last executing test programs:

14.101679845s ago: executing program 3 (id=1563):
r0 = syz_usb_connect(0x2, 0x5a, &(0x7f0000000100)=ANY=[], 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f00000001c0)={0x0, 0xc}, 0x0, 0x0})
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

12.841284277s ago: executing program 1 (id=1569):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000780)={{0x7, 0x1, 0x0, 0x800, 'syz0\x00'}, 0x1, [0x0, 0x80, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x5, 0x0, 0x0, 0x2, 0x0, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x400, 0xffffffff, 0x0, 0x0, 0x42, 0x0, 0xfffffffffffffffd, 0x100000002, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0xd453, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffc, 0x9, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x7fffffff, 0x0, 0x0, 0x80000000000, 0x79, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xea, 0x8, 0x0, 0xb, 0x0, 0xfffffffffffffffd, 0x0, 0x80000, 0x0, 0xfffffffffffffffd, 0x4000000000000, 0x200, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x2, 0x34, 0x0, 0x4, 0x0, 0x400, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7ffffffc, 0x20b50d5b]})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000000000000000000000000000000080000", 0x18)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000c80)=[{}, {}, {}], 0x3, 0xff, &(0x7f0000000cc0)={[0x1dd]}, 0x8)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)
landlock_create_ruleset(0x0, 0x0, 0x1)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x0)
getpgid(0x0)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0xe, 0x0, &(0x7f0000000440)="92931f6e32e1ffa94914674af600", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0xd, &(0x7f0000000000)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @printk={@x}]}, &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)

12.293465226s ago: executing program 1 (id=1572):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file1\x00', 0x0)
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x35c, 0x0)
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setuid(0xee00)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x2, &(0x7f0000006680))
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
truncate(&(0x7f0000000040)='./bus\x00', 0x231f)
preadv(r0, &(0x7f0000000240)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, 0xffffffff, 0x800)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d972a440b72040155ab7010203810902120001000000000904000000ff000000"], 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000001c0)=0x1, 0x4)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f00000002c0)=0x1, 0x4)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, 0x0, 0xfffffffffffffffd)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
epoll_create1(0x0)
r3 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r3, 0x1, 0x29, &(0x7f0000000380), 0x4)
r4 = socket(0x2, 0x2, 0x5)
bind$unix(r4, &(0x7f0000000000)=@abs, 0x6e)

11.615519712s ago: executing program 2 (id=1579):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000b00)=ANY=[@ANYBLOB="61136800000000006113380000000000bfa000000000000007000000080000002d0301000000000095006900000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562eff4ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df0a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c29dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d57c4e9b2ad9bc1142ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57d20000009f0f53acbb40b4f8e2738270b31562ed838b9df97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bda7afaab43176e65ec1118d50d1f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000020000000000000000000000c1eb2d91fb79ea00000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ad2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7a43c8da0c44d2ebf2f3f2b87be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747086312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7a5573336004084d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b527c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae93234c2cc17dc4a5dfacba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da80000d9ef418cf19e7a8cf8ffffffce91798adc2dca87ddd9d064e081383409ed2912c811c600f03212a5331c2a4ead000000000000000000008d4496dc862fcdb0ee67fdd006d4e466e8b32b3afdaecee9862edf61cd0dd24ff2dba562c5ae5c053355abb762ef2a5ee5f285e333b522ca09af626c6e4ad1c685165388000015de7f2077cd6d96a8a687c97e7d1d5cc25ffebc53b2ef9d57cf5d995bad3de6f555e9616d0e7c258205668dcfb35c3550ef80e0a704a7d9dc23e1742dc9e7d7d8c3b3cba2229cd1c0d8046981789493b26c611c40b86157d7c383144bff7115f440e059bdfb739d7c285d6c2048c229d1fd67791bff7fa758b953b41cf077028716a411afef49f51d490f09ce0781f2d1769551bb8f882dfe8d1491142666de72b230356376b60abc0b7494a683ecf96463e89744ea228ac17f7ac5a06b103ea8c78d82d48d7700b661357224b847a6adced04d87e0f4019cae065b48be01956d7c279e8232e7f7e7b4b0c7c740cb7920823c26ad3ec97db1e09c347db220851d1e280ea6bce40c16193a89719b74be9456afef6b6b56ee88b878404a308b4e9471e11bc250c36c154c20c8533376e347c89020b7ef9599ea49ee6d3b9b355ad9fbda34625d243168d788bf9a681b09aa85e0da7d76f2cd029ee3df390cba760cd9c9b5fe625827edae4e7c19dc6c2fe701797df47324cad92d8ea62270f89d04141e89bee3c3611a996d9d9db00508adc93d7bb21dfe1174ab2f31d075e30ee07e16d28aaa70a35c55370a3af315cf25a6cce2cae3d6c75906290d55a2a2447bb571d6991522136ed013b8f6f4cf0a91931f0a7d88d4e69729a77a6e76433c1a0668677f8c7683f779d3301db1f43bd7dd0b301098f522437ec5ff0c358900000000000000000000000000007f91ee647a956ca982a84a97f9231a107466f2f9d62994907a93b9d183c0c6187d0a9ea8ccb3ba859b05"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

10.945323066s ago: executing program 1 (id=1582):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000700)=@filter={'filter\x00', 0x42, 0x4, 0x358, 0xffffffff, 0x0, 0x198, 0xc8, 0xffffffff, 0xffffffff, 0x2c0, 0x2c0, 0x2c0, 0xffffffff, 0x4, 0x0, {[{{@ip={@broadcast, @multicast2, 0x0, 0x0, 'bridge0\x00', 'ip6gre0\x00', {}, {}, 0x73}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x1, 0x8}}]}, @REJECT={0x28}}, {{@ip={@remote, @multicast2, 0x0, 0x0, 'veth1_macvtap\x00', 'ip6_vti0\x00'}, 0x0, 0x70, 0xd0, 0x0, {0x60010000}}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@set={{0x40}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = dup(r3)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="24040000", @ANYRES16=r2, @ANYBLOB="20007e200000020000420200000008002600c81400000300400002000000"], 0x24}, 0x1, 0x0, 0x0, 0xd1}, 0x2000c065)
sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r5}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0)

10.944702035s ago: executing program 3 (id=1583):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000780)={{0x7, 0x1, 0x0, 0x800, 'syz0\x00'}, 0x1, [0x0, 0x80, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x5, 0x0, 0x0, 0x2, 0x0, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x400, 0xffffffff, 0x0, 0x0, 0x42, 0x0, 0xfffffffffffffffd, 0x100000002, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0xd453, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffc, 0x9, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x7fffffff, 0x0, 0x0, 0x80000000000, 0x79, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xea, 0x8, 0x0, 0xb, 0x0, 0xfffffffffffffffd, 0x0, 0x80000, 0x0, 0xfffffffffffffffd, 0x4000000000000, 0x200, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x2, 0x34, 0x0, 0x4, 0x0, 0x400, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7ffffffc, 0x20b50d5b]})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000000000000000000000000000000080000", 0x18)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000c80)=[{}, {}, {}], 0x3, 0xff, &(0x7f0000000cc0)={[0x1dd]}, 0x8)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)
landlock_create_ruleset(0x0, 0x0, 0x1)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000480)={{0x8, 0x6, 0x7fffffff, 0xa, 'syz0\x00', 0x9}, 0x5, 0x30000302, 0x1, 0x0, 0x7, 0x7, 'syz1\x00', &(0x7f0000000240)=[':-\x00', '\x8f*\x00', '', 'GPL\x00', 'syzkaller\x00', '.{\x00', '!#^^\x00'], 0x1c})
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0xe, 0x0, &(0x7f0000000440)="92931f6e32e1ffa94914674af600", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0xd, &(0x7f0000000000)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @printk={@x}]}, &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)

9.960005038s ago: executing program 0 (id=1585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r5, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000940)=@delchain={0x24, 0x28}, 0x24}}, 0x54)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd0, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000440)='net/route\x00')
preadv(r7, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000000480)=0x19)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x44b, 0x170bd2c, 0x25dfdbfc, {0x7a, 0x0, 0x0, 0x0, 0x1000, 0xdcb0}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x4}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8024}, 0x4000800)

9.485121109s ago: executing program 1 (id=1586):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x3, 0x0, &(0x7f0000000300))
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bda000/0x4000)=nil, 0xfffffffffffffea3, &(0x7f00000000c0)='\x00#\x0f\x01bK\xd1\xd8\xc8\xe3Z(\x03\xa1\x8b\x19#\x8fZ\x10Gk\x01\xd5\xc6r\x88\x97\xbb\xd9\xca=\xffa\xeb\b\xb2\x90\x1a\x03;\xae\xddc\nI\xcd\xf59>\xc4ZE\xac\xd3\x1f\xe7\xc5\xe5(\xed\xbb+\xfd\xe3\xb2\xf8\x9d\xf1\b\xff9\".Be\xf6\xb0\x0e\x86\xa3\x1c\x10\x88\xf4\xa2\xa0\x81\vN2N\xf1\xa5\x96\x94\x91\xa2S\x96@\xf1\x15\x9a{\xb9O{\x01*\xe98\xea\xcd\xcd\x04Y\x03\xf5>\x93\xb8')
r2 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x800, 0x8}, 0x0, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000010300), 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
ioctl$UI_GET_VERSION(0xffffffffffffffff, 0x8004552d, 0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x9, 0x3, 0x2d8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x258, 0xffffffff, 0xffffffff, 0x258, 0xffffffff, 0x3, &(0x7f0000000300), {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @loopback}, [0xffffffff, 0xffffffff, 0xffffff00], [0xffffff00, 0x0, 0xffffffff, 0xff000000], 'gretap0\x00', 'bond0\x00', {}, {}, 0x3a, 0x27, 0x6, 0x57}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x4, 0x6d, 0x5e0, '\x00', {0x1}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'pimreg\x00', {0x20}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
syz_usbip_server_init(0x3)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r5 = syz_open_dev$evdev(&(0x7f0000000340), 0x4, 0x2000)
ioctl$EVIOCGVERSION(r5, 0x5452, &(0x7f0000002200)=""/188)
sendmmsg(r4, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000001080)}], 0x1, &(0x7f0000001140)=[{0x50, 0x104, 0x4, "123e1c240436a67ca2b209be695eedb3fa9941c88d4356d3d3d6616ec6fbf4f58504743fb27dfe343c0ecd9c83c044e278dad6f9afbbe62fd6"}], 0x50}}], 0x1, 0x40000)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, 0x0, 0x0)

