644004][ T7686] netlink: 28 bytes leftover after parsing attributes in process `syz.1.521'.
[  172.828564][ T7685] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  173.226857][   T30] audit: type=1400 audit(1753969112.964:401): avc:  denied  { connect } for  pid=7701 comm="syz.2.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  173.915568][   T30] audit: type=1400 audit(1753969113.024:402): avc:  denied  { write } for  pid=7701 comm="syz.2.527" path="socket:[13951]" dev="sockfs" ino=13951 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  173.938773][    C1] vkms_vblank_simulate: vblank timer overrun
[  173.998523][   T30] audit: type=1400 audit(1753969113.594:403): avc:  denied  { read } for  pid=7701 comm="syz.2.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  174.131348][ T7708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.528'.
[  175.923911][   T24] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  176.140293][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.250409][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.260731][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  176.286047][   T24] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  176.305248][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.334464][   T24] usb 2-1: config 0 descriptor??
[  176.586363][ T7743] nbd: must specify at least one socket
[  176.820525][   T24] plantronics 0003:047F:FFFF.0002: reserved main item tag 0xd
[  176.830444][ T7740] kvm: user requested TSC rate below hardware speed
[  177.083482][   T24] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  177.279388][   T24] usb 2-1: USB disconnect, device number 7
[  177.603029][ T7751] fido_id[7751]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  178.304867][ T7757] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.544'.
[  178.571385][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.547'.
[  178.799477][ T7764] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input20
[  181.012363][ T7790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  181.092094][ T7790] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input21
[  181.190086][ T7793] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.556'.
[  181.948757][ T7805] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  182.466318][ T7808] netlink: 4 bytes leftover after parsing attributes in process `syz.4.559'.
[  182.612506][ T7816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.563'.
[  182.626698][ T7816] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input22
[  185.019690][ T7828] Failed to initialize the IGMP autojoin socket (err -2)
[  186.082844][ T7844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.570'.
[  186.096350][   T30] audit: type=1400 audit(1753969125.844:404): avc:  denied  { bind } for  pid=7842 comm="syz.1.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  186.263958][ T5837] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  187.392303][ T7851] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  187.413355][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  187.419416][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  187.425510][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  187.519851][ T7856] netlink: 4 bytes leftover after parsing attributes in process `syz.3.574'.
[  187.562251][ T5837] usb 5-1: device descriptor read/64, error -71
[  188.333956][ T5837] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  188.730890][ T7872] fuse: Unknown parameter 'fd0x0000000000000003'
[  189.560886][ T7875] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  189.885580][ T7888] syzkaller0: entered promiscuous mode
[  189.891135][ T7888] syzkaller0: entered allmulticast mode
[  190.163821][ T5900] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  190.318114][ T5900] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.328354][ T5900] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  190.339363][ T5900] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  190.348727][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.377014][ T5900] usb 4-1: config 0 descriptor??
[  190.469978][ T7893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.585'.
[  190.528696][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.586'.
[  190.570263][ T7896] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input23
[  190.618160][ T7889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.627587][ T7889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.641005][ T7909] netlink: 4 bytes leftover after parsing attributes in process `syz.0.590'.
[  192.146480][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.4.591'.
[  192.159008][ T7914] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input24
[  192.212683][ T5841] udevd[5841]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  192.227711][ T7909] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input25
[  192.537529][ T7922] fuse: Unknown parameter 'fd0x0000000000000003'
[  193.792664][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.025220][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  194.514821][ T5900] usb 4-1: USB disconnect, device number 11
[  194.588185][ T7929] kvm: user requested TSC rate below hardware speed
[  194.814172][ T7936] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.598'.
[  196.558030][ T7965] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  198.638819][ T7981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.610'.
[  198.675612][ T5837] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  198.788579][ T7981] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input26
[  199.302053][ T7983] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  199.448198][ T5837] usb 2-1: Using ep0 maxpacket: 8
[  199.465294][ T5837] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  199.486582][ T5837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.502376][ T5837] usb 2-1: Product: syz
[  199.520376][ T5837] usb 2-1: Manufacturer: syz
[  199.551169][ T5837] usb 2-1: SerialNumber: syz
[  199.574323][ T5837] usb 2-1: config 0 descriptor??
[  199.579595][ T7994] netlink: 4 bytes leftover after parsing attributes in process `syz.4.612'.
[  199.633043][ T7994] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input27
[  200.408850][ T5837] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  200.675893][ T8008] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  202.287900][ T5837] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  202.321888][ T5837] usb 2-1: USB disconnect, device number 8
[  202.372968][ T8023] netlink: 28 bytes leftover after parsing attributes in process `syz.2.621'.
[  202.382071][ T8023] netlink: 28 bytes leftover after parsing attributes in process `syz.2.621'.
[  202.468619][ T8022] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.097617][ T8030] netlink: 'syz.1.622': attribute type 16 has an invalid length.
[  203.107732][ T8030] netlink: 'syz.1.622': attribute type 17 has an invalid length.
[  203.235424][ T8030] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  203.281284][ T8034] netlink: 28 bytes leftover after parsing attributes in process `syz.4.624'.
[  203.293962][ T8034] netlink: 28 bytes leftover after parsing attributes in process `syz.4.624'.
[  203.356903][ T8034] netlink: 128 bytes leftover after parsing attributes in process `syz.4.624'.
[  203.369155][ T8033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.567253][ T8042] netlink: 100 bytes leftover after parsing attributes in process `syz.1.627'.
[  203.798576][ T8044] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  203.805104][ T8044] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  203.812859][ T8044] vhci_hcd vhci_hcd.0: Device attached
[  203.956236][ T8045] vhci_hcd: connection closed
[  203.957034][   T36] vhci_hcd: stop threads
[  203.973990][   T36] vhci_hcd: release socket
[  203.985694][   T36] vhci_hcd: disconnect device
[  204.031301][ T8053] netlink: 24 bytes leftover after parsing attributes in process `syz.1.631'.
[  204.077548][ T8053] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'.
[  204.674707][ T8055] netlink: 'syz.0.632': attribute type 16 has an invalid length.
[  204.684089][ T8055] netlink: 'syz.0.632': attribute type 17 has an invalid length.
[  204.727182][ T8055] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  204.950492][   T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  204.956073][ T8071] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  204.985886][ T8071] tipc: Resetting bearer <eth:syzkaller0>
[  205.094667][ T8070] tipc: Disabling bearer <eth:syzkaller0>
[  205.326177][   T24] usb 4-1: Using ep0 maxpacket: 8
[  206.083103][ T8084] netlink: 100 bytes leftover after parsing attributes in process `syz.4.639'.
[  206.148529][   T24] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  206.158341][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.168996][   T24] usb 4-1: Product: syz
[  206.173158][   T24] usb 4-1: Manufacturer: syz
[  206.177785][   T24] usb 4-1: SerialNumber: syz
[  206.193477][   T24] usb 4-1: config 0 descriptor??
[  206.335369][ T8098] netlink: 28 bytes leftover after parsing attributes in process `syz.4.642'.
[  206.374448][ T8098] netlink: 28 bytes leftover after parsing attributes in process `syz.4.642'.
[  206.410345][   T24] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  206.436208][ T8098] netlink: 128 bytes leftover after parsing attributes in process `syz.4.642'.
[  206.457287][ T8097] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.185186][   T30] audit: type=1400 audit(1753969146.924:405): avc:  denied  { append } for  pid=8114 comm="syz.2.650" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  208.458632][   T24] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  208.501980][   T24] usb 4-1: USB disconnect, device number 12
[  208.510357][ T8124] kvm: user requested TSC rate below hardware speed
[  208.580071][ T8127] netlink: 100 bytes leftover after parsing attributes in process `syz.4.653'.
[  209.188729][ T8144] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  209.674581][ T8155] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  209.939907][ T8159] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  210.612039][ T8179] netlink: 24 bytes leftover after parsing attributes in process `syz.2.673'.
[  211.634214][ T8179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.673'.
[  213.090671][ T8201] Failed to initialize the IGMP autojoin socket (err -2)
[  213.241659][ T8205] netlink: 36 bytes leftover after parsing attributes in process `syz.2.680'.
[  213.596819][ T8214] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  213.669074][ T8218] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  213.675594][ T8218] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  213.683461][ T8218] vhci_hcd vhci_hcd.0: Device attached
[  213.926492][ T8219] vhci_hcd: connection closed
[  213.927261][   T12] vhci_hcd: stop threads
[  213.943933][ T5879] vhci_hcd: vhci_device speed not set
[  213.946498][   T12] vhci_hcd: release socket
[  213.964608][   T12] vhci_hcd: disconnect device
[  214.003799][ T5879] usb 33-1: new full-speed USB device number 3 using vhci_hcd
[  214.050595][ T5879] usb 33-1: enqueue for inactive port 0
[  214.099614][ T8226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.684'.
[  214.136306][ T5879] vhci_hcd: vhci_device speed not set
[  214.332203][ T8234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.689'.
[  216.930213][ T8269] netlink: 28 bytes leftover after parsing attributes in process `syz.4.700'.
[  217.065587][ T8269] netlink: 28 bytes leftover after parsing attributes in process `syz.4.700'.
[  217.100013][ T8269] netlink: 128 bytes leftover after parsing attributes in process `syz.4.700'.
[  217.109967][ T8274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.701'.
[  217.313819][ T8266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  218.143798][ T1207] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  219.007239][ T1207] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  219.017609][ T1207] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  219.027526][ T1207] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  219.054253][ T1207] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.094306][ T1207] usb 4-1: config 0 descriptor??
[  219.634834][ T8289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.643577][ T8289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.779853][ T8317] kvm: user requested TSC rate below hardware speed
[  219.833827][ T5900] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  219.952941][   T36] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x7
[  220.424122][ T5900] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.435473][ T5900] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.445497][ T5900] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  220.458457][ T5900] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  220.468337][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.584917][ T8334] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  221.026269][ T5900] usb 1-1: config 0 descriptor??
[  221.676902][ T8341] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  222.074507][ T5900] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd
[  222.125633][ T5900] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  222.667908][ T5900] usb 1-1: USB disconnect, device number 5
[  222.787532][ T5879] usb 4-1: USB disconnect, device number 13
[  222.791752][ T8350] fido_id[8350]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  223.942835][ T8372] syzkaller0: entered promiscuous mode
[  223.951468][ T8372] syzkaller0: entered allmulticast mode
[  223.957482][ T8368] netlink: 12 bytes leftover after parsing attributes in process `syz.3.729'.
[  223.994340][ T8371] kvm: user requested TSC rate below hardware speed
[  226.847124][ T8389] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.073810][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  227.726671][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 116, changing to 10
[  227.737866][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25971, setting to 1024
[  227.749416][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  228.299930][   T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  228.314544][ T8409] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.356231][ T8415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.744'.
[  228.400230][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.022573][   T24] usb 4-1: config 0 descriptor??
[  229.085086][ T8415] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input29
[  229.169619][   T24] usb 4-1: can't set config #0, error -71
[  229.179048][   T24] usb 4-1: USB disconnect, device number 14
[  229.318579][ T5955] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  229.588426][ T8430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.748'.
[  229.617665][ T8430] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input30
[  230.281231][ T5955] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.310091][ T5955] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  230.361857][ T5955] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  230.374849][ T8442] netlink: 28 bytes leftover after parsing attributes in process `syz.2.749'.
[  230.397513][ T5955] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.418919][ T8442] netlink: 28 bytes leftover after parsing attributes in process `syz.2.749'.
[  230.583442][ T5955] usb 5-1: config 0 descriptor??
[  230.601737][ T8448] netlink: 128 bytes leftover after parsing attributes in process `syz.2.749'.
[  230.623127][ T5955] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  230.633325][ T8450] netlink: 4 bytes leftover after parsing attributes in process `syz.1.752'.
[  231.055313][ T8441] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.216741][ T5955] usb 5-1: USB disconnect, device number 10
[  232.488535][ T8474] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  232.498825][ T8474] tipc: Resetting bearer <eth:syzkaller0>
[  232.509754][ T8473] tipc: Disabling bearer <eth:syzkaller0>
[  232.981712][ T1207] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  233.122781][ T8476] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  233.588474][ T1207] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  233.654064][ T1207] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  233.674645][ T1207] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  233.694207][ T1207] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  233.728974][ T1207] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  233.739518][ T1207] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  233.763905][ T1207] usb 4-1: Manufacturer: syz
[  233.778483][ T1207] usb 4-1: config 0 descriptor??
[  233.842830][ T8493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.764'.
[  234.123813][ T1207] rc_core: IR keymap rc-hauppauge not found
[  234.129748][ T1207] Registered IR keymap rc-empty
[  234.620524][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.644332][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.677158][ T1207] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  234.691529][ T1207] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input31
[  234.708433][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.734460][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.763895][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.798403][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.820798][ T8508] netlink: 36 bytes leftover after parsing attributes in process `syz.2.768'.
[  234.833957][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.866238][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.917900][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.943814][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  234.963805][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  235.003941][ T1207] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  235.032266][ T1207] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  235.090903][ T1207] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  235.114046][ T1207] usb 4-1: USB disconnect, device number 15
[  235.149621][ T8518] Failed to initialize the IGMP autojoin socket (err -2)
[  235.504999][ T8524] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  235.862715][ T8525] netlink: 4 bytes leftover after parsing attributes in process `syz.1.775'.
[  237.965219][   T30] audit: type=1400 audit(1753969177.694:406): avc:  denied  { write } for  pid=8546 comm="syz.4.781" name="igmp6" dev="proc" ino=4026533280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  241.210239][ T8563] netlink: 20 bytes leftover after parsing attributes in process `syz.1.785'.
[  241.700408][ T8570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.788'.
[  242.389954][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  242.886137][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  242.914951][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  243.059016][ T8589] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  243.079259][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  243.105102][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.117312][   T24] usb 5-1: config 0 descriptor??
[  243.138049][   T24] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  243.207189][ T8595] Failed to initialize the IGMP autojoin socket (err -2)
[  243.554869][ T8597] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  243.866211][ T8572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  243.910303][ T8572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.646527][ T8608] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  244.659186][ T8608] tipc: Resetting bearer <eth:syzkaller0>
[  244.669937][ T8607] tipc: Disabling bearer <eth:syzkaller0>
[  244.689049][ T8610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.801'.
[  245.486092][ T8620] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  245.563792][ T8623] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  245.882348][ T8623] Failed to initialize the IGMP autojoin socket (err -2)
[  246.098015][ T5879] usb 5-1: USB disconnect, device number 11
[  246.680100][ T8647] netlink: 68 bytes leftover after parsing attributes in process `syz.1.813'.
[  246.699628][ T8649] netlink: 4 bytes leftover after parsing attributes in process `syz.4.814'.
[  246.760096][ T8645] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  247.209896][ T8657] syzkaller0: entered promiscuous mode
[  247.219939][ T8657] syzkaller0: entered allmulticast mode
[  249.114327][ T8676] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  249.140708][ T8681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.825'.
[  249.141946][ T8676] syzkaller0: entered promiscuous mode
[  249.166379][ T8676] syzkaller0: entered allmulticast mode
[  249.282908][ T8689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.828'.
[  249.307402][ T8689] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input32
[  249.872499][   T30] audit: type=1326 audit(1753969189.614:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8695 comm="syz.0.830" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x0
[  251.574173][ T8714] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  251.973862][   T30] audit: type=1400 audit(1753969191.704:408): avc:  denied  { read write } for  pid=8704 comm="syz.4.834" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  252.058288][ T8716] netlink: 44 bytes leftover after parsing attributes in process `syz.4.834'.
[  252.067375][ T8716] netlink: 'syz.4.834': attribute type 6 has an invalid length.
[  252.075121][ T8716] netlink: 'syz.4.834': attribute type 5 has an invalid length.
[  252.083205][ T8716] netlink: 'syz.4.834': attribute type 4 has an invalid length.
[  252.096056][ T8716] netlink: 20 bytes leftover after parsing attributes in process `syz.4.834'.
[  252.120891][   T30] audit: type=1400 audit(1753969191.704:409): avc:  denied  { open } for  pid=8704 comm="syz.4.834" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  252.221005][ T8724] Failed to initialize the IGMP autojoin socket (err -2)
[  252.532386][ T8725] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  252.538918][ T8725] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  252.547010][ T8725] vhci_hcd vhci_hcd.0: Device attached
[  252.561910][ T8728] vhci_hcd: connection closed
[  252.564002][ T3499] vhci_hcd: stop threads
[  252.577153][ T8731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.839'.
[  252.589580][ T3499] vhci_hcd: release socket
[  252.602003][ T3499] vhci_hcd: disconnect device
[  254.037554][ T8743] veth0_to_bond: entered allmulticast mode
[  254.787180][   T30] audit: type=1400 audit(1753969193.774:410): avc:  denied  { audit_write } for  pid=8738 comm="syz.3.841" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  254.808124][    C1] vkms_vblank_simulate: vblank timer overrun
[  256.070087][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  256.079244][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.097413][   T30] audit: type=1107 audit(1753969193.774:411): pid=8738 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯'
[  257.097172][ T8753] netlink: 28 bytes leftover after parsing attributes in process `syz.2.846'.
[  257.204516][ T8753] netlink: 28 bytes leftover after parsing attributes in process `syz.2.846'.
[  257.240555][ T8753] netlink: 128 bytes leftover after parsing attributes in process `syz.2.846'.