9.483413103s ago: executing program 3 (id=1587):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r2, 0x29, 0x3, 0x0, &(0x7f0000000300))
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bda000/0x4000)=nil, 0xfffffffffffffea3, &(0x7f00000000c0)='\x00#\x0f\x01bK\xd1\xd8\xc8\xe3Z(\x03\xa1\x8b\x19#\x8fZ\x10Gk\x01\xd5\xc6r\x88\x97\xbb\xd9\xca=\xffa\xeb\b\xb2\x90\x1a\x03;\xae\xddc\nI\xcd\xf59>\xc4ZE\xac\xd3\x1f\xe7\xc5\xe5(\xed\xbb+\xfd\xe3\xb2\xf8\x9d\xf1\b\xff9\".Be\xf6\xb0\x0e\x86\xa3\x1c\x10\x88\xf4\xa2\xa0\x81\vN2N\xf1\xa5\x96\x94\x91\xa2S\x96@\xf1\x15\x9a{\xb9O{\x01*\xe98\xea\xcd\xcd\x04Y\x03\xf5>\x93\xb8')
r3 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x800, 0x8}, 0x0, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000010300), 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
ioctl$UI_GET_VERSION(0xffffffffffffffff, 0x8004552d, 0x0)
r4 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x9, 0x3, 0x2d8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x258, 0xffffffff, 0xffffffff, 0x258, 0xffffffff, 0x3, &(0x7f0000000300), {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @loopback}, [0xffffffff, 0xffffffff, 0xffffff00], [0xffffff00, 0x0, 0xffffffff, 0xff000000], 'gretap0\x00', 'bond0\x00', {}, {}, 0x3a, 0x27, 0x6, 0x57}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x4, 0x6d, 0x5e0, '\x00', {0x1}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'pimreg\x00', {0x20}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
syz_usbip_server_init(0x3)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
write(r5, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r6 = syz_open_dev$evdev(&(0x7f0000000340), 0x4, 0x2000)
ioctl$EVIOCGVERSION(r6, 0x5452, &(0x7f0000002200)=""/188)
sendmmsg(r5, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000001080)}], 0x1, &(0x7f0000001140)=[{0x50, 0x104, 0x4, "123e1c240436a67ca2b209be695eedb3fa9941c88d4356d3d3d6616ec6fbf4f58504743fb27dfe343c0ecd9c83c044e278dad6f9afbbe62fd6"}], 0x50}}], 0x1, 0x40000)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe", 0x47, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

9.482842368s ago: executing program 4 (id=1588):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES16=0x0], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x34)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0xfffffffffffffdec)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r2, 0x107, 0xf, 0x0, &(0x7f0000000140))
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDGKBDIACR(r5, 0x4b4a, &(0x7f0000000000)=""/176)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
mkdir(0x0, 0x334)
socket$kcm(0xa, 0x2, 0x3a)

8.889592828s ago: executing program 2 (id=1589):
r0 = fsopen(&(0x7f00000022c0)='nfs4\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)

8.86911341s ago: executing program 2 (id=1590):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r3 = socket(0x10, 0x803, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x20082, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfff3, 0xb}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x1fa3}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x3c, 0x2c, 0xd21, 0x70bd26, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {}, {0xffe0, 0x3}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xa, 0xd}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004094}, 0x4000000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r9=>0x0})
syz_usb_connect$cdc_ncm(0x5, 0x8f, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103000000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582020002e1ad000905030200"], 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)={0x150, 0x0, 0x0, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_TX_RATES={0x134, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0xfff0, 0xd, 0x3, 0xfffd, 0x6, 0x4, 0xc]}}]}, @NL80211_BAND_6GHZ={0x4c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x46, 0x2, [{0x5, 0x8}, {0x5, 0x8}, {0x2, 0x4}, {0x1, 0x2}, {0x0, 0x5}, {0x7, 0x4}, {0x0, 0x6}, {0x2, 0x3}, {0x1, 0x3}, {0x3, 0x3}, {0x1, 0x3}, {0x0, 0x3}, {0x3, 0x7}, {0x4, 0x7}, {0x0, 0x4}, {0x3}, {0x5, 0x9}, {0x2, 0x1}, {0x4, 0x9}, {0x7, 0x4}, {0x5, 0x1}, {0x1, 0x3}, {0x5, 0x9}, {0x7}, {0x7, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x3, 0x7}, {0x0, 0x3}, {0x0, 0x6}, {0x1, 0x2}, {0x1, 0x9}, {0x1, 0x9}, {0x0, 0xa}, {0x2, 0x8}, {0x0, 0x3}, {0x2, 0x9}, {0x4, 0x6}, {0x6, 0x6}, {0x5, 0x4}, {0x0, 0x6}, {0x7, 0x1}, {0x1, 0x3}, {0x7, 0x6}, {0x7}, {0x5, 0x1}, {0x1, 0x2}, {0x5, 0x6}, {0x2, 0x8}, {0x2, 0x4}, {}, {0x3, 0x2}, {0x2, 0x1}, {0x0, 0xa}, {0x1, 0x9}, {0x5, 0x9}, {0x5, 0x7}, {0x3, 0x7}, {0x3, 0x3}, {0x2, 0x4}, {0x1, 0x2}, {0x0, 0x2}, {0x1, 0x3}, {0x1}, {0x6, 0x8}, {0x3, 0x2}]}]}, @NL80211_BAND_5GHZ={0x60, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xe, 0xfff, 0x3, 0x1, 0x401, 0x8247, 0xffff, 0xb]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x36, 0x2, [{0x7, 0x2}, {0x5, 0x2}, {0x0, 0x3}, {0x4, 0x2}, {0x4, 0x6}, {}, {0x1, 0x5}, {0x6, 0xa}, {0x0, 0x9}, {0x7, 0x7}, {0x1, 0xa}, {0x7, 0x6}, {0x3, 0xa}, {0x2, 0x7}, {0x7, 0x3}, {0x6}, {0x2, 0x4}, {0x3, 0x3}, {0x5, 0x8}, {0x0, 0x1}, {0x4, 0x4}, {0x3, 0xa}, {0x0, 0x8}, {0x6, 0x4}, {0x0, 0x8}, {0x6, 0x2}, {0x1, 0x1}, {0x0, 0x4}, {0x7, 0x6}, {0x7, 0x9}, {0x7, 0x5}, {0x0, 0x9}, {0x6, 0x3}, {0x3}, {0x7, 0x1}, {0x1, 0x7}, {0x1, 0x1}, {0x1, 0xa}, {0x5, 0x6}, {0x1, 0x4}, {0x0, 0x6}, {0x1, 0x5}, {0x0, 0x3}, {0x3, 0x3}, {0x7, 0x2}, {0x0, 0x8}, {0x0, 0x4}, {0x0, 0x2}, {0x1, 0x8}, {0x6, 0x8}]}]}, @NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x7, 0xfe01, 0xe, 0x3, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x9, 0x1, 0xe, 0x4, 0x1, 0xfc00, 0xa9]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0xc, 0x48, 0x1, 0x12, 0x26, 0x0, 0x1, 0x24, 0x6c, 0x12, 0x4, 0x2, 0x36, 0x18, 0x36, 0x4e, 0x16, 0x16, 0x5, 0xb, 0x4, 0x12, 0x6c, 0x36, 0x9, 0x48, 0x1, 0x3, 0x17]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4d4a, 0xc, 0x3, 0x3, 0x80, 0x76, 0xa]}}]}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x20044804}, 0x5)

7.75003101s ago: executing program 0 (id=1591):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2}}, './file0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a01010100", @ANYRES16=r0, @ANYRESDEC, @ANYRES8=r0], 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@gettaction={0x18, 0x30, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000340)={0x0, 0xb7c6, 0x10, 0x3, 0x80}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)=[r4, r4, r4], 0x3})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380), 0x0, 0x0})
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0), 0x12)
openat$vcsu(0xffffff9c, &(0x7f0000000180), 0x8c880, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x1ff)
r7 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe)
r8 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r7, r8, r7}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)

7.696821287s ago: executing program 4 (id=1592):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
prlimit64(r1, 0xd, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000100000027bf00000005"], 0x50)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r4, 0x0)

6.588427335s ago: executing program 1 (id=1593):
r0 = syz_usb_connect(0x2, 0x5a, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f00000001c0)={0x0, 0xc}, 0x0, 0x0})
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

6.587693881s ago: executing program 0 (id=1594):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
prlimit64(r1, 0xd, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000100000027bf00000005"], 0x50)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r4, 0x0)

6.561870066s ago: executing program 3 (id=1595):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x0)
lseek(r0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r2 = socket(0x22, 0x2, 0x24)
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf050000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc83df03395287fd51a700ea6553f304000000815dcf00c3eebc52267b042d196bde7c382d21ff79a8583a7482c5994747e19325b1ee980cbd800d845dacbcf5ad8cdbc7abf9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYRESHEX=r1], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x40100)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r9, 0xc05c5340, 0x0)
bpf$BPF_LINK_CREATE(0xa, &(0x7f0000000340)={r7, 0xffffffffffffffff, 0x24, 0x7, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x8, 0x0, 0x1}}, 0x40)
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x7, 0x4)

6.335108969s ago: executing program 4 (id=1596):
socket(0x1d, 0xa, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
accept4$tipc(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7", @ANYRESHEX=r0], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5, 0x0, 0x4}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00'})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, 0x0, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000c80), 0x143041, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='sched\x00')
setsockopt$inet_msfilter(r9, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="0a0101020a01010101000000020000007f0000017f000001441a3301cf058cd40eb04ce89d9c699deef3f625e7820360731d58007881e36c4e2be0ef4d4d2a8f5407c42f6078232d8e32f716f3748da7765c6a5c1f9901f83c52a0857ef6301d8e208eef13bd15c3c0d51f4e3c1c8077ed453ebcbf2f11e9ad6ba21a24535bdecf3bf8"], 0x18)

4.547207515s ago: executing program 4 (id=1597):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x4, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x8094, &(0x7f0000000440)={0x2, 0x4e22, @loopback}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
socket(0x11, 0x800000003, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000001800)=ANY=[@ANYBLOB="0180c200000050a245d5cde0080045000014000000000002907800000000ff0200"/42], 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r6, 0xc208ae62, &(0x7f0000000740))
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080)={0x1, 0xfffa, 0x4, 0x4, 0x3, 0xb0, 0x5}, 0xc)

3.554875411s ago: executing program 2 (id=1598):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x75a559963a888ab9}, 0x200040d0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$dri(0x0, 0x1f, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x2000004, 0x100000000, 0xfffffffffffffffb})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, 0x0)
close(r6)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='scalable\x00', 0x9)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x298})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x0, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
shutdown(r0, 0x1)

2.580577921s ago: executing program 4 (id=1599):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x141000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000000)={{0x0, 0x2, 0x9, 0x0, 0x4}})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x40, 0x10, 0x401, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0xd07, 0x1a001}, [@IFLA_IFNAME={0x14, 0x3, 'wlan1\x00'}, @IFLA_ADDRESS={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x5336ae46a3975501}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r3, 0x80605414, &(0x7f0000000e40))
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000140)={{{@in=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e20, 0x3, 0x4e22, 0x5, 0x2, 0x20, 0x80, 0x3c, 0x0, 0xffffffffffffffff}, {0x1, 0x7, 0xdaf, 0x6, 0x6, 0x2, 0x8, 0x10}, {0x7, 0x8, 0xf5, 0x9}, 0x7f, 0x6e6bb2, 0x1, 0x1, 0x1, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x15}, 0x4d5, 0x3c}, 0x2, @in=@local, 0x3502, 0x2, 0x1, 0x3, 0x9, 0x97db, 0x3}}, 0xe8)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x7fff}, 0x1c)
sendto$inet6(r6, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r6, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="a8", 0x1}], 0x1}}], 0x1, 0x24040)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000240)="5c00000014006b03c84e21008bf32c19021800f80200000044000200ac14140e05251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd77f6f60c1504bb9189d9193e9bd1c1b7800000000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@ipv4_delrule={0x1c, 0x21, 0x1, 0x0, 0x25dfdbfe}, 0x1c}}, 0x44044)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@getchain={0x24, 0x66, 0x1, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x4, 0x4}, {0x1, 0xfff1}, {0xf, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804)