[  257.670432][ T8751] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  257.748608][   T30] audit: type=1326 audit(1753969197.494:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8758 comm="syz.4.847" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x0
[  260.367931][ T8790] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  260.384174][   T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  260.583938][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.586796][ T8789] Failed to initialize the IGMP autojoin socket (err -2)
[  260.651175][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.733250][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  260.866554][   T24] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  260.891087][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.921956][   T24] usb 2-1: config 0 descriptor??
[  261.038683][   T30] audit: type=1326 audit(1753969200.774:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8796 comm="syz.0.859" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x0
[  261.710587][   T24] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd
[  261.740527][   T24] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  261.772488][   T24] usb 2-1: USB disconnect, device number 9
[  262.032295][ T8806] fido_id[8806]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  262.190464][ T8809] Failed to initialize the IGMP autojoin socket (err -2)
[  262.210539][ T8807] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  262.785120][ T8816] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  263.273409][   T30] audit: type=1400 audit(1753969203.014:414): avc:  denied  { read write } for  pid=8822 comm="syz.4.866" name="rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  263.415460][   T30] audit: type=1400 audit(1753969203.014:415): avc:  denied  { open } for  pid=8822 comm="syz.4.866" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  263.477315][   T30] audit: type=1400 audit(1753969203.214:416): avc:  denied  { append } for  pid=8822 comm="syz.4.866" name="media2" dev="devtmpfs" ino=935 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  263.944100][   T30] audit: type=1400 audit(1753969203.684:417): avc:  denied  { associate } for  pid=8844 comm="syz.0.875" name="cpuset.effective_mems" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  264.043178][ T8849] Failed to initialize the IGMP autojoin socket (err -2)
[  264.072602][   T30] audit: type=1400 audit(1753969203.814:418): avc:  denied  { map } for  pid=8856 comm="syz.0.881" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  264.139637][   T30] audit: type=1400 audit(1753969203.814:419): avc:  denied  { create } for  pid=8855 comm="syz.1.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  264.169880][   T30] audit: type=1400 audit(1753969203.854:420): avc:  denied  { mount } for  pid=8859 comm="syz.4.882" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  264.209092][   T30] audit: type=1400 audit(1753969203.874:421): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  264.291582][ T8868] netlink: 'syz.3.887': attribute type 1 has an invalid length.
[  264.472986][ T8875] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  264.523602][ T8882] 8021q: adding VLAN 0 to HW filter on device bond1
[  264.532412][ T3449] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  264.684845][ T3449] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  264.827109][ T8907] Bluetooth: hci0: unsupported parameter 65535
[  264.833288][ T8907] Bluetooth: hci0: invalid length 0, exp 2 for type 4
[  265.004021][   T30] audit: type=1400 audit(1753969204.724:422): avc:  denied  { watch } for  pid=8908 comm="syz.1.903" path="/194" dev="tmpfs" ino=1010 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  265.359437][   T30] audit: type=1400 audit(1753969205.104:423): avc:  denied  { read } for  pid=8915 comm="syz.3.907" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  265.834163][  T974] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  266.375689][  T974] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  266.387397][  T974] usb 4-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[  266.397093][  T974] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.423181][  T974] usb 4-1: Product: syz
[  266.434813][  T974] usb 4-1: Manufacturer: syz
[  266.440516][  T974] usb 4-1: SerialNumber: syz
[  266.460094][  T974] usb 4-1: config 0 descriptor??
[  266.514149][ T5899] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  266.553873][ T5879] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  266.609795][ T8952] netlink: 4 bytes leftover after parsing attributes in process `syz.2.921'.
[  266.674487][ T5955] usb 4-1: USB disconnect, device number 16
[  266.683779][ T5899] usb 5-1: Using ep0 maxpacket: 32
[  266.699328][ T5899] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.724217][ T5899] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.740577][ T5879] usb 1-1: Using ep0 maxpacket: 8
[  266.752842][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.774668][ T5899] usb 5-1: config 0 interface 0 has no altsetting 0
[  266.781278][ T5899] usb 5-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  266.797252][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.813558][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.834072][ T5879] usb 1-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  266.852376][ T5899] usb 5-1: config 0 descriptor??
[  266.857978][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.888438][ T5879] usb 1-1: config 0 descriptor??
[  267.288967][ T5899] wacom 0003:056A:032C.0005: unknown main item tag 0x0
[  267.316152][ T5879] cherry 0003:046A:0027.0006: unknown main item tag 0x1
[  267.323116][ T5879] cherry 0003:046A:0027.0006: unknown main item tag 0x0
[  267.345315][ T5899] wacom 0003:056A:032C.0005: unknown main item tag 0x0
[  267.374689][ T5879] cherry 0003:046A:0027.0006: item fetching failed at offset 9/69
[  267.385536][ T5879] cherry 0003:046A:0027.0006: probe with driver cherry failed with error -22
[  267.497604][ T5879] usb 5-1: USB disconnect, device number 12
[  267.941778][ T9003] veth0_vlan: entered allmulticast mode
[  268.153885][ T9011] netlink: 20 bytes leftover after parsing attributes in process `syz.1.948'.
[  268.184410][ T9016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.949'.
[  268.207852][ T9018] netlink: 20 bytes leftover after parsing attributes in process `syz.1.948'.
[  268.334799][ T9020] mmap: syz.3.953 (9020) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  268.414011][ T9026] netlink: 52 bytes leftover after parsing attributes in process `syz.4.956'.
[  269.355671][ T5837] usb 1-1: USB disconnect, device number 6
[  269.470120][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  269.470140][   T30] audit: type=1800 audit(1753969209.214:432): pid=9081 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.978" name="bus" dev="tmpfs" ino=1107 res=0 errno=0
[  269.575000][   T30] audit: type=1326 audit(1753969209.234:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.623824][   T30] audit: type=1326 audit(1753969209.234:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.672281][   T30] audit: type=1326 audit(1753969209.234:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.711228][   T30] audit: type=1326 audit(1753969209.234:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.750496][   T30] audit: type=1326 audit(1753969209.234:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.791239][   T30] audit: type=1326 audit(1753969209.234:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.816083][   T30] audit: type=1326 audit(1753969209.234:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.867267][   T30] audit: type=1326 audit(1753969209.234:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  269.908717][ T9108] input: syz0 as /devices/virtual/input/input34
[  269.913205][   T30] audit: type=1326 audit(1753969209.234:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9082 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d77f8e9a9 code=0x7ff00000
[  270.045382][ T9115] IPv6: addrconf: prefix option has invalid lifetime
[  270.283548][ T9126] block device autoloading is deprecated and will be removed.
[  270.788931][ T9143] kvm: kvm [9142]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  271.442854][ T9197] syzkaller0: entered promiscuous mode
[  271.473950][ T9197] syzkaller0: entered allmulticast mode
[  273.248974][ T9278] orangefs_devreq_open: device cannot be opened in blocking mode
[  273.401177][ T9288] fuse: Unknown parameter '00000000000000000000'
[  273.562083][ T9301] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  273.882394][ T9319] macvtap1: entered allmulticast mode
[  273.904106][ T9319] vlan0: entered allmulticast mode
[  273.914099][ T9319] veth0_vlan: entered allmulticast mode
[  274.072529][ T9331] kvm: kvm [9328]: vcpu2, guest rIP: 0x9134 Unhandled WRMSR(0x11e) = 0x405
[  274.088401][ T9331] kvm: kvm [9328]: vcpu2, guest rIP: 0x9134 Unhandled WRMSR(0x186) = 0x2c05
[  274.099295][ T9331] kvm: kvm [9328]: vcpu2, guest rIP: 0x9134 Unhandled WRMSR(0x187) = 0x6505
[  274.128089][ T9331] kvm_intel: kvm [9328]: vcpu2, guest rIP: 0x9134 Unhandled WRMSR(0x1d9) = 0xa705
[  274.321792][ T9345] KVM: debugfs: duplicate directory 9345-4
[  275.818950][   T30] kauditd_printk_skb: 76 callbacks suppressed
[  275.818965][   T30] audit: type=1400 audit(1753969215.564:518): avc:  denied  { append } for  pid=9373 comm="syz.0.1092" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  275.884928][   T30] audit: type=1400 audit(1753969215.614:519): avc:  denied  { execute } for  pid=9373 comm="syz.0.1092" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  275.982556][ T9367] kvm: kvm [9366]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6680000000
[  276.032489][ T9367] kvm: kvm [9366]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xfe80000000
[  276.053221][ T9367] kvm: kvm [9366]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x3ef80000800
[  276.678219][ T9401] warning: `syz.3.1093' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  276.801209][ T9399] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  276.871373][   T30] audit: type=1400 audit(1753969216.614:520): avc:  denied  { mount } for  pid=9412 comm="syz.4.1105" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  276.936268][   T30] audit: type=1400 audit(1753969216.644:521): avc:  denied  { watch } for  pid=9412 comm="syz.4.1105" path="/215/file0" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  276.972012][   T30] audit: type=1400 audit(1753969216.654:522): avc:  denied  { setopt } for  pid=9415 comm="syz.0.1106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  277.013887][   T30] audit: type=1400 audit(1753969216.664:523): avc:  denied  { listen } for  pid=9415 comm="syz.0.1106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  277.042910][   T30] audit: type=1400 audit(1753969216.664:524): avc:  denied  { write } for  pid=9415 comm="syz.0.1106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  277.084287][ T5826] Bluetooth: hci1: unexpected event for opcode 0x0c22
[  277.109022][   T30] audit: type=1400 audit(1753969216.664:525): avc:  denied  { accept } for  pid=9415 comm="syz.0.1106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  277.139113][ T5826] Bluetooth: hci1: unexpected event for opcode 0x0c22
[  277.179808][   T30] audit: type=1400 audit(1753969216.674:526): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  277.200093][   T30] audit: type=1400 audit(1753969216.804:527): avc:  denied  { append } for  pid=9426 comm="syz.0.1109" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  277.387091][ T9445] 9pnet_virtio: no channels available for device syz
[  277.547749][ T9456] loop2: detected capacity change from 0 to 7
[  277.560871][ T9456] Dev loop2: unable to read RDB block 7
[  277.566618][ T9456]  loop2: unable to read partition table
[  277.572374][ T9456] loop2: partition table beyond EOD, truncated
[  277.578927][ T9456] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  277.744480][ T5879] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  277.907654][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.918732][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.928583][ T5879] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  277.946518][ T5879] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  277.957694][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.973101][ T5879] usb 3-1: config 0 descriptor??