2.579178517s ago: executing program 0 (id=1600):
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='syscall\x00')
lseek(r0, 0x8, 0x0)
getsockname$packet(r0, &(0x7f0000000100), &(0x7f0000000280)=0x14)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCGSTAMPNS(r1, 0x8907, 0x0)
recvmmsg(r1, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000040)={[{0x100, 0x2, 0x7, 0x3, 0x5, 0x96, 0x9, 0x9, 0x5, 0x6, 0x40, 0x9}, {0x6000000, 0x9, 0x7, 0xfa, 0x5, 0x1, 0xfc, 0x6, 0x7, 0x8, 0x8, 0xe3, 0x8}, {0x200000, 0x4, 0x5, 0x6, 0x3, 0x0, 0x6, 0x2, 0x8a, 0x40, 0x2, 0xe, 0x200}], 0x400})
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a44, 0x1700)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22400)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000800001800000018000000020000000000000001000084000000000000090003e5ffffff0000000000"], 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000240), r2)
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x1c, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x110)
write$UHID_CREATE2(r4, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), 0xffffffffffffffff)
syz_usb_connect(0x2, 0x46, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ebeaa220d0070141c087010203010902"], 0x0)
r6 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCGFEATURE(r6, 0xc0404807, &(0x7f0000000300)={0x62, "a4395026f7fca8f411d271a8ac0352f02647be56f7af5c020d00a854bde7a3a2e42c1c5fcac45b88f2eb03642b134fd8e5b9bfd57889164508e1794a753cea7f"})
ioctl$HIDIOCGFEATURE(r6, 0xc0404807, &(0x7f0000000040)={0x4, "11988c7ba5bb888131cac156c94e0a000000000000df5be03664724d1dd748c3fa198dcd95bf761a3a4c868b46327ff700000000000000005026b76100"})
write$UHID_DESTROY(r4, &(0x7f00000001c0), 0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_async', 0x10000, 0x0)
close(r3)