[  278.322277][ T9480] netlink: 'syz.4.1132': attribute type 10 has an invalid length.
[  278.352997][ T9480] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  278.392355][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.414932][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.422338][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.440267][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.454441][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.461957][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.471025][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.479634][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.488633][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.497181][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.507035][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.515827][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.523314][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.532843][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.541514][ T5879] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  278.562687][ T5879] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  278.653222][ T5879] usb 3-1: USB disconnect, device number 2
[  278.676354][ T9487] fido_id[9487]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:047F:FFFF.0007/report_descriptor': No such device
[  278.744769][ T9490] kvm: pic: single mode not supported
[  278.745086][ T9490] kvm: pic: level sensitive irq not supported
[  279.450060][ T9519] Failed to initialize the IGMP autojoin socket (err -2)
[  280.288176][ T9557] syzkaller0: entered promiscuous mode
[  280.293688][ T9557] syzkaller0: entered allmulticast mode
[  280.359454][ T5826] Bluetooth: hci1: Malformed HCI Event: 0x22
[  280.487428][ T9566] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  280.506675][ T9566] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  280.518064][ T9566] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  280.528673][ T9566] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  280.536880][ T9566] kvm: requested 170133 ns i8254 timer period limited to 200000 ns
[  280.545433][ T9566] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  280.553314][ T9566] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  280.561416][ T9566] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  280.653437][ T9576] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  281.033924][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  281.033940][   T30] audit: type=1400 audit(1753969220.774:533): avc:  denied  { firmware_load } for  pid=9600 comm="syz.0.1181" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  281.130758][ T9602] syz.0.1181 (9602) used greatest stack depth: 19752 bytes left
[  282.644141][ T5955] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  282.805741][ T5955] usb 1-1: Using ep0 maxpacket: 32
[  282.816747][ T5955] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  282.825278][ T5955] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  282.837575][ T5955] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  282.856244][ T5955] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  282.882475][ T9659] kvm: kvm [9655]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  282.891054][ T5955] usb 1-1: config 0 interface 0 has no altsetting 0
[  282.904075][ T5955] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  282.913614][ T5955] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  282.931228][ T5955] usb 1-1: Product: syz
[  282.936830][ T5955] usb 1-1: Manufacturer: syz
[  282.949896][ T5955] usb 1-1: SerialNumber: syz
[  282.961358][ T5955] usb 1-1: config 0 descriptor??
[  282.972986][ T5955] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  283.000019][ T5955] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  283.210810][ T9678] Failed to initialize the IGMP autojoin socket (err -2)
[  283.437475][ T9690] capability: warning: `syz.3.1217' uses deprecated v2 capabilities in a way that may be insecure
[  283.597210][ T5837] usb 1-1: USB disconnect, device number 7
[  283.623643][ T5837] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  283.800016][   T30] audit: type=1326 audit(1753969223.544:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  283.830104][   T30] audit: type=1326 audit(1753969223.544:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  283.857330][   T30] audit: type=1326 audit(1753969223.544:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  283.889613][   T30] audit: type=1326 audit(1753969223.544:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  283.921279][   T30] audit: type=1326 audit(1753969223.544:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  283.947688][   T30] audit: type=1326 audit(1753969223.544:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  283.987092][   T30] audit: type=1326 audit(1753969223.544:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  284.011632][   T30] audit: type=1326 audit(1753969223.544:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  284.038018][ T9721] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  284.047031][   T30] audit: type=1326 audit(1753969223.544:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.4.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  284.107411][ T9721] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  284.145125][ T9724] KVM: debugfs: duplicate directory 9724-10
[  284.746578][   T24] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  284.906702][   T24] usb 4-1: Using ep0 maxpacket: 32
[  284.929142][   T24] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  284.939553][   T24] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  284.953864][   T24] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  284.981567][   T24] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  285.142168][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  285.161074][   T24] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  285.182003][   T24] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  285.193791][   T24] usb 4-1: Product: syz
[  285.197951][   T24] usb 4-1: Manufacturer: syz
[  285.202535][   T24] usb 4-1: SerialNumber: syz
[  285.381172][   T24] usb 4-1: config 0 descriptor??
[  285.500149][   T24] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  285.626876][   T24] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  285.692838][ T9789] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  285.758051][ T9747] ldusb 4-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  285.763597][   T24] usb 4-1: USB disconnect, device number 17
[  285.765242][    C0] ldusb 4-1:0.0: usb_submit_urb failed (-19)
[  285.780866][   T24] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  285.851199][ T9796] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  286.471442][ T9822] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  286.762009][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  286.762024][   T30] audit: type=1400 audit(1753969226.504:610): avc:  denied  { write } for  pid=9839 comm="syz.4.1277" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  286.867922][   T30] audit: type=1400 audit(1753969226.574:611): avc:  denied  { read write } for  pid=9845 comm="syz.3.1279" name="sg0" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  286.941304][   T30] audit: type=1400 audit(1753969226.574:612): avc:  denied  { open } for  pid=9845 comm="syz.3.1279" path="/dev/sg0" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  287.036371][   T30] audit: type=1400 audit(1753969226.574:613): avc:  denied  { ioctl } for  pid=9845 comm="syz.3.1279" path="/dev/sg0" dev="devtmpfs" ino=753 ioctlcmd=0x5393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  287.656910][ T9884] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=9884 comm=syz.3.1296
[  288.222665][ T9921] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  289.407145][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  289.416962][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  289.425666][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  289.471637][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  289.481272][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  289.617074][   T30] audit: type=1400 audit(1753969229.354:614): avc:  denied  { mounton } for  pid=9957 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  289.653224][ T9964] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  289.677528][ T9957] Failed to initialize the IGMP autojoin socket (err -2)
[  290.180668][ T9957] chnl_net:caif_netlink_parms(): no params data found
[  290.653883][ T5837] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  290.824145][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.885499][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.040600][ T9957] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.165069][ T5837] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  291.266585][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.311352][ T9957] bridge_slave_0: entered allmulticast mode
[  291.322294][ T5837] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  291.338101][ T9957] bridge_slave_0: entered promiscuous mode
[  291.350306][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.365173][ T9957] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.380227][ T5837] usb 1-1: config 0 descriptor??
[  291.391682][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.417136][ T9957] bridge_slave_1: entered allmulticast mode
[  291.450885][ T9957] bridge_slave_1: entered promiscuous mode
[  291.544306][ T5834] Bluetooth: hci5: command tx timeout
[  291.599664][T10027] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1343'.
[  291.738729][ T9957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.825341][ T9957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  291.850692][ T5837] plantronics 0003:047F:FFFF.0008: reserved main item tag 0xd
[  291.896331][ T5837] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  291.967527][T10037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1347'.
[  292.630630][ T5837] usb 1-1: USB disconnect, device number 8
[  292.883548][T10046] fido_id[10046]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  293.109210][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.173669][ T9957] team0: Port device team_slave_0 added
[  293.242254][ T9957] team0: Port device team_slave_1 added
[  293.683925][ T5834] Bluetooth: hci5: command tx timeout
[  293.729221][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.038869][T10077] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1358'.
[  294.076073][T10077] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1358'.
[  294.102921][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.304009][ T9957] batman_adv: batadv0: Adding interface: batadv_slave_0
[  294.310963][ T9957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.513836][ T9957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.555583][ T9957] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.562587][ T9957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.594151][ T9957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.615121][T10076] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  294.639063][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.873538][ T9957] hsr_slave_0: entered promiscuous mode
[  294.891666][ T9957] hsr_slave_1: entered promiscuous mode
[  294.908823][ T9957] debugfs: 'hsr0' already exists in 'hsr'
[  294.923223][ T9957] Cannot create hsr debugfs directory
[  295.704920][ T5834] Bluetooth: hci5: command tx timeout
[  295.748904][T10115] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  295.869505][T10121] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1368'.
[  295.894245][   T49] bridge_slave_1: left allmulticast mode
[  295.912469][   T49] bridge_slave_1: left promiscuous mode
[  295.919223][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.931829][   T49] bridge_slave_0: left allmulticast mode
[  295.938640][   T49] bridge_slave_0: left promiscuous mode
[  295.944667][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.048704][T10124] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1368'.
[  296.446484][T10138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1373'.
[  296.487099][   T30] audit: type=1326 audit(1753969236.234:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10140 comm="syz.0.1375" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x0
[  296.577647][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  296.588738][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.600151][   T49] bond0 (unregistering): Released all slaves
[  296.769205][   T49] tipc: Left network mode
[  297.063686][ T9957] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  297.150921][ T9957] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  297.343125][ T9957] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  297.549554][T10180] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1388'.
[  297.617210][ T9957] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  297.811209][ T5834] Bluetooth: hci5: command tx timeout
[  297.973877][ T1207] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  298.137393][ T1207] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  298.230528][ T1207] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  298.266802][ T1207] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.403785][ T1207] usb 4-1: config 0 descriptor??
[  298.458254][ T1207] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  298.487028][   T49] hsr_slave_0: left promiscuous mode
[  298.536541][   T49] hsr_slave_1: left promiscuous mode
[  298.555605][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.569243][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.621074][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.692015][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.720743][   T49] veth1_macvtap: left promiscuous mode
[  298.730871][   T49] veth0_macvtap: left promiscuous mode
[  298.737062][   T49] veth1_vlan: left promiscuous mode
[  298.751760][T10171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.754383][   T49] veth0_vlan: left promiscuous mode
[  298.797765][T10171] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.382661][   T49] team0 (unregistering): Port device team_slave_1 removed
[  299.446636][   T49] team0 (unregistering): Port device team_slave_0 removed
[  299.844111][T10214] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  299.880933][T10210] Failed to initialize the IGMP autojoin socket (err -2)
[  300.314627][ T9957] 8021q: adding VLAN 0 to HW filter on device team0
[  300.371741][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.379219][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.381979][T10224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1401'.
[  300.445045][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.452143][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.588772][ T5955] usb 4-1: USB disconnect, device number 18
[  301.509249][ T9957] 8021q: adding VLAN 0 to HW filter on device batadv0
[  302.324469][ T1207] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  302.904320][ T1207] usb 4-1: Using ep0 maxpacket: 16
[  302.920435][ T1207] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  302.939751][ T1207] usb 4-1: config 0 has no interface number 0
[  303.011379][ T9957] veth0_vlan: entered promiscuous mode
[  303.046873][ T1207] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  303.047503][ T9957] veth1_vlan: entered promiscuous mode
[  303.070239][ T1207] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  303.093375][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1422'.
[  303.107360][ T1207] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  303.134534][ T1207] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  303.142693][ T1207] usb 4-1: Product: syz
[  303.153858][ T1207] usb 4-1: SerialNumber: syz
[  303.221459][ T1207] usb 4-1: config 0 descriptor??
[  303.232630][ T1207] cm109 4-1:0.8: invalid payload size 0, expected 4
[  303.265434][ T1207] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input36
[  303.313890][ T9957] veth0_macvtap: entered promiscuous mode
[  303.355539][ T9957] veth1_macvtap: entered promiscuous mode
[  303.505784][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  303.509201][ T9957] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.534484][ T5837] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  303.552660][ T9957] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.569045][ T9957] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  303.595436][ T9957] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  303.631118][ T9957] wireguard: wg0: Could not create IPv4 socket
[  303.657676][ T9957] wireguard: wg1: Could not create IPv4 socket
[  303.678474][ T9957] wireguard: wg2: Could not create IPv4 socket
[  303.695853][ T5837] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  303.710410][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  303.719539][ T5900] usb 4-1: USB disconnect, device number 19
[  303.734611][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  303.753849][ T5837] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  303.768234][ T5900] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  303.783648][ T5837] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  303.801415][ T5837] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  303.825257][ T5837] usb 1-1: Manufacturer: syz
[  303.843163][ T5837] usb 1-1: config 0 descriptor??
[  304.154684][ T5837] rc_core: IR keymap rc-hauppauge not found
[  304.160616][ T5837] Registered IR keymap rc-empty
[  304.188275][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.224691][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.247015][ T5837] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  304.313385][ T5837] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input37
[  304.372335][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.434637][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.459621][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.503527][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.554093][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.574762][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.596986][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.703330][   T30] audit: type=1326 audit(1753969244.444:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  304.769002][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.783468][   T30] audit: type=1326 audit(1753969244.444:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  304.803852][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.824066][   T24] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  304.845155][ T5837] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  304.858424][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  304.867503][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  304.877030][ T5826] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  304.878609][   T30] audit: type=1326 audit(1753969244.444:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  304.907394][    C0] vkms_vblank_simulate: vblank timer overrun
[  304.916324][ T5837] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  304.930461][ T5826] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  304.931147][ T5837] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  304.950193][ T5826] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  304.953420][ T5837] usb 1-1: USB disconnect, device number 9
[  304.968764][   T30] audit: type=1326 audit(1753969244.444:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  304.986985][T10309] Failed to initialize the IGMP autojoin socket (err -2)
[  304.992119][    C0] vkms_vblank_simulate: vblank timer overrun
[  305.035730][   T30] audit: type=1326 audit(1753969244.444:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  305.045005][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.059115][    C0] vkms_vblank_simulate: vblank timer overrun
[  305.071358][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  305.086648][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  305.167563][   T30] audit: type=1326 audit(1753969244.444:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  305.172128][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  305.190962][    C0] vkms_vblank_simulate: vblank timer overrun
[  305.198666][   T30] audit: type=1326 audit(1753969244.444:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  305.246631][   T30] audit: type=1326 audit(1753969244.444:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  305.259593][   T24] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  305.304814][   T30] audit: type=1326 audit(1753969244.444:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  305.332078][   T24] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  305.355408][   T24] usb 3-1: Manufacturer: syz
[  305.369089][   T24] usb 3-1: config 0 descriptor??
[  305.402840][   T30] audit: type=1326 audit(1753969244.444:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10305 comm="syz.4.1431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x7ff00000
[  305.813752][   T24] rc_core: IR keymap rc-hauppauge not found
[  305.819669][   T24] Registered IR keymap rc-empty
[  305.837088][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  305.863856][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.089718][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  306.310646][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input38
[  306.340836][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.378426][T10325] Failed to initialize the IGMP autojoin socket (err -2)
[  306.395008][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.407764][T10347] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  306.452377][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.577020][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.615944][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.644078][T10356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1437'.
[  306.644128][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.666345][T10351] Failed to initialize the IGMP autojoin socket (err -2)
[  306.701141][T10356] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input39
[  306.713845][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.795661][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.857750][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.964394][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  306.984470][ T5826] Bluetooth: hci0: command tx timeout
[  306.987485][   T24] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  307.039028][   T24] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  307.057724][   T24] usb 3-1: USB disconnect, device number 3
[  307.534154][T10383] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input40
[  307.622164][ T9976] udevd[9976]: setting owner of /dev/input/mouse1 to uid=0, gid=104 failed: No such file or directory
[  307.826934][   T24] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  308.080563][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  308.132251][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  308.160675][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  308.178543][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  308.195763][T10388] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  308.250486][   T24] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  308.354277][   T24] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  308.362275][   T24] usb 3-1: Manufacturer: syz
[  308.403840][   T24] usb 3-1: config 0 descriptor??
[  308.708949][T10407] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  308.801636][T10309] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  308.903932][   T24] rc_core: IR keymap rc-hauppauge not found
[  308.918337][   T24] Registered IR keymap rc-empty
[  308.938082][T10411] syzkaller0: entered promiscuous mode
[  308.951191][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  308.961573][T10411] syzkaller0: entered allmulticast mode
[  308.990864][T10309] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  309.004209][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.055820][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  309.067620][ T5826] Bluetooth: hci0: command tx timeout
[  309.080362][T10309] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  309.110851][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input41
[  309.131718][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.174768][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.182134][T10309] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  309.194200][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.213908][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.257492][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.394157][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.418611][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.455473][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.475788][T10440] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1458'.