2.536693286s ago: executing program 1 (id=1601):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2$9p(0x0, 0x80000)
get_mempolicy(0x0, 0x0, 0x1ff, &(0x7f0000ffd000/0x2000)=nil, 0xe)
r1 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'wlan0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x17}})
socket$kcm(0x21, 0x2, 0x2)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x15, 0x17, 0xee, 0x40, 0xaf0, 0x7a05, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x5, 0x49}}]}}]}}, 0x0)
request_key(&(0x7f0000000240)='encrypted\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0)
write(r2, &(0x7f0000000000)="0a000000010001", 0x7)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a00", @ANYRES32, @ANYBLOB="06003800d8510000040049800400e0801a165c80f928efeadc95a00c88d81d8d36eb021f05e357ce0cc80496d946a14b733a0b75dc0e0fe7ec451e3304efabb148cf7740d92633549fc799efeffbb500bf6a3db52cb6551af05b9d13a338392b5a8a8a21422903ac79280ba0651419590f6126813018282ea112a8c697e421a55ef2aac7340a5736e3d51504d8c7f023ee72b55ab9a1a1195cf9edf01e30447d1e000ce0ec914a9a6ae232498e74bcd19c01b7086e3fec56b754ab12185fda15b9525dec81f973a9c4bc9e3346f077651b64733a62e0536a41b5d896c07d71bb8b256ff30493694ca27c654b9cdfd0721dcef4726d97a2974dc7d8e373b0a60174bb0800ee00", @ANYRES32=0x0, @ANYBLOB="0c0043001700000000000000fd11358084a64c4852ce59bc40427a1582ec7e9547999b7be18d57542e2971a2513a2b81d76f6ad9a7ceda50a48bcd2786f06ffd040009808cb297f99a3664c1952c24e42f729fc43262610d3652cef336adc19ee56c82ca3e707eb78d0148b668305d97f7ec33db8e3e9dc65e7c274e7bc24ed3a1184621df12504c07b14a737fcc8ef9009b890c6caeba9729fbfeca6b12211869a2716ea36f7399a7bd7c0f2377c94cfe62f2bcbff380ee256a7c3ec69110da7f9a6d89254f4ec5b539cbc7303ccdc6a8619996b6263165fa024adff951d4d8d2d6587b80d1c30440b0817f52c341360dc5df31f0b5639a5b96e26938d5bc55ea7bef35a4cf126c9183ac38fb34b319abe5f06082c1e8ce526cdb3066d523d12deb8697d8299c1f5edf46514913c4648f2fd1816a58beffaab5040d72e67ac75075da4c92fb2c60d17ee03c6cc004ceb9ef5abe60fe300faa63e19f5eefa54eaed41a4fa62c6a56be9ee7f691162545a8fd930f45517df0436b69efc7d5ac19e930a92ef86472205f87a61dd95dc35a6f258c8c7958a8175e8cd8dbf01f82cca2359aef93e3eb117014c231d67bc6da5248aeac9543ff47663c01581b945dd8507adb1689ac8244b010e66087ffd4c0b930f8ffc7408402d8ce7db0cfd9830cdd85aab9711919563d56d245801c371f040af5b8169de3c6fea317612f4c2317cc526e8ea8c8c1e953c791b20a1aaf4c62f6c906efa621b14e7d3e285aa55b7ef96e4feb652df2cf36e76132f396cedb9db9cf15eeaea7b13e1027ea5d1f5490e6688884e1f1df2a9853024e581c9ae87c12991f4f89aabc4020df65ac4683de032022e2d805273b2d6a62e841a74be316f2152002b87680d37f6b7faf2b24be1ebc0d7a95fc330a592d044fd05ed37465086402a1335ce622bc8526afbc6aad8bb1bc0b63bf46ff0496a8861f0ee2c990adaf568144fb15eb4492e049f762fe735ddf5d283433a9d2fb9faff70364046ed11752282c816611250cc1e14272470c12fbd96a06bd3b873da306810ed786bcdb8983bcc7acf941b819c4f59b132e6c81639b46b8ba630ae11e4751458aeaa9dc2cee291652e638a28d47ecd5e2df8830bc7267883dd7d77fe2392aa484b6dec167a1bf3e00c927b26832f5f8d67f5d1c0c935624bc6c917001dd4df77aea734fa05d4037db5b19cef7d161c5ad1e95b40dcdd369358fada0a2a04d7a99f0b93386f706aa3213c1c4428b8461062b29683b29e56748a65154e9c33eafd6dac22c2ef4f55c4ca8e4a6c0007b31305254a27425066fec4b41e11c8357bf67ce8e2a0facb1b26e1b19543cd5f075cc81b0873ec57bc7edf9a9fb8ae35d3a3ace676225b40a421e645301f304221763ecab8baa7515839ca7f29e9e646af9a1ff1fe8031b5b36a8f2d6d70ae3f514f1c2972df04bb4924373d39301c8708bdf1376d3be64f3614c183c5b5cf95edaf20d2e59ec124eb11526a7f2d28546b31566e161ff39233762c0e4b505f246454f3e27f8dbbedf1610464944ea873600ed8e95fa00d291fa3b1d9cb257ca29710f473ce1de492602202f23ab8102ec101110145fbafc73f41a830decc8fc46a9f8925e091fec25f87a69fa23f63621533da3e4f97d2ad78c1886b6783e46e2923fbc424bb010e5d586e5fce6f5191c161aac64eec1c3afb12b2c6b2047c9c9db9d6beeb10de8b1d8ed9b857c3c7e7c3b59e374c6a7407ef247c178147b3a0f82f8588b74ddbab03d4c78915750c463f68bc8f40f8e4ba87169bf6377c54d21d5a62cb0dcf466daa235ad887f5d2af2d8dd827047847190afa82fb866744bbfd38952705530e699270b1f13dc0b53fdc2de61de45ab153fd017274bb3b4b4c8b9fa2279dc3a6940e072e9fe87bc86011dcc0c1ab07b97868b0f51ff6208df234a2f5a10f896478a4c5d46ffbafaa810b45bb82368d0085f78e959d1b0f26dd7cff09a40d0d12285b1ccf203ef25f3a1cb5fd753c6aadf2a26c1a21b6355ec2ef8d29ac0f08cd44e94f9a9f6b8558c3e5d7db20ce3a8f147c0309fb3f4b856dec934af6072bc942de440d8cd0ec1944362cb579f75a91393e3ebaf5fc807c0df8367834bb0f08ca7c698991662d8b9e9e55dba84b968d316fce6311e5257ccf69348e06a693595bb94bdaba080fb1c0c88a33557c088a51948bd4f01c5544e9fbf5a8e09ae0dff397ea8522a4349d185f9a2f0b595093b29b88b5e2007e12e6b60ae8aed88bbc198dc7709c5e9181ead6ab91a0b7df795a0e9d349c1096bb29bf2e0643a0afc2f2ac9ffe3e5002a796b025da52dce5d89a8d76499a25bb4588202c18a12107b1fb9759f904ca3363921ed36d1fb3f0af559e771b0a708e26b39f00a87cf2e8489f53a6c0ae606ea8ced1b876895c1c21ece89b1955c4d827ffd4da4b994eb2dcff368ef534b34f6a566efd9480f1b6e308947684dc4960a083d3cf52960be62cf0c0d4ce6d256ff28141c274b7dc8dac819c04d4f1155a8bb4c29a2a00535ca4ea89ce1e218146b73e2103fadcf2c2de446e6c128cbe749c5f7aaf392e764a9397e06e443cb3e44d08af9a2ce55b0ef8cf1803f2167a67d59547d522d65934fba7875301db570cc4424f629a39a7bd36333029bdb818a3739f454966af6ffe4d237d6965cc81f335d8a787450abbe7c8ddfd2f8b749594cea4df455cdfb5eb5f7b0b4f67875adafb11b61639fd0be25bbf0d19cea430058fff31b0fb0ae36a84ad6ccd17038638fe38905fc24384bc60a15058c6b6defe60ed71c7697612b084d6a2cd0b15056f593335906c82265f38c47dcc1c1043da1ce74578a1919e03df4e155396b3dea89acd39d1449f00a9e8cf5ceb0684928432d21e6b7e83c099d285c126a430767e1e718c9dcaf83ae26120ed83c95d7d16a493d16c0a01f8bc05ac987bf8e378d7c8d28c201930890773c1d6ab6440cd3ff2454f17ced7e463d9753891a56833f5f673eb138d7e7ce6666b65ea74f6f0d3cc2d86dd7940ccf108ef7f0ad3c5c7da744c1988aee2a7fa5fd1bf52698221c6ed21de5077effb9bdb50b882523fa932bd1e3efe50b630599dfaf3b13167f57db1a12caeb51278b7fbd9768da62d45b1f056aac361b2da6cc4933a9159379a4152ad66a69362e347af0d414e8716c9869511034c2a366bfb5b125cfc5720c05af7895f4e318d89e85ad02e76c0d643b77c3bbab28865823d696dc5306e1731f56c29ddd25e378749493c762d9966e34b53049a84f4da9ff286bb20ea8c6918ae6df35bd82719ab07d197afe2c87cace76d139175fcfbb8ebc49a131d484244295baca1dec61526a5f844a6950899a0bfc13417b3df9b6580e5657a0d92bab2cfaab91e1513e0cb11c0f029841bf63da801ed3171aa7c039b45675b9197924a5429feeb52a7152d4b82304ff39f2d666edf8ccbfb35d2eee45af364ba98cc978ec7f4f361c4a9fb2bf1155e059c9874c9b00113b6d85ccfbeeb3bf33435ced0c94135a00162d1a1279041fca05ddb2ac02a0a34bbb15f5aac25ac3cdcc32cbb882b6456602bd011cb665661b483b20bcb6cadaf993b3d6fe59757e9fd2b00ebc3b6adfca5bd7bc016eac63adc33f450303dfc89a025d2e3e7fa99854cd468654428c4dbf40b078b24c939882bff81d871d19383b86a5d78e3dc5f53bbf31c56c9ceb28c43179b0f9829d9fdb9c126eaeee6858de67dc6cf0f75552fad19ab1dd381dfaf963790353816b68c1e4e0938d1312746e90d5ed32c32be83f2e1890ce24bd3594b8393280937ddd35475106a0336a61ef483202ca11d58dbb4345c5d68b41e949ad32a36b86983950a12dcb29e02b31880d041805197670fc30c8d6c30f736de8cf7955dd8ae6a46d6fa0d9955056abe5ef41acc00f94f9466327fa207f1f85aac9baceb25fcde2e8f1c6c5f68a66a62a7165c29afb66a17932c892fcd6c894c54abb3f56bbf1dd5901a60b2dc2a51615e6897e894aa15678403ce35a2dd94a31d03092a92e54be81c53adfefa653c00f63a76f2d6471625df5ccfdccffb30e1c545e435c3b3fad6249246d3c2f5796514a899d87905ef0a5bd1032c4718b467dc2df510183beb72b9140cf670e82c649460d782cbf33791088756a796c48d0f7df2b856a4b3e2914c7f8e707a05ed5956473c8eeca35aeb2b96c939b5bfd874e519b9d624e5b3fde44de50c1e9ccbd2642638ab2c1de38127c4c59c5d5710d82c619b634151b0fb1bb94a357e2e38b888f8fb30934009fbee693451b343f0cd656411565e4149433383a8ee7194bdf3907f8a9136296188c74bb3fb276da9cc275101882ac5046fa42b9142efce704014b17b72d0a7b2421b5efb3a0411da62d42019bf78d6a6c5c56f3e8e5fbd0240547c6db5404f1218ab391f361a5ecb9c2cd64c32693ca8dab991688b496daada1d02b5d9cd1b9df7f1258e1a9a70e22f229078b0b33f30cb3e4021335a4392548dbf11dd0ab1c138571179412f35b4106f9bfc0c5bf57b63909a5fd8892a584569cb7b9c330417ae9468d6583f2c923060e156d4a8c69114ac5281b8104b3dcee2abe8b94b7a0551079f6bc89dfe3c521a046b70b1d2a9f1df20fda6dd84adf9e57b34b795ffd5b3dca4c62c815177744c2c21046861135e70fed347985962f5409580c263a72cfd878fe10192902948c6bab642fab9be6b9b93fe41fdea762a9c78d1631f81c4d76c3187d23a26ad0d37ba1f44114afe994c18f8404f7ed02956eeec1ab8c87b0cf8450146705817beec015783b22e6d9125179887dc74b162b2890ffbf8c3443bf732c125f7d2ba0f75d0f81198eaf12e1251e85a34ebd23087ba790d6ad8a6c4cf0c85d410fef6bf6796e9a4c25699dd8bf51063b65b46aa5ad69ed243722b5ac050672fd3ba0c2d8b5e013f403dda3c30db4ca94da891a6d90ac9cfda97c0fce5bf7ed8c0d4b309ece7bbf0f536fcce750495dca0ba52c0c2e1972763f973a28925d8846b6a941bfc9dd1e96b889112336b1530327eaaddcb78ab1db7c35c4ef54a2888f770de481f0a6ba5b827a5013b6c9c0f9e6e629d7f0f65d260ee4ad62061305ba91ec2a29c27dc22b4d07cd090a66705f062ef25f632eaa2842b36dcf2807abb94403c458d78453a5bf20bae90912372db3e4ba83e66928dad13a734ecd912cff58640e8c3b4012ab0fd32f8679875b0f46812deb0f143d8c94b2d0c8d0d9bfc7c1f5eb6609179e1e4119e6c240d8ad581233f4b2bc55c39f3e46f4516ab2b2ac271f773809718f80efc4cd4fc28ebb09d7e8429203127de4aee25cb61bef5d71a3fd7b43741bb8d0f0b530f4d06e2c92c632930c8fec4c6a2b66f43efee55b50254dac26cbefde31cef6d044ce90e61bec3affde7682a14fd8327358b09b3445cc4af0bcf125d43d458d8089176f238d4253fc0e3f7b3b72fbd88bca0973539fdcab07ca1da7027a50ae01a071e080dd04718a82dc0ef72228a84598556d2f85777e72b4227475313a779b7cbc5c80314f7358cdb1e4ab8e178ef933e7192c60304770262e4b99d476b8f42c8eb2b10ba6ba0dd51a52710ac75d49f29ff6abfd791755a88c0456513b7e47915855ddb6b5c38b5955cac22aa6f2e96a135540b2da8d22b4c83590e585185946caf2307af83e4a9fc809301cb53284407cd5ed383477e0a0a1852b0b94c1c382d5a192ac2fc705f7eb05f2655a5c0220bc2eb03b8132290d7a2a3871d4c93fb48f0521c10590f35a90b813155483a2d64a408d21bcae12b5bf8977a42c7cf6810d7b300fcfe7b780688d227dba545cdb8104fc31d873f2ca8afe8a8ee1c8bfdc13663d5f4509b836e3901e41128bd694fef92737864630545ffba4afac3acc7b49a870566f245a2a3ed34ff266ff66ef1f45ecf83f33f548746c3f2d0868a2b0fda71312475a1e601c8b71a7b9231afa40936c42f7d1e3d053dc7dbf12956654590f55b12c6c77b9d7372d9805a84d6f99040e21b9791c62dda870814a60dbf27c4a82f3979410091ef1106220f96627d8f7f189de07ca85e0dab440efe5b8fdc8d7e434ba6162f0b5df11c0bd6489945c946953a21a2d0f0e8924337f401f42f96a87c26f76e4e6623eca76b8c81aa96741b248e07cc8fccb203903da21d364640549640aff4016c83c6e2586893212706aedd30c4b2b2c9c205d1332ea492d4aad97c2646c8082b6d769b5f5d606bec26fb762adf1308325c1c2ec38e2cfa424e41513718625a7d7004a7de11f937d177eee3da060e04b4f1311957fe7897e5f43d32f4c3b4234c3afdf3b069432ac235046efbe4e243c071f06c155bbc48cdac07171b38253c0de4afea667572ebbc28894cd2f9e21992d4d696710a0250acc1a355d951146cd46883787104494c20ca9abb33b07bb3e54b8c5861a1425f4d989029844ecdde4d851e57c9d39d757f473d55e4b0f0aeff40b304d3e04f6e2e9394b1e172d7482dad0b3ca2568aa3297391d614f912a08003300f50000000400238000000008004f00", @ANYRES32, @ANYBLOB="0b055bfae918f58d7afbadef493d7e358a95c4e330bcf2a04bc03c39d71670dab91ae5b106d1c2843ce4304ea577f9d8a1a0f848d602b9800600d00023000000f9768407cc2561184d2c4fc38602f7f8b7e4d6b3bb83f9abe034d3786433df04f18ac95f6d7d3fd067778f4450b81274918a59ba3a86b640f0b2f491691fbbf30d5968d8cac55f7faa350f658846cbf96a27bd30c15510f812038d31664a2401cbc2c9e12721a435f68c7490e6f85b04973390512b4a52fe2b005b277d1a2cb4f6609b499d2b554549f538e79bb251b0fb6cba3c2bd4ee5c2a261e87f8df3edb54c1acb4056770de689c1d57b90400e280e2bc598ed974dc397766010698def2d7772b1038bb9c17e0763cb138433f1e202f1611d0039a04209f742c012cea110be51c9b094f857d693685c3b632090db81a1ed81922c1bca49c033497098432b5cac25c7d29faaac98f1299fb1dd174a79b15697edc8badb40500dbca74b1ebf60400c1808723e75eb0d3bf1d6a19c1bcd4235f17e1b00f7a41329670f7d087b53a6ec1ea26f9b87f7bbde89b7abffc784f40bf50bafb1754a0ec5cf72e9089b5d61b9740aa1c56f016dd00d7da62d26242bfc367d029cd67bcb19fef0163b26f5a6fea1270de2665889035884d5137da65ac46509dfb7cd208e92dcf60f2faf30a5e53c8a2e83b6ee7ab4bfc225320e76ea3c10f3d8d440cebb9868fcf5dc7f513157d7b8a9322b23b544ca2131d65720f9a9279715eadf1fc70e535f868a25b760d349e142202b7ad4b65b80befeef4f8c1386507a2321365931e6facedda8269229e4815e587b5fcc9ea37e3a0a58273b4376cd8eebac1bcfc597dfab36b14aa33851094d9441bae8a044afc9b7afb784bfbd08a9db6a0f26ba9dac482446a7277903c08f0c639639658e8d4e28a3147ec1ef16f645271a41e746bdcad23b9238399ff08de694cc9746e60f02c6660e7f9bc90e77b70983b5d90a2c21537512c878c1cdbc1248969b461e35ca569d572593cd7918d45c0f6de5e4a4adef3ddad9ac2fd4795d1cb54f10427f07f7eee39c1fdecd2a177fd764774524be8c9ca3e08004c00", @ANYRES32, @ANYRES32, @ANYBLOB="08001b"], 0x18c0}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$MON_IOCX_GETX(r4, 0x4018920a, &(0x7f0000000d80)={&(0x7f0000000000), &(0x7f0000002240)=""/4108, 0xffffffffffffff6d})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="30000000cadd08becc264c6d5ee60412140100000000000000000008004f000000000008004b001300000008000300000700000800010000000000"], 0x30}}, 0x4000)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x6a0, 0x5, 0x348, 0x160, 0x0, 0xfeffffff, 0x160, 0x370, 0x370, 0x370, 0xffffffff, 0x370, 0x370, 0x5, 0x0, {[{{@uncond, 0x3e7, 0x70, 0xb8, 0xe000000}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@remote, @gre_key}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth1_to_batadv\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x7}}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @rand_addr, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @gre_key}}}}, {{@ip={@dev, @multicast1, 0x0, 0x0, 'macvlan0\x00', 'ipvlan1\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @loopback}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x14, 0x18}, 0x18)
openat(r7, &(0x7f0000000440)='./file0\x00', 0x400000, 0x28)

2.169730277s ago: executing program 2 (id=1602):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYRES64=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prlimit64(0x0, 0x7, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=alWays,\x00'])
chdir(&(0x7f0000000140)='./file0\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000000a0605000000000000000000010000050900020073797a3000000000050001000700000008000940000000011400088010"], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x44000)
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
ftruncate(r5, 0x2)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r7)
sendmsg$NFC_CMD_DEACTIVATE_TARGET(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r8, 0x501, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x41}, 0xc0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
setsockopt$PNPIPE_HANDLE(r5, 0x113, 0x3, &(0x7f00000000c0)=0x3, 0x4)

1.429292379s ago: executing program 3 (id=1603):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xf}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = fsopen(&(0x7f0000000100)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
mknodat$loop(r2, 0x0, 0x80, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x5)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r6=>0x0], &(0x7f0000000340)=[<r7=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r7, r6], 0x2})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000480)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[{}, {}, {}, {}], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x6, 0x4, 0x0, r7})
r8 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001800dd8e030000000000000002201400fc04c8060939a2b45b00150006000000"], 0x24}}, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
utime(0x0, 0xfffffffffffffffc)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r8, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x584}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
socket(0xa, 0x4, 0x0)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x149180, 0x0)
ioctl$TCSETS(r10, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x5, "ff00"})
syz_open_dev$sndmidi(&(0x7f0000000280), 0x1, 0x121040)
r11 = syz_open_pts(r10, 0x0)
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000000000)=0x13)