[  309.491236][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.526092][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  309.558424][   T24] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  309.597683][   T24] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  309.632840][   T24] usb 3-1: USB disconnect, device number 4
[  310.453958][ T5955] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  310.618845][T10478] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  311.102658][ T5955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.129943][T10474] Failed to initialize the IGMP autojoin socket (err -2)
[  311.138778][ T5955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.148881][ T5826] Bluetooth: hci0: command tx timeout
[  311.223099][ T5955] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  311.239011][ T5955] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  311.295635][ T5955] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.336067][ T5955] usb 4-1: config 0 descriptor??
[  311.373859][T10490] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.1466'.
[  311.706494][T10498] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1469'.
[  311.775659][T10460] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.784960][T10460] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.983116][T10309] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  312.017330][T10309] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  312.456740][T10309] wireguard: wg0: Could not create IPv4 socket
[  312.548797][T10309] wireguard: wg1: Could not create IPv4 socket
[  312.573546][T10309] wireguard: wg2: Could not create IPv4 socket
[  312.744517][T10512] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1472'.
[  312.754294][T10512] netlink: 'syz.2.1472': attribute type 6 has an invalid length.
[  312.762713][T10512] netlink: 'syz.2.1472': attribute type 5 has an invalid length.
[  312.770553][T10512] netlink: 'syz.2.1472': attribute type 4 has an invalid length.
[  312.782960][T10512] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1472'.
[  313.233045][ T5826] Bluetooth: hci0: command tx timeout
[  313.330280][ T5955] usbhid 4-1:0.0: can't add hid device: -71
[  313.336821][ T5955] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  313.425678][ T5955] usb 4-1: USB disconnect, device number 20
[  313.734816][T10523] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1475'.
[  313.784830][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  313.784844][   T30] audit: type=1326 audit(1753969253.524:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10525 comm="syz.4.1476" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x0
[  316.593842][ T5955] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  316.678819][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  316.685099][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  316.695051][T10586] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  316.785103][ T5955] usb 4-1: Using ep0 maxpacket: 16
[  316.803103][ T5955] usb 4-1: config 0 has no interfaces?
[  316.847729][ T5955] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  316.862684][ T5955] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  316.871832][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  316.879966][ T5955] usb 4-1: Manufacturer: syz
[  316.885263][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  316.892683][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  316.900808][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  316.910014][ T5955] usb 4-1: config 0 descriptor??
[  316.916356][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  316.986510][T10589] Failed to initialize the IGMP autojoin socket (err -2)
[  317.153345][T10581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.162946][T10581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.345613][ T5955] usb 4-1: USB disconnect, device number 21
[  317.767983][T10614] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  317.968866][T10622] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1494'.
[  318.019810][T10618] Failed to initialize the IGMP autojoin socket (err -2)
[  318.277881][T10634] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  318.607794][T10651] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1500'.
[  319.024073][ T5826] Bluetooth: hci0: command tx timeout
[  319.068047][T10589] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  319.185729][T10589] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  319.351712][T10589] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  320.021745][T10589] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  321.074104][ T5826] Bluetooth: hci0: command tx timeout
[  321.254065][   T30] audit: type=1400 audit(1753969260.994:683): avc:  denied  { create } for  pid=10695 comm="syz.4.1511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  321.385640][T10704] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.420815][T10704] tipc: Resetting bearer <eth:syzkaller0>
[  321.554519][T10702] tipc: Disabling bearer <eth:syzkaller0>
[  322.459967][   T30] audit: type=1326 audit(1753969262.204:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.3.1521" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb53938e9a9 code=0x0
[  323.016171][T10589] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  323.069791][T10589] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  323.154358][ T5826] Bluetooth: hci0: command tx timeout
[  323.181697][T10589] wireguard: wg0: Could not create IPv4 socket
[  323.238908][T10589] wireguard: wg1: Could not create IPv4 socket
[  323.255839][T10589] wireguard: wg2: Could not create IPv4 socket
[  324.988275][T10787] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  325.593839][ T5955] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  325.821948][ T5955] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  325.882735][ T5955] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  325.955742][ T5955] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  325.989350][ T5955] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  326.003738][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.064000][ T5955] usb 3-1: config 0 descriptor??
[  326.286517][T10803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.300876][T10803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  326.415980][T10824] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  326.811398][T10821] Failed to initialize the IGMP autojoin socket (err -2)
[  327.045871][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  327.075048][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  327.099729][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  327.107556][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  327.115576][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  327.172641][T10839] Failed to initialize the IGMP autojoin socket (err -2)
[  328.258333][ T5955] usbhid 3-1:0.0: can't add hid device: -71
[  328.283428][ T5955] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  328.344549][ T5955] usb 3-1: USB disconnect, device number 5
[  328.494250][T10879] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  328.685006][T10889] Failed to initialize the IGMP autojoin socket (err -2)
[  328.769176][   T30] audit: type=1326 audit(1753969268.504:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10894 comm="syz.3.1551" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb53938e9a9 code=0x0
[  329.160949][ T5834] Bluetooth: hci0: command tx timeout
[  329.973259][   T30] audit: type=1400 audit(1753969269.714:686): avc:  denied  { create } for  pid=10915 comm="syz.2.1556" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  330.102199][   T30] audit: type=1400 audit(1753969269.744:687): avc:  denied  { write } for  pid=10915 comm="syz.2.1556" name="file0" dev="tmpfs" ino=1827 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  330.222130][   T30] audit: type=1400 audit(1753969269.744:688): avc:  denied  { open } for  pid=10915 comm="syz.2.1556" path="/353/file0" dev="tmpfs" ino=1827 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  330.300383][   T30] audit: type=1400 audit(1753969269.824:689): avc:  denied  { unlink } for  pid=5828 comm="syz-executor" name="file0" dev="tmpfs" ino=1827 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  330.413867][   T30] audit: type=1400 audit(1753969270.134:690): avc:  denied  { setopt } for  pid=10925 comm="syz.0.1558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  330.908041][T10929] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  330.967302][   T30] audit: type=1400 audit(1753969270.644:691): avc:  denied  { connect } for  pid=10925 comm="syz.0.1558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  330.984679][T10839] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  331.035946][T10839] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  331.184293][T10839] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  331.317847][ T5834] Bluetooth: hci0: command tx timeout
[  331.470292][T10839] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  332.989013][T10965] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  333.184684][T10997] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  333.388170][ T5834] Bluetooth: hci0: command tx timeout
[  333.437081][T11005] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  333.489689][T11005] syzkaller0: entered promiscuous mode
[  333.515438][T11005] syzkaller0: entered allmulticast mode
[  333.577271][T11005] tipc: Resetting bearer <eth:syzkaller0>
[  333.628172][T11004] tipc: Resetting bearer <eth:syzkaller0>
[  333.686384][T11004] tipc: Disabling bearer <eth:syzkaller0>
[  333.767092][T10839] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  333.845873][T10839] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  333.897969][T10839] wireguard: wg0: Could not create IPv4 socket
[  333.921209][T10839] wireguard: wg1: Could not create IPv4 socket
[  333.950547][T10839] wireguard: wg2: Could not create IPv4 socket
[  335.213857][ T1207] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  335.334834][T11051] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1582'.
[  335.359715][T11051] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1582'.
[  335.374701][ T1207] usb 1-1: Using ep0 maxpacket: 32
[  335.404433][T11049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  335.415660][ T1207] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  335.424000][ T1207] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  335.443945][ T1207] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  335.474410][ T1207] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  335.503855][ T1207] usb 1-1: config 0 interface 0 has no altsetting 0
[  335.512464][ T1207] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  335.530009][ T1207] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  335.553908][ T1207] usb 1-1: Product: syz
[  335.564940][ T1207] usb 1-1: Manufacturer: syz
[  335.569533][ T1207] usb 1-1: SerialNumber: syz
[  335.581921][ T1207] usb 1-1: config 0 descriptor??
[  335.605222][ T1207] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  335.629216][ T1207] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  337.496341][T11127] fuse: Bad value for 'fd'
[  337.500817][   T30] audit: type=1400 audit(1753969277.244:692): avc:  denied  { mounton } for  pid=11125 comm="syz.3.1593" path="/315/file0" dev="tmpfs" ino=1623 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  337.568625][T11129] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1592'.
[  337.603365][T11129] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1592'.