1.41868467s ago: executing program 0 (id=1604):
socket$packet(0x11, 0x3, 0x300)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0x7000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0x4000ba2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
copy_file_range(r3, &(0x7f0000000000)=0x3ff, r3, 0x0, 0x6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@verity_off}, {@nfs_export_on}]})
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')

1.220925291s ago: executing program 2 (id=1605):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x3, 0x0, &(0x7f0000000300))
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bda000/0x4000)=nil, 0xfffffffffffffea3, &(0x7f00000000c0)='\x00#\x0f\x01bK\xd1\xd8\xc8\xe3Z(\x03\xa1\x8b\x19#\x8fZ\x10Gk\x01\xd5\xc6r\x88\x97\xbb\xd9\xca=\xffa\xeb\b\xb2\x90\x1a\x03;\xae\xddc\nI\xcd\xf59>\xc4ZE\xac\xd3\x1f\xe7\xc5\xe5(\xed\xbb+\xfd\xe3\xb2\xf8\x9d\xf1\b\xff9\".Be\xf6\xb0\x0e\x86\xa3\x1c\x10\x88\xf4\xa2\xa0\x81\vN2N\xf1\xa5\x96\x94\x91\xa2S\x96@\xf1\x15\x9a{\xb9O{\x01*\xe98\xea\xcd\xcd\x04Y\x03\xf5>\x93\xb8')
r2 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x800, 0x8}, 0x0, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000010300), 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
ioctl$UI_GET_VERSION(0xffffffffffffffff, 0x8004552d, 0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x9, 0x3, 0x2d8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x258, 0xffffffff, 0xffffffff, 0x258, 0xffffffff, 0x3, &(0x7f0000000300), {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @loopback}, [0xffffffff, 0xffffffff, 0xffffff00], [0xffffff00, 0x0, 0xffffffff, 0xff000000], 'gretap0\x00', 'bond0\x00', {}, {}, 0x3a, 0x27, 0x6, 0x57}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x4, 0x6d, 0x5e0, '\x00', {0x1}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'pimreg\x00', {0x20}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
syz_usbip_server_init(0x3)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r5 = syz_open_dev$evdev(&(0x7f0000000340), 0x4, 0x2000)
ioctl$EVIOCGVERSION(r5, 0x5452, &(0x7f0000002200)=""/188)
sendmmsg(r4, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000001080)}], 0x1, &(0x7f0000001140)=[{0x50, 0x104, 0x4, "123e1c240436a67ca2b209be695eedb3fa9941c88d4356d3d3d6616ec6fbf4f58504743fb27dfe343c0ecd9c83c044e278dad6f9afbbe62fd6"}], 0x50}}], 0x1, 0x40000)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, 0x0, 0x0)

660.701654ms ago: executing program 0 (id=1606):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80383, 0x0)
getsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000), &(0x7f0000000040))
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6(0xa, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x1, 0x4, 0x401, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x20, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_MODE={0xa}]}, 0x20}}, 0x0)

408.714202ms ago: executing program 3 (id=1607):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000304000000000000008000000400", @ANYRES32=0x0, @ANYBLOB="60bc010023e701002400128009000100626f6e64000000001400028005000d000200000008001400ff"], 0x44}, 0x1, 0x0, 0x0, 0x11}, 0x4040044)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_CSUM={0x5, 0x8, 0x1}, @IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}, @IFLA_GENEVE_PORT={0x6, 0x5, 0x4e24}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
pipe(&(0x7f00000001c0))
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x400000000000152, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r8 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
io_setup(0x80000001, &(0x7f0000000400))
fcntl$dupfd(r8, 0x0, r8)
r9 = socket(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0xc08, 0x3, 0x440, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3a8, 0x3c8, 0x3c8, 0x3a8, 0x3c8, 0x3, 0x0, {[{{@ip={@multicast2, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}, {0x4}, {}, {}, {0x0, 0x0, 0x5e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0x0, 0x4}, {}, {0x4, 0x8}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x7f}, {0x0, 0x4}, {}, {}, {}, {0xfffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}]}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4a0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x1, 0x8, 0x56e48d82, 0xfffffffffffffff7, 0x6, 0x0, 0xaa, 0x6, 0x7, 0x400000000000004, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x7, 0x0, 0x100, 0x4, 0x2, 0x401, 0x3, 0x8, 0x8})
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001d0000000c00060001000000010000002c002f8008000100000000140003800500020000000000080001000100"/70], 0x4c}}, 0x0)
sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="180001801400020076657468305f746fc59752382f4d2971626174616476000000000000000000000000000000757535c45773dff142b66120961cee76edc7c9904814e46c31f6d914482524dfab2f2052e8160393843fdc4ea255187b838816d7b20c"], 0x2c}}, 0x0)

0s ago: executing program 4 (id=1608):
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='syscall\x00')
lseek(r0, 0x8, 0x0)
getsockname$packet(r0, &(0x7f0000000100), &(0x7f0000000280)=0x14)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCGSTAMPNS(r1, 0x8907, 0x0)
recvmmsg(r1, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000040)={[{0x100, 0x2, 0x7, 0x3, 0x5, 0x96, 0x9, 0x9, 0x5, 0x6, 0x40, 0x9}, {0x6000000, 0x9, 0x7, 0xfa, 0x5, 0x1, 0xfc, 0x6, 0x7, 0x8, 0x8, 0xe3, 0x8}, {0x200000, 0x4, 0x5, 0x6, 0x3, 0x0, 0x6, 0x2, 0x8a, 0x40, 0x2, 0xe, 0x200}], 0x400})
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a44, 0x1700)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22400)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000800001800000018000000020000000000000001000084000000000000090003e5ffffff0000000000"], 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000240), r2)
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x1c, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x110)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r6)
syz_usb_connect(0x2, 0x46, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ebeaa220d0070141c087010203010902"], 0x0)
r7 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCGFEATURE(r7, 0xc0404807, &(0x7f0000000300)={0x62, "a4395026f7fca8f411d271a8ac0352f02647be56f7af5c020d00a854bde7a3a2e42c1c5fcac45b88f2eb03642b134fd8e5b9bfd57889164508e1794a753cea7f"})
ioctl$HIDIOCGFEATURE(r7, 0xc0404807, &(0x7f0000000040)={0x4, "11988c7ba5bb888131cac156c94e0a000000000000df5be03664724d1dd748c3fa198dcd95bf761a3a4c868b46327ff700000000000000005026b76100"})
write$UHID_DESTROY(r4, &(0x7f00000001c0), 0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_async', 0x10000, 0x0)
close(r3)

kernel console output (not intermixed with test programs):

rer: syz
[  390.409833][ T5820] usb 4-1: Using ep0 maxpacket: 16
[  390.511353][ T5820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  390.583694][  T911] usb 1-1: SerialNumber: syz
[  390.656210][ T5935] usb-storage 2-1:0.0: USB Mass Storage device detected
[  390.739667][  T911] usb 1-1: config 0 descriptor??
[  390.749122][ T5820] usb 4-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00
[  390.758369][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.776340][ T5820] usb 4-1: config 0 descriptor??
[  390.777082][ T5935] usb 2-1: USB disconnect, device number 11
[  391.299485][  T911] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  391.314753][  T911] asix 1-1:0.0: probe with driver asix failed with error -61
[  391.373074][   T30] audit: type=1400 audit(1749944317.662:468): avc:  denied  { mount } for  pid=9867 comm="syz.4.970" name="/" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  391.396021][   T30] audit: type=1400 audit(1749944317.662:469): avc:  denied  { search } for  pid=9867 comm="syz.4.970" name="/" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  391.418613][   T30] audit: type=1400 audit(1749944317.662:470): avc:  denied  { search } for  pid=9867 comm="syz.4.970" name="/" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  391.441515][   T30] audit: type=1400 audit(1749944317.662:471): avc:  denied  { read open } for  pid=9867 comm="syz.4.970" path="/" dev="configfs" ino=1218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  391.507532][ T9844] netlink: 44 bytes leftover after parsing attributes in process `syz.0.963'.
[  391.516833][ T9844] netlink: 43 bytes leftover after parsing attributes in process `syz.0.963'.
[  391.519787][ T5934] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  391.525964][ T9844] netlink: 'syz.0.963': attribute type 6 has an invalid length.
[  391.541356][ T9844] netlink: 'syz.0.963': attribute type 5 has an invalid length.
[  391.552670][ T9844] netlink: 43 bytes leftover after parsing attributes in process `syz.0.963'.
[  391.676502][ T9875] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  391.701554][ T5934] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  391.718517][ T5934] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  391.737247][ T5934] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  391.747014][ T5934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.760329][ T5934] usb 3-1: Product: syz
[  391.764658][ T5934] usb 3-1: Manufacturer: syz
[  391.769265][ T5934] usb 3-1: SerialNumber: syz
[  391.788145][ T9852] netlink: 'syz.3.966': attribute type 15 has an invalid length.
[  392.031557][ T9879] input: syz0 as /devices/virtual/input/input28
[  393.117039][  T911] usb 1-1: USB disconnect, device number 22
[  393.322764][ T5820] usbhid 4-1:0.0: can't add hid device: -71
[  393.342016][ T5820] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  393.450029][ T5820] usb 4-1: USB disconnect, device number 20
[  393.549827][ T5934] cdc_ncm 3-1:1.0: bind() failure
[  393.621025][ T5934] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  393.627825][ T5934] cdc_ncm 3-1:1.1: bind() failure
[  393.681557][ T5830] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  393.690886][ T5830] Bluetooth: hci4: Injecting HCI hardware error event
[  393.691264][ T5934] usb 3-1: USB disconnect, device number 16
[  393.699405][ T5826] Bluetooth: hci4: hardware error 0x00
[  393.788689][ T9898] openvswitch: netlink: Key type 31 is not supported
[  395.226155][ T9920] xt_TPROXY: Can be used only with -p tcp or -p udp
[  396.132821][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  396.162587][ T9928] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  396.310112][ T5935] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  396.473321][ T5935] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  396.499099][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.520791][ T5935] usb 3-1: Product: syz
[  396.524964][ T5935] usb 3-1: Manufacturer: syz
[  396.542255][ T5935] usb 3-1: SerialNumber: syz
[  396.557211][ T5935] usb 3-1: config 0 descriptor??
[  397.116615][ T5935] usb-storage 3-1:0.0: USB Mass Storage device detected
[  397.226179][   T24] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  397.268175][ T5935] usb 3-1: USB disconnect, device number 17
[  397.410116][   T24] usb 5-1: device descriptor read/64, error -71
[  397.729893][   T24] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[  397.832822][ T9954] sctp: [Deprecated]: syz.3.992 (pid 9954) Use of struct sctp_assoc_value in delayed_ack socket option.
[  397.832822][ T9954] Use struct sctp_sack_info instead
[  397.879899][   T24] usb 5-1: device descriptor read/64, error -71
[  398.000733][   T24] usb usb5-port1: attempt power cycle
[  398.639998][   T24] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  398.774153][   T24] usb 5-1: device descriptor read/8, error -71
[  398.780593][ T9965] sd 0:0:1:0: PR command failed: 1026
[  398.786779][ T9965] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  398.794241][ T9965] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  399.040018][   T24] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  399.152774][   T24] usb 5-1: device descriptor read/8, error -71
[  399.261620][   T24] usb usb5-port1: unable to enumerate USB device
[  399.341428][ T9971] sd 0:0:1:0: PR command failed: 1026
[  399.349588][ T9971] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  399.358173][ T9971] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  399.468159][ T9960] FAULT_INJECTION: forcing a failure.
[  399.468159][ T9960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.481387][ T9960] CPU: 1 UID: 0 PID: 9960 Comm: syz.2.995 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  399.481410][ T9960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  399.481421][ T9960] Call Trace:
[  399.481427][ T9960]  <TASK>
[  399.481433][ T9960]  dump_stack_lvl+0x16c/0x1f0
[  399.481463][ T9960]  should_fail_ex+0x512/0x640
[  399.481490][ T9960]  _copy_from_iter+0x29f/0x16f0
[  399.481522][ T9960]  ? __alloc_skb+0x200/0x380
[  399.481547][ T9960]  ? __pfx__copy_from_iter+0x10/0x10
[  399.481573][ T9960]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  399.481599][ T9960]  netlink_sendmsg+0x829/0xdd0
[  399.481621][ T9960]  ? __pfx_netlink_sendmsg+0x10/0x10
[  399.481649][ T9960]  ____sys_sendmsg+0xa98/0xc70
[  399.481669][ T9960]  ? copy_msghdr_from_user+0x10a/0x160
[  399.481693][ T9960]  ? __pfx_____sys_sendmsg+0x10/0x10
[  399.481724][ T9960]  ___sys_sendmsg+0x134/0x1d0
[  399.481750][ T9960]  ? __pfx____sys_sendmsg+0x10/0x10
[  399.481772][ T9960]  ? __lock_acquire+0x622/0x1c90
[  399.481830][ T9960]  __sys_sendmsg+0x16d/0x220
[  399.481855][ T9960]  ? __pfx___sys_sendmsg+0x10/0x10
[  399.481896][ T9960]  do_syscall_64+0xcd/0x4c0
[  399.481924][ T9960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.481941][ T9960] RIP: 0033:0x7f3898f8e929
[  399.481955][ T9960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.481972][ T9960] RSP: 002b:00007f3899e78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  399.481988][ T9960] RAX: ffffffffffffffda RBX: 00007f38991b5fa0 RCX: 00007f3898f8e929
[  399.481999][ T9960] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000005
[  399.482010][ T9960] RBP: 00007f3899e78090 R08: 0000000000000000 R09: 0000000000000000
[  399.482020][ T9960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.482030][ T9960] R13: 0000000000000000 R14: 00007f38991b5fa0 R15: 00007ffce61c3f78
[  399.482054][ T9960]  </TASK>
[  399.767425][ T9981] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  399.820298][   T24] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  399.965413][ T9983] overlayfs: failed to clone upperpath
[  400.100287][   T24] usb 4-1: Using ep0 maxpacket: 16
[  400.166404][   T24] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[  400.301394][   T24] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  400.433023][   T24] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  400.441918][   T24] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  400.450836][   T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  400.463052][   T24] usb 4-1: config 0 has no interface number 0
[  400.469386][   T24] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  400.481109][   T24] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  400.491313][   T24] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  400.501438][   T24] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  400.516053][   T24] usb 4-1: config 0 interface 125 has no altsetting 0
[  400.523008][   T24] usb 4-1: config 0 interface 125 has no altsetting 2
[  400.534953][   T24] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  400.546617][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.558353][   T24] usb 4-1: Product: syz
[  400.563538][   T24] usb 4-1: Manufacturer: syz
[  400.568188][   T24] usb 4-1: SerialNumber: syz
[  400.577183][   T24] usb 4-1: config 0 descriptor??
[  400.594416][   T24] usb 4-1: selecting invalid altsetting 2
[  400.657992][ T5935] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  400.678770][ T5935] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  401.317019][ T5942] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  401.495278][ T5942] usb 3-1: config 0 has no interfaces?
[  401.502715][ T5942] usb 3-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=87.c0
[  401.511976][ T5942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.520463][ T5942] usb 3-1: Product: syz
[  401.524679][ T5942] usb 3-1: Manufacturer: syz
[  401.536612][ T5942] usb 3-1: SerialNumber: syz
[  401.623371][ T5942] usb 3-1: config 0 descriptor??
[  401.684607][   T30] audit: type=1400 audit(1749944327.972:472): avc:  denied  { listen } for  pid=9996 comm="syz.1.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  401.704727][   T24] get_1284_register timeout
[  401.710615][    C1] usb 4-1: async_complete: urb error -104
[  401.717046][   T24] uss720 4-1:0.125: probe with driver uss720 failed with error -5
[  402.015874][ T5942] usb 4-1: USB disconnect, device number 21
[  402.056436][ T5934] usb 3-1: USB disconnect, device number 18
[  402.415430][  T911] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  402.633209][  T911] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  402.667984][  T911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  402.681225][  T911] usb 2-1: Product: syz
[  402.685410][  T911] usb 2-1: Manufacturer: syz
[  402.690555][  T911] usb 2-1: SerialNumber: syz
[  402.697229][  T911] usb 2-1: config 0 descriptor??
[  402.975845][  T911] usb-storage 2-1:0.0: USB Mass Storage device detected
[  403.074307][  T911] usb 2-1: USB disconnect, device number 12
[  403.110717][   T24] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  403.423069][   T24] usb 3-1: config index 0 descriptor too short (expected 16456, got 72)
[  403.437726][   T24] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  403.448807][   T24] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  403.457068][   T24] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  403.465502][   T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  403.474851][   T24] usb 3-1: config 0 has no interface number 0
[  403.481105][   T24] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  403.498300][   T24] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  403.509015][   T24] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  403.519286][   T24] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  403.533830][   T24] usb 3-1: config 0 interface 125 has no altsetting 0
[  403.541187][   T24] usb 3-1: config 0 interface 125 has no altsetting 2
[  403.552779][   T24] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  403.566194][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.578449][   T24] usb 3-1: Product: syz
[  403.584728][   T24] usb 3-1: Manufacturer: syz
[  403.599681][   T24] usb 3-1: SerialNumber: syz
[  403.611360][   T24] usb 3-1: config 0 descriptor??
[  403.623807][   T24] usb 3-1: selecting invalid altsetting 2
[  404.302432][T10032] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  404.337342][T10032] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  404.815851][   T24] get_1284_register timeout
[  404.980550][    C1] usb 3-1: async_complete: urb error -104
[  404.986405][   T24] uss720 3-1:0.125: probe with driver uss720 failed with error -5
[  405.101557][   T24] usb 3-1: USB disconnect, device number 19
[  405.431213][T10050] tipc: Started in network mode
[  405.446415][T10050] tipc: Node identity ac14140f, cluster identity 4711
[  405.494407][T10050] tipc: New replicast peer: 255.255.255.255
[  405.677064][T10050] tipc: Enabled bearer <udp:syz2>, priority 10
[  406.507631][T10051] block nbd4: shutting down sockets
[  406.747081][ T5934] tipc: Node number set to 2886997007
[  407.019770][ T5934] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  407.224310][ T5934] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  407.320506][ T5934] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.351867][ T5934] usb 5-1: Product: syz
[  407.356064][ T5934] usb 5-1: Manufacturer: syz
[  407.376244][ T5934] usb 5-1: SerialNumber: syz
[  407.543693][ T5934] usb 5-1: config 0 descriptor??
[  408.138650][ T5934] usb-storage 5-1:0.0: USB Mass Storage device detected
[  408.187150][T10085] netlink: 'syz.0.1026': attribute type 2 has an invalid length.
[  408.269769][ T5942] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  408.324737][ T5934] usb 5-1: USB disconnect, device number 27
[  408.419975][ T5942] usb 4-1: Using ep0 maxpacket: 8
[  408.432583][ T5942] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  408.907882][ T5942] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  408.918012][ T5942] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  408.929930][ T5942] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  408.945139][ T5942] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  408.954854][T10101] xt_TPROXY: Can be used only with -p tcp or -p udp
[  408.990366][ T5942] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.016004][T10106] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1031'.