[  337.698529][T11128] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  338.020712][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  338.033390][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  338.042972][ T5826] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  338.053420][ T5826] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  338.064210][ T5826] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  338.105212][T11155] Failed to initialize the IGMP autojoin socket (err -2)
[  339.283776][  T974] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  339.624002][  T974] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  339.637090][  T974] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  339.646866][  T974] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  339.666914][  T974] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  339.678893][  T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.717218][  T974] usb 4-1: config 0 descriptor??
[  339.934025][ T5963] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  340.036138][T11203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.047375][T11203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  340.104059][ T5963] usb 5-1: Using ep0 maxpacket: 16
[  340.106542][ T5834] Bluetooth: hci0: command tx timeout
[  340.119952][ T5963] usb 5-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice= 2.73
[  340.130341][ T5963] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.153559][ T5963] usb 5-1: Product: syz
[  340.179919][T11155] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  340.182629][ T5963] usb 5-1: Manufacturer: syz
[  340.245666][T11155] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  340.258454][ T5963] usb 5-1: SerialNumber: syz
[  340.289961][ T5963] usb 5-1: config 0 descriptor??
[  340.329690][ T5963] gspca_main: spca501-2.14.0 probing 0497:c001
[  340.333078][T11155] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  340.479991][T11155] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  340.544289][ T5963] gspca_spca501: reg write: error -71
[  340.558583][ T5963] spca501 5-1:0.0: Reg write failed for 0x02,0x07,0x05
[  340.616278][ T5963] spca501 5-1:0.0: probe with driver spca501 failed with error -22
[  340.692808][ T5963] usb 5-1: USB disconnect, device number 13
[  340.914943][T11043] ldusb 1-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110
[  340.965655][ T5963] usb 1-1: USB disconnect, device number 10
[  340.973129][ T5963] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  341.214783][   T30] audit: type=1326 audit(1753969280.934:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11239 comm="syz.4.1616" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fead8e9a9 code=0x0
[  341.294699][T11243] kvm: kvm [11242]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  341.803441][  T974] usbhid 4-1:0.0: can't add hid device: -71
[  341.809456][  T974] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  341.858385][  T974] usb 4-1: USB disconnect, device number 22
[  342.203768][ T5834] Bluetooth: hci0: command tx timeout
[  342.693828][T11273] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  343.334172][T11155] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  343.420344][T11155] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  343.587794][T11155] wireguard: wg0: Could not create IPv4 socket
[  343.621759][T11155] wireguard: wg1: Could not create IPv4 socket
[  343.649229][T11155] wireguard: wg2: Could not create IPv4 socket
[  343.831188][   T30] audit: type=1326 audit(1753969283.574:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  343.913808][   T30] audit: type=1326 audit(1753969283.574:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.044210][   T30] audit: type=1326 audit(1753969283.574:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.093477][T11320] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1634'.
[  344.134980][   T30] audit: type=1326 audit(1753969283.574:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.316409][   T30] audit: type=1326 audit(1753969283.574:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.354660][   T30] audit: type=1326 audit(1753969283.574:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.380442][   T30] audit: type=1326 audit(1753969283.574:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.408274][   T30] audit: type=1326 audit(1753969283.574:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.910496][   T30] audit: type=1326 audit(1753969283.574:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  344.937053][   T30] audit: type=1326 audit(1753969283.574:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11310 comm="syz.0.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7418e9a9 code=0x7ff00000
[  345.993985][T11363] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  346.416878][T11384] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  346.425113][T11384] syzkaller0: entered promiscuous mode
[  346.431091][T11384] syzkaller0: entered allmulticast mode
[  346.969918][T11388] tipc: Resetting bearer <eth:syzkaller0>
[  347.019498][T11383] tipc: Resetting bearer <eth:syzkaller0>
[  347.189104][T11383] tipc: Disabling bearer <eth:syzkaller0>
[  347.204281][T11376] loop2: detected capacity change from 0 to 7
[  347.229500][T11376] Dev loop2: unable to read RDB block 7
[  347.235702][T11376]  loop2: unable to read partition table
[  347.251893][T11376] loop2: partition table beyond EOD, truncated
[  347.276222][T11376] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  349.220561][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  349.230320][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  349.302685][ T5826] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  349.311532][ T5825] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  349.320470][ T5825] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  349.352563][T11456] Failed to initialize the IGMP autojoin socket (err -2)
[  350.284753][T11473] loop2: detected capacity change from 0 to 7
[  350.315200][ T9976] Dev loop2: unable to read RDB block 7
[  350.331351][ T9976]  loop2: unable to read partition table
[  350.341571][ T9976] loop2: partition table beyond EOD, truncated
[  350.383806][T11473] Dev loop2: unable to read RDB block 7
[  350.403412][T11473]  loop2: unable to read partition table
[  350.413223][T11473] loop2: partition table beyond EOD, truncated
[  350.435958][T11473] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  350.629891][T11503] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1668'.
[  351.065422][T11520] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1671'.
[  351.145476][T11517] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  351.193831][T11456] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  351.266394][T11529] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1674'.
[  351.276788][T11456] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  351.303807][T11529] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1674'.
[  351.397775][T11456] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  351.463589][T11456] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  351.524765][T11528] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  352.283032][T11557] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  353.408393][T11456] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  353.493757][T11456] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  353.532005][T11456] wireguard: wg0: Could not create IPv4 socket
[  353.545673][T11456] wireguard: wg1: Could not create IPv4 socket
[  353.578636][T11456] wireguard: wg2: Could not create IPv4 socket
[  354.826793][T11616] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  355.033886][T11629] Lens B: =================  START STATUS  =================
[  355.049955][T11629] Lens B: Focus, Absolute: 0
[  355.063808][T11629] Lens B: ==================  END STATUS  ==================
[  356.402312][T11668] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  357.263633][T11684] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  357.947413][T11718] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1712'.
[  359.226232][ T1207] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  359.513274][ T1207] usb 5-1: Using ep0 maxpacket: 8
[  359.525256][ T1207] usb 5-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  359.538897][ T1207] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  359.567229][T11758] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  359.587195][ T1207] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  359.622962][ T1207] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  359.719989][ T1207] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.742210][ T1207] usb 5-1: Product: syz
[  359.776781][ T1207] usb 5-1: Manufacturer: syz
[  359.804793][ T1207] usb 5-1: SerialNumber: syz
[  359.834287][ T1207] usb 5-1: config 0 descriptor??
[  359.877820][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  359.887835][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  359.895574][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  359.906462][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  359.918202][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  360.302383][T11769] Failed to initialize the IGMP autojoin socket (err -2)
[  360.316243][ T1207] streamzap 5-1:0.0: streamzap_probe: Unexpected desc.bNumEndpoints (0)
[  360.353415][ T1207] usb 5-1: USB disconnect, device number 14
[  361.013830][ T1207] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  361.072478][T11801] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  361.177229][ T1207] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.212880][ T1207] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  361.232579][ T1207] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  361.251570][ T1207] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  361.261068][ T1207] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  361.272327][ T1207] usb 3-1: Manufacturer: syz
[  361.300608][ T1207] usb 3-1: config 0 descriptor??
[  361.374405][   T24] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  361.519082][T11769] netdevsim netdevsim5 netdevsim0: renamed from eth5
[  361.563868][   T24] usb 4-1: Using ep0 maxpacket: 16
[  361.565878][T11769] netdevsim netdevsim5 netdevsim1: renamed from eth6
[  361.582487][   T24] usb 4-1: New USB device found, idVendor=0497, idProduct=c001, bcdDevice= 2.73
[  361.607769][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.620906][   T24] usb 4-1: Product: syz
[  361.636871][   T24] usb 4-1: Manufacturer: syz
[  361.643138][   T24] usb 4-1: SerialNumber: syz
[  361.653469][T11769] netdevsim netdevsim5 netdevsim2: renamed from eth7
[  361.663234][   T24] usb 4-1: config 0 descriptor??