[  409.261402][ T5942] usb 4-1: GET_CAPABILITIES returned 0
[  409.272311][ T5942] usbtmc 4-1:16.0: can't read capabilities
[  409.351040][   T30] audit: type=1400 audit(1749944335.642:473): avc:  denied  { ioctl } for  pid=10114 comm="syz.2.1033" path="socket:[22872]" dev="sockfs" ino=22872 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  409.525475][  T911] usb 4-1: USB disconnect, device number 22
[  410.022534][   T30] audit: type=1400 audit(1749944336.312:474): avc:  denied  { create } for  pid=10092 comm="syz.1.1028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  413.099065][T10152] input: syz0 as /devices/virtual/input/input29
[  413.433507][T10138] delete_channel: no stack
[  415.048766][ T5935] libceph: connect (1)[c::]:6789 error -101
[  415.056341][ T5935] libceph: mon0 (1)[c::]:6789 connect error
[  415.378319][ T5942] libceph: connect (1)[c::]:6789 error -101
[  415.389867][ T5942] libceph: mon0 (1)[c::]:6789 connect error
[  415.773377][T10180] ceph: No mds server is up or the cluster is laggy
[  415.954940][ T5942] libceph: connect (1)[c::]:6789 error -101
[  416.152703][ T5830] Bluetooth: hci3: command 0x0406 tx timeout
[  416.452594][ T5942] libceph: mon0 (1)[c::]:6789 connect error
[  417.133064][T10215] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1057'.
[  417.287125][T10217] raw_sendmsg: syz.1.1057 forgot to set AF_INET. Fix it!
[  417.416641][T10219] fuse: Bad value for 'fd'
[  417.554836][   T30] audit: type=1400 audit(1749944343.842:475): avc:  denied  { map } for  pid=10212 comm="syz.4.1056" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  417.622197][   T30] audit: type=1400 audit(1749944343.842:476): avc:  denied  { execute } for  pid=10212 comm="syz.4.1056" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  417.702476][T10226] netlink: 'syz.4.1056': attribute type 1 has an invalid length.
[  417.724000][T10226] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  417.731429][T10226] IPv6: NLM_F_CREATE should be set when creating new route
[  417.979419][T10232] Bluetooth: MGMT ver 1.23
[  418.439944][ T5934] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  418.595478][ T5934] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  418.617729][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.678878][ T5934] usb 2-1: Product: syz
[  418.696812][ T5934] usb 2-1: Manufacturer: syz
[  418.714278][ T5934] usb 2-1: SerialNumber: syz
[  418.739415][ T5934] usb 2-1: config 0 descriptor??
[  418.970997][T10229] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1062'.
[  419.025342][ T5934] usb-storage 2-1:0.0: USB Mass Storage device detected
[  419.564369][ T5934] usb 2-1: USB disconnect, device number 13
[  419.728785][   T30] audit: type=1400 audit(1749944346.012:477): avc:  denied  { setopt } for  pid=10256 comm="syz.1.1067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  420.760268][T10278] ALSA: mixer_oss: invalid OSS volume ''
[  421.338660][ T5942] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  421.384570][T10290] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1077'.
[  421.385305][ T5942] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  421.397420][T10292] random: crng reseeded on system resumption
[  421.544776][   T30] audit: type=1400 audit(1749944347.832:478): avc:  denied  { connect } for  pid=10299 comm="syz.2.1078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  421.593991][   T30] audit: type=1400 audit(1749944347.882:479): avc:  denied  { bind } for  pid=10301 comm="syz.2.1079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  421.594186][T10302] Unsupported ieee802154 address type: 0
[  421.630058][ T5934] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  421.709972][T10305] input: syz0 as /devices/virtual/input/input30
[  421.794341][ T5934] usb 2-1: config 0 has no interfaces?
[  421.814324][ T5934] usb 2-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=87.c0
[  421.826126][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.839837][   T30] audit: type=1400 audit(1749944348.122:480): avc:  denied  { watch } for  pid=10308 comm="syz.2.1082" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  421.849733][ T5934] usb 2-1: Product: syz
[  421.872987][   T30] audit: type=1400 audit(1749944348.122:481): avc:  denied  { watch_sb watch_reads } for  pid=10308 comm="syz.2.1082" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  421.875750][ T5934] usb 2-1: Manufacturer: syz
[  421.900873][   T30] audit: type=1400 audit(1749944348.122:482): avc:  denied  { ioctl } for  pid=10308 comm="syz.2.1082" path="/dev/nvram" dev="devtmpfs" ino=623 ioctlcmd=0x89f6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  421.904836][ T5934] usb 2-1: SerialNumber: syz
[  421.927365][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.634195][ T5934] usb 2-1: config 0 descriptor??
[  423.168549][   T30] audit: type=1400 audit(1749944349.442:483): avc:  denied  { getopt } for  pid=10326 comm="syz.3.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  423.188115][    C1] vkms_vblank_simulate: vblank timer overrun
[  423.542540][ T5820] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  424.119881][ T5935] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  424.362090][ T5820] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.376668][ T5820] usb 4-1: config 0 has no interfaces?
[  424.389779][ T5820] usb 4-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea
[  424.391425][ T5935] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  424.408913][ T5935] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  424.412510][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.421329][ T5935] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  424.436735][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.445077][ T5935] usb 3-1: Product: syz
[  424.449348][ T5935] usb 3-1: Manufacturer: syz
[  424.454266][ T5935] usb 3-1: SerialNumber: syz
[  424.465202][ T5820] usb 4-1: config 0 descriptor??
[  424.520732][T10343] input: syz0 as /devices/virtual/input/input31
[  424.571685][ T5942] usb 2-1: USB disconnect, device number 14
[  424.690060][T10327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.703185][T10327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.771193][ T5942] usb 4-1: USB disconnect, device number 23
[  424.893546][T10352] random: crng reseeded on system resumption
[  425.377753][T10355] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1094'.
[  426.562743][ T5935] cdc_ncm 3-1:1.0: bind() failure
[  426.575614][ T5935] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  426.582432][ T5935] cdc_ncm 3-1:1.1: bind() failure
[  426.599917][ T5935] usb 3-1: USB disconnect, device number 20
[  428.899519][   T30] audit: type=1400 audit(1749944355.182:484): avc:  denied  { getopt } for  pid=10366 comm="syz.0.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  429.336774][T10376] FAULT_INJECTION: forcing a failure.
[  429.336774][T10376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.390303][T10376] CPU: 1 UID: 0 PID: 10376 Comm: syz.4.1102 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  429.390329][T10376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.390339][T10376] Call Trace:
[  429.390345][T10376]  <TASK>
[  429.390352][T10376]  dump_stack_lvl+0x16c/0x1f0
[  429.390383][T10376]  should_fail_ex+0x512/0x640
[  429.390411][T10376]  _copy_from_user+0x2e/0xd0
[  429.390436][T10376]  copy_from_sockptr_offset.constprop.0+0x153/0x1a0
[  429.390460][T10376]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  429.390483][T10376]  ? __pfx_avc_has_perm+0x10/0x10
[  429.390504][T10376]  packet_setsockopt+0xbbd/0x33c0
[  429.390534][T10376]  ? __pfx_packet_setsockopt+0x10/0x10
[  429.390556][T10376]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[  429.390582][T10376]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  429.390604][T10376]  ? proc_fail_nth_write+0x9f/0x250
[  429.390630][T10376]  ? __lock_acquire+0x622/0x1c90
[  429.390661][T10376]  ? selinux_socket_setsockopt+0x6a/0x80
[  429.390685][T10376]  ? __pfx_packet_setsockopt+0x10/0x10
[  429.390708][T10376]  do_sock_setsockopt+0x224/0x470
[  429.390727][T10376]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  429.390759][T10376]  __sys_setsockopt+0x1a0/0x230
[  429.390786][T10376]  __x64_sys_setsockopt+0xbd/0x160
[  429.390809][T10376]  ? do_syscall_64+0x91/0x4c0
[  429.390834][T10376]  ? lockdep_hardirqs_on+0x7c/0x110
[  429.390858][T10376]  do_syscall_64+0xcd/0x4c0
[  429.390884][T10376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.390901][T10376] RIP: 0033:0x7f03e038e929
[  429.390915][T10376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.390932][T10376] RSP: 002b:00007f03e1179038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  429.390948][T10376] RAX: ffffffffffffffda RBX: 00007f03e05b5fa0 RCX: 00007f03e038e929
[  429.390958][T10376] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000004
[  429.390967][T10376] RBP: 00007f03e1179090 R08: 0000000000000008 R09: 0000000000000000
[  429.390977][T10376] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.390986][T10376] R13: 0000000000000000 R14: 00007f03e05b5fa0 R15: 00007ffd55fc7d48
[  429.391008][T10376]  </TASK>
[  429.892706][T10387] input: syz0 as /devices/virtual/input/input32
[  430.578447][T10400] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1107'.
[  430.878025][T10403] random: crng reseeded on system resumption
[  431.556489][T10406] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1109'.
[  432.358840][   T30] audit: type=1800 audit(1749944358.642:485): pid=10416 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.1112" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  433.137661][T10416] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  433.555675][T10430] xt_policy: output policy not valid in PREROUTING and INPUT
[  433.897452][   T24] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  434.607518][   T24] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  434.834783][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.915432][   T24] usb 3-1: config 0 descriptor??
[  434.979823][   T24] gspca_main: cpia1-2.14.0 probing 0813:0001
[  435.047500][   T30] audit: type=1400 audit(1749944361.332:486): avc:  denied  { create } for  pid=10453 comm="syz.1.1125" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1
[  436.271145][   T24] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[  436.988439][   T30] audit: type=1400 audit(1749944363.272:487): avc:  denied  { write } for  pid=10468 comm="syz.4.1126" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  437.020841][T10464] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1124'.
[  437.158507][T10471] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1126'.
[  437.159392][   T30] audit: type=1400 audit(1749944363.392:488): avc:  denied  { name_connect } for  pid=10468 comm="syz.4.1126" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  437.606649][   T24] gspca_cpia1: usb_control_msg 02, error -110
[  437.749812][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  437.757217][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  437.765213][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  437.775734][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  437.783858][   T24] cpia1 3-1:0.0: unexpected systemstate: 00
[  437.863480][ T5935] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  437.894575][ T5935] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  437.967810][   T30] audit: type=1400 audit(1749944364.252:489): avc:  denied  { listen } for  pid=10480 comm="syz.1.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  438.006467][T10481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1130'.
[  438.025238][   T30] audit: type=1400 audit(1749944364.282:490): avc:  denied  { ioctl } for  pid=10480 comm="syz.1.1130" path="socket:[23510]" dev="sockfs" ino=23510 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  438.060820][T10481] vlan2: entered allmulticast mode
[  438.066014][T10481] hsr0: entered allmulticast mode
[  438.071168][T10481] hsr_slave_0: entered allmulticast mode
[  438.076883][T10481] hsr_slave_1: entered allmulticast mode
[  438.141552][   T24] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  438.176166][T10483] FAULT_INJECTION: forcing a failure.
[  438.176166][T10483] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.222507][T10483] CPU: 1 UID: 0 PID: 10483 Comm: syz.1.1131 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  438.222533][T10483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  438.222544][T10483] Call Trace:
[  438.222550][T10483]  <TASK>
[  438.222557][T10483]  dump_stack_lvl+0x16c/0x1f0
[  438.222587][T10483]  should_fail_ex+0x512/0x640
[  438.222615][T10483]  _copy_from_iter+0x29f/0x16f0
[  438.222643][T10483]  ? __alloc_skb+0x200/0x380
[  438.222667][T10483]  ? __pfx__copy_from_iter+0x10/0x10
[  438.222694][T10483]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  438.222721][T10483]  netlink_sendmsg+0x829/0xdd0
[  438.222744][T10483]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.222772][T10483]  ____sys_sendmsg+0xa98/0xc70
[  438.222792][T10483]  ? copy_msghdr_from_user+0x10a/0x160
[  438.222816][T10483]  ? __pfx_____sys_sendmsg+0x10/0x10
[  438.222847][T10483]  ___sys_sendmsg+0x134/0x1d0
[  438.222873][T10483]  ? __pfx____sys_sendmsg+0x10/0x10
[  438.222895][T10483]  ? __lock_acquire+0x622/0x1c90
[  438.222953][T10483]  __sys_sendmsg+0x16d/0x220
[  438.222978][T10483]  ? __pfx___sys_sendmsg+0x10/0x10
[  438.223020][T10483]  do_syscall_64+0xcd/0x4c0
[  438.223047][T10483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.223065][T10483] RIP: 0033:0x7f9860d8e929
[  438.223079][T10483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.223095][T10483] RSP: 002b:00007f985ebf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  438.223117][T10483] RAX: ffffffffffffffda RBX: 00007f9860fb5fa0 RCX: 00007f9860d8e929
[  438.223129][T10483] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  438.223139][T10483] RBP: 00007f985ebf6090 R08: 0000000000000000 R09: 0000000000000000
[  438.223149][T10483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.223159][T10483] R13: 0000000000000000 R14: 00007f9860fb5fa0 R15: 00007fff5efec7e8