[  361.699773][   T24] gspca_main: spca501-2.14.0 probing 0497:c001
[  361.735777][T11769] netdevsim netdevsim5 netdevsim3: renamed from eth8
[  361.903439][   T24] gspca_spca501: reg write: error -71
[  361.913999][   T24] spca501 4-1:0.0: Reg write failed for 0x02,0x07,0x05
[  361.927492][   T24] spca501 4-1:0.0: probe with driver spca501 failed with error -22
[  361.965087][   T24] usb 4-1: USB disconnect, device number 23
[  362.054298][ T5834] Bluetooth: hci0: command tx timeout
[  363.091542][T11864] fuse: Bad value for 'fd'
[  363.267282][T11851] loop2: detected capacity change from 0 to 7
[  363.291853][T11874] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  363.345832][T11851] Dev loop2: unable to read RDB block 7
[  363.351429][T11851]  loop2: unable to read partition table
[  363.412805][T11851] loop2: partition table beyond EOD, truncated
[  363.438279][T11851] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  363.660308][T11769] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  363.684111][T11769] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  363.717934][T11769] wireguard: wg0: Could not create IPv4 socket
[  363.737470][T11769] wireguard: wg1: Could not create IPv4 socket
[  363.754831][T11769] wireguard: wg2: Could not create IPv4 socket
[  363.819824][   T24] usb 3-1: USB disconnect, device number 6
[  363.911446][T11907] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input42
[  364.047632][T11890] loop2: detected capacity change from 0 to 7
[  364.082846][T11769] 
[  364.085193][T11769] ======================================================
[  364.092195][T11769] WARNING: possible circular locking dependency detected
[  364.099198][T11769] 6.16.0-syzkaller-08685-g260f6f4fda93 #0 Not tainted
[  364.105932][T11769] ------------------------------------------------------
[  364.112921][T11769] syz-executor/11769 is trying to acquire lock:
[  364.119127][T11769] ffff888033ae2040 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: __flush_work+0x4d0/0xcc0
[  364.130671][T11769] 
[  364.130671][T11769] but task is already holding lock:
[  364.138003][T11769] ffff888033ae2338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x730
[  364.146850][T11769] 
[  364.146850][T11769] which lock already depends on the new lock.
[  364.146850][T11769] 
[  364.157225][T11769] 
[  364.157225][T11769] the existing dependency chain (in reverse order) is:
[  364.166210][T11769] 
[  364.166210][T11769] -> #1 (&conn->lock#2){+.+.}-{4:4}:
[  364.173655][T11769]        __mutex_lock+0x191/0x1070
[  364.178743][T11769]        l2cap_info_timeout+0x79/0xa0
[  364.184094][T11769]        process_one_work+0x9cf/0x1b70
[  364.189527][T11769]        worker_thread+0x6c8/0xf10
[  364.194613][T11769]        kthread+0x3c5/0x780
[  364.199176][T11769]        ret_from_fork+0x5d4/0x6f0
[  364.204259][T11769]        ret_from_fork_asm+0x1a/0x30
[  364.209522][T11769] 
[  364.209522][T11769] -> #0 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}:
[  364.219745][T11769]        __lock_acquire+0x126f/0x1c90
[  364.225102][T11769]        lock_acquire+0x179/0x350
[  364.230107][T11769]        __flush_work+0x4e4/0xcc0
[  364.235105][T11769]        __cancel_work_sync+0x10c/0x130
[  364.240627][T11769]        l2cap_conn_del+0x5af/0x730
[  364.245811][T11769]        l2cap_disconn_cfm+0x96/0xd0
[  364.251074][T11769]        hci_conn_hash_flush+0x10e/0x260
[  364.256678][T11769]        hci_dev_close_sync+0x602/0x11d0
[  364.262294][T11769]        hci_dev_do_close+0x2e/0x90
[  364.267472][T11769]        hci_unregister_dev+0x227/0x640
[  364.272998][T11769]        vhci_release+0x79/0xf0
[  364.277827][T11769]        __fput+0x402/0xb70
[  364.282309][T11769]        task_work_run+0x150/0x240
[  364.287396][T11769]        do_exit+0x86f/0x2bf0
[  364.292052][T11769]        do_group_exit+0xd3/0x2a0
[  364.297057][T11769]        __x64_sys_exit_group+0x3e/0x50
[  364.302584][T11769]        x64_sys_call+0x14fa/0x1720
[  364.307758][T11769]        do_syscall_64+0xcd/0x4c0
[  364.312761][T11769]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.319195][T11769] 
[  364.319195][T11769] other info that might help us debug this:
[  364.319195][T11769] 
[  364.329396][T11769]  Possible unsafe locking scenario:
[  364.329396][T11769] 
[  364.336816][T11769]        CPU0                    CPU1
[  364.342152][T11769]        ----                    ----
[  364.347487][T11769]   lock(&conn->lock#2);
[  364.351708][T11769]                                lock((work_completion)(&(&conn->info_timer)->work));
[  364.361224][T11769]                                lock(&conn->lock#2);
[  364.367964][T11769]   lock((work_completion)(&(&conn->info_timer)->work));
[  364.374962][T11769] 
[  364.374962][T11769]  *** DEADLOCK ***
[  364.374962][T11769] 
[  364.383076][T11769] 5 locks held by syz-executor/11769:
[  364.388416][T11769]  #0: ffff88807a1d0dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90
[  364.397966][T11769]  #1: ffff88807a1d00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0
[  364.407600][T11769]  #2: ffffffff905b4c68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260
[  364.417573][T11769]  #3: ffff888033ae2338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x730
[  364.426870][T11769]  #4: ffffffff8e5c1060 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfb/0xcc0
[  364.435979][T11769] 
[  364.435979][T11769] stack backtrace:
[  364.441840][T11769] CPU: 1 UID: 0 PID: 11769 Comm: syz-executor Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) 
[  364.441858][T11769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  364.441867][T11769] Call Trace:
[  364.441871][T11769]  <TASK>
[  364.441876][T11769]  dump_stack_lvl+0x116/0x1f0
[  364.441898][T11769]  print_circular_bug+0x275/0x350
[  364.441919][T11769]  check_noncircular+0x14c/0x170
[  364.441940][T11769]  __lock_acquire+0x126f/0x1c90
[  364.441963][T11769]  lock_acquire+0x179/0x350
[  364.441982][T11769]  ? __flush_work+0x4d0/0xcc0
[  364.441998][T11769]  ? mark_held_locks+0x49/0x80
[  364.442018][T11769]  ? __flush_work+0x4d0/0xcc0
[  364.442032][T11769]  __flush_work+0x4e4/0xcc0
[  364.442047][T11769]  ? __flush_work+0x4d0/0xcc0
[  364.442062][T11769]  ? detach_if_pending+0x271/0x280
[  364.442081][T11769]  ? __pfx___flush_work+0x10/0x10
[  364.442095][T11769]  ? find_held_lock+0x2b/0x80
[  364.442111][T11769]  ? __pfx_wq_barrier_func+0x10/0x10
[  364.442133][T11769]  ? __pfx___might_resched+0x10/0x10
[  364.442152][T11769]  __cancel_work_sync+0x10c/0x130
[  364.442168][T11769]  l2cap_conn_del+0x5af/0x730
[  364.442184][T11769]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  364.442199][T11769]  l2cap_disconn_cfm+0x96/0xd0
[  364.442213][T11769]  hci_conn_hash_flush+0x10e/0x260
[  364.442226][T11769]  hci_dev_close_sync+0x602/0x11d0
[  364.442249][T11769]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  364.442270][T11769]  ? up_write+0x1b2/0x520
[  364.442284][T11769]  hci_dev_do_close+0x2e/0x90
[  364.442305][T11769]  hci_unregister_dev+0x227/0x640
[  364.442326][T11769]  ? __pfx_vhci_release+0x10/0x10
[  364.442346][T11769]  vhci_release+0x79/0xf0
[  364.442365][T11769]  __fput+0x402/0xb70
[  364.442383][T11769]  task_work_run+0x150/0x240
[  364.442401][T11769]  ? __pfx_task_work_run+0x10/0x10
[  364.442415][T11769]  ? switch_task_namespaces+0xeb/0x100
[  364.442436][T11769]  do_exit+0x86f/0x2bf0
[  364.442455][T11769]  ? do_raw_spin_lock+0x12c/0x2b0
[  364.442469][T11769]  ? __pfx_do_exit+0x10/0x10
[  364.442489][T11769]  ? rcu_is_watching+0x12/0xc0
[  364.442506][T11769]  do_group_exit+0xd3/0x2a0
[  364.442526][T11769]  __x64_sys_exit_group+0x3e/0x50
[  364.442546][T11769]  x64_sys_call+0x14fa/0x1720
[  364.442562][T11769]  do_syscall_64+0xcd/0x4c0
[  364.442575][T11769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.442588][T11769] RIP: 0033:0x7f8f8278e9a9
[  364.442599][T11769] Code: Unable to access opcode bytes at 0x7f8f8278e97f.
[  364.442605][T11769] RSP: 002b:00007ffcfc7aa8d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  364.442617][T11769] RAX: ffffffffffffffda RBX: 00007f8f82811b48 RCX: 00007f8f8278e9a9
[  364.442627][T11769] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  364.442635][T11769] RBP: 00007f8f827ed658 R08: 00007ffcfc7a8677 R09: 000000000000002d
[  364.442643][T11769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  364.442652][T11769] R13: 000000000000002d R14: 00007ffcfc7aaa12 R15: 0000000000000024
[  364.442664][T11769]  </TASK>
[  364.442694][ T5834] Bluetooth: hci0: command tx timeout
[  364.541029][ T5828] Dev loop2: unable to read RDB block 7
[  364.746868][ T5828]  loop2: unable to read partition table
[  364.752601][ T5828] loop2: partition table beyond EOD, truncated