[  438.223185][T10483]  </TASK>
[  438.431530][   T24] usb 4-1: config 0 has no interfaces?
[  438.455821][   T24] usb 4-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=87.c0
[  438.479554][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.509128][   T24] usb 4-1: Product: syz
[  438.514844][   T24] usb 4-1: Manufacturer: syz
[  438.646430][ T5934] usb 3-1: USB disconnect, device number 21
[  438.664515][   T24] usb 4-1: SerialNumber: syz
[  438.679482][   T24] usb 4-1: config 0 descriptor??
[  439.185128][T10497] random: crng reseeded on system resumption
[  439.566334][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  439.572731][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  439.635485][ T5935] usb 4-1: USB disconnect, device number 24
[  442.583419][   T30] audit: type=1400 audit(1749944368.872:491): avc:  denied  { map } for  pid=10528 comm="syz.0.1143" path="socket:[24601]" dev="sockfs" ino=24601 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  442.689059][T10533] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1143'.
[  443.705778][   T30] audit: type=1400 audit(1749944369.922:492): avc:  denied  { listen } for  pid=10535 comm="syz.4.1144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  443.725752][   T30] audit: type=1400 audit(1749944369.922:493): avc:  denied  { ioctl } for  pid=10535 comm="syz.4.1144" path="socket:[24613]" dev="sockfs" ino=24613 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  443.814137][T10542] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1147'.
[  444.252724][T10550] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  444.269136][T10550] overlayfs: missing 'lowerdir'
[  444.611169][T10561] FAULT_INJECTION: forcing a failure.
[  444.611169][T10561] name failslab, interval 1, probability 0, space 0, times 0
[  444.624149][T10561] CPU: 1 UID: 0 PID: 10561 Comm: syz.2.1150 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  444.624172][T10561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.624182][T10561] Call Trace:
[  444.624189][T10561]  <TASK>
[  444.624196][T10561]  dump_stack_lvl+0x16c/0x1f0
[  444.624226][T10561]  should_fail_ex+0x512/0x640
[  444.624252][T10561]  should_failslab+0xc2/0x120
[  444.624277][T10561]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  444.624300][T10561]  ? skb_clone+0x190/0x3f0
[  444.624329][T10561]  skb_clone+0x190/0x3f0
[  444.624354][T10561]  netlink_deliver_tap+0xabd/0xd30
[  444.624378][T10561]  netlink_unicast+0x5df/0x7f0
[  444.624400][T10561]  ? __pfx_netlink_unicast+0x10/0x10
[  444.624425][T10561]  netlink_sendmsg+0x8d1/0xdd0
[  444.624448][T10561]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.624477][T10561]  sock_write_iter+0x4fc/0x5b0
[  444.624496][T10561]  ? __pfx_sock_write_iter+0x10/0x10
[  444.624513][T10561]  ? rcu_is_watching+0x12/0xc0
[  444.624546][T10561]  ? do_iter_readv_writev+0x617/0x950
[  444.624565][T10561]  ? do_iter_readv_writev+0x625/0x950
[  444.624587][T10561]  do_iter_readv_writev+0x654/0x950
[  444.624609][T10561]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  444.624628][T10561]  ? selinux_file_permission+0x126/0x660
[  444.624655][T10561]  ? bpf_lsm_file_permission+0x9/0x10
[  444.624682][T10561]  ? security_file_permission+0x71/0x210
[  444.624707][T10561]  ? rw_verify_area+0xcf/0x680
[  444.624728][T10561]  vfs_writev+0x35f/0xde0
[  444.624755][T10561]  ? __pfx_vfs_writev+0x10/0x10
[  444.624773][T10561]  ? trace_sched_exit_tp+0xde/0x130
[  444.624797][T10561]  ? __schedule+0x1181/0x5de0
[  444.624836][T10561]  ? __fget_files+0x20e/0x3c0
[  444.624857][T10561]  ? __fget_files+0x190/0x3c0
[  444.624887][T10561]  ? do_writev+0x28c/0x340
[  444.624904][T10561]  do_writev+0x28c/0x340
[  444.624923][T10561]  ? __pfx_do_writev+0x10/0x10
[  444.624950][T10561]  do_syscall_64+0xcd/0x4c0
[  444.624978][T10561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.624995][T10561] RIP: 0033:0x7f3898f8e929
[  444.625009][T10561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.625026][T10561] RSP: 002b:00007f3899e36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  444.625049][T10561] RAX: ffffffffffffffda RBX: 00007f38991b6160 RCX: 00007f3898f8e929
[  444.625060][T10561] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[  444.625070][T10561] RBP: 00007f3899e36090 R08: 0000000000000000 R09: 0000000000000000
[  444.625081][T10561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.625091][T10561] R13: 0000000000000000 R14: 00007f38991b6160 R15: 00007ffce61c3f78
[  444.625115][T10561]  </TASK>
[  445.085054][ T5934] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  445.313838][T10565] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  445.593071][ T5934] usb 2-1: Using ep0 maxpacket: 16
[  445.732129][ T5934] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  445.771691][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.788720][ T5934] usb 2-1: Product: syz
[  445.807093][ T5934] usb 2-1: Manufacturer: syz
[  445.821857][ T5934] usb 2-1: SerialNumber: syz
[  445.883605][ T5934] ssu100 2-1:254.0: Quatech SSU-100 USB to Serial Driver converter detected
[  446.100476][ T5934] ssu100 2-1:254.0: probe with driver ssu100 failed with error -5
[  447.391931][ T5830] Bluetooth: hci3: unexpected event for opcode 0x0c57
[  447.463780][T10590] FAULT_INJECTION: forcing a failure.
[  447.463780][T10590] name failslab, interval 1, probability 0, space 0, times 0
[  447.476745][T10590] CPU: 1 UID: 0 PID: 10590 Comm: syz.3.1160 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  447.476770][T10590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  447.476780][T10590] Call Trace:
[  447.476786][T10590]  <TASK>
[  447.476793][T10590]  dump_stack_lvl+0x16c/0x1f0
[  447.476824][T10590]  should_fail_ex+0x512/0x640
[  447.476846][T10590]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  447.476878][T10590]  should_failslab+0xc2/0x120
[  447.476903][T10590]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  447.476927][T10590]  ? io_submit_one+0x122/0x1df0
[  447.476954][T10590]  io_submit_one+0x122/0x1df0
[  447.476980][T10590]  ? __lock_acquire+0xb8a/0x1c90
[  447.477011][T10590]  ? __pfx_io_submit_one+0x10/0x10
[  447.477050][T10590]  ? __might_fault+0xe3/0x190
[  447.477070][T10590]  ? __might_fault+0x13b/0x190
[  447.477098][T10590]  ? __x64_sys_io_submit+0x1a9/0x350
[  447.477121][T10590]  __x64_sys_io_submit+0x1a9/0x350
[  447.477148][T10590]  ? __pfx___x64_sys_io_submit+0x10/0x10
[  447.477170][T10590]  ? fput+0x70/0xf0
[  447.477209][T10590]  do_syscall_64+0xcd/0x4c0
[  447.477237][T10590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.477254][T10590] RIP: 0033:0x7f27ec58e929
[  447.477268][T10590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  447.477285][T10590] RSP: 002b:00007f27ed445038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  447.477302][T10590] RAX: ffffffffffffffda RBX: 00007f27ec7b5fa0 RCX: 00007f27ec58e929
[  447.477314][T10590] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f27ed424000
[  447.477324][T10590] RBP: 00007f27ed445090 R08: 0000000000000000 R09: 0000000000000000
[  447.477334][T10590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  447.477344][T10590] R13: 0000000000000000 R14: 00007f27ec7b5fa0 R15: 00007ffe7bb136e8
[  447.477371][T10590]  </TASK>
[  447.727085][T10588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  447.737411][T10588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.886074][T10598] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1161'.
[  448.974595][T10610] fuse: Bad value for 'fd'
[  449.151213][T10614] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1167'.
[  449.847421][T10620] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  449.924263][T10620] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1169'.
[  450.112510][ T5934] usb 2-1: USB disconnect, device number 15
[  450.154949][   T30] audit: type=1326 audit(1749944376.442:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  450.252951][   T30] audit: type=1326 audit(1749944376.472:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  450.309018][   T30] audit: type=1326 audit(1749944376.472:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  450.881844][T10633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1172'.
[  450.919782][   T30] audit: type=1326 audit(1749944376.472:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  451.094703][   T30] audit: type=1326 audit(1749944376.472:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  451.237407][T10631] input: syz0 as /devices/virtual/input/input33
[  451.457472][   T30] audit: type=1326 audit(1749944376.472:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  451.481793][   T30] audit: type=1326 audit(1749944376.472:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  451.510061][   T30] audit: type=1326 audit(1749944376.492:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10625 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbb5dfc11e5 code=0x7ffc0000
[  451.533714][   T30] audit: type=1326 audit(1749944376.492:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  451.701709][   T30] audit: type=1326 audit(1749944376.492:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.0.1171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5df8e929 code=0x7ffc0000
[  452.354028][T10639] syz.2.1174 (10639) used greatest stack depth: 19800 bytes left
[  453.020127][ T5894] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  453.181565][ T5894] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[  453.190495][ T5894] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  453.199583][ T5894] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  453.208058][ T5894] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  453.216314][ T5894] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  453.220017][ T5935] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  453.225548][ T5894] usb 2-1: config 0 has no interface number 0
[  453.239146][ T5894] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  453.258859][ T5894] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  453.286792][ T5894] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  453.346184][ T5894] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  453.410770][ T5894] usb 2-1: config 0 interface 125 has no altsetting 0
[  453.433890][ T5894] usb 2-1: config 0 interface 125 has no altsetting 2
[  453.466045][ T5894] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  453.544620][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.600665][ T5894] usb 2-1: Product: syz
[  453.643168][ T5894] usb 2-1: Manufacturer: syz
[  453.677078][ T5894] usb 2-1: SerialNumber: syz
[  453.767700][ T5894] usb 2-1: config 0 descriptor??
[  453.886456][ T5894] usb 2-1: selecting invalid altsetting 2
[  453.888417][ T5935] usb 4-1: Using ep0 maxpacket: 8
[  454.300939][ T5935] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  454.308372][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  454.329007][ T5935] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  454.341038][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  454.352486][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  454.365328][ T5935] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  454.372873][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  454.390413][ T5935] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  454.402150][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  454.413287][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  454.426007][ T5935] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  454.449950][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  454.514403][ T5935] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  454.560062][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  454.744252][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  454.764768][ T5935] usb 4-1: string descriptor 0 read error: -22
[  454.779944][ T5935] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  454.788986][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.818366][ T5935] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  455.121030][ T5894] get_1284_register timeout
[  455.125605][ T5894] uss720 2-1:0.125: probe with driver uss720 failed with error -5
[  455.133734][    C1] usb 2-1: async_complete: urb error -104
[  455.133831][    C1] usb 2-1: async_complete: urb error -104
[  455.191669][ T5894] usb 2-1: USB disconnect, device number 16
[  455.231100][T10685] FAULT_INJECTION: forcing a failure.
[  455.231100][T10685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.244725][T10685] CPU: 1 UID: 0 PID: 10685 Comm: syz.2.1189 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  455.244748][T10685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  455.244759][T10685] Call Trace:
[  455.244765][T10685]  <TASK>
[  455.244771][T10685]  dump_stack_lvl+0x16c/0x1f0
[  455.244801][T10685]  should_fail_ex+0x512/0x640
[  455.244830][T10685]  _copy_to_user+0x32/0xd0
[  455.244857][T10685]  sg_read+0xdf7/0x1670
[  455.244882][T10685]  ? __pfx_sg_read+0x10/0x10
[  455.244898][T10685]  ? avc_has_perm+0xe0/0x1c0
[  455.244912][T10685]  ? selinux_file_permission+0x126/0x660
[  455.244945][T10685]  ? bpf_lsm_file_permission+0x9/0x10
[  455.244972][T10685]  ? security_file_permission+0x71/0x210
[  455.244997][T10685]  ? rw_verify_area+0xcf/0x680
[  455.245015][T10685]  ? __pfx_sg_read+0x10/0x10
[  455.245032][T10685]  vfs_read+0x1e1/0xc60
[  455.245058][T10685]  ? __pfx_vfs_read+0x10/0x10
[  455.245076][T10685]  ? find_held_lock+0x2b/0x80
[  455.245098][T10685]  ? __fget_files+0x204/0x3c0
[  455.245124][T10685]  ? __fget_files+0x20e/0x3c0
[  455.245154][T10685]  ksys_read+0x12a/0x250
[  455.245174][T10685]  ? __pfx_ksys_read+0x10/0x10
[  455.245202][T10685]  do_syscall_64+0xcd/0x4c0
[  455.245229][T10685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.245247][T10685] RIP: 0033:0x7f3898f8e929
[  455.245260][T10685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.245277][T10685] RSP: 002b:00007f3899e36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  455.245293][T10685] RAX: ffffffffffffffda RBX: 00007f38991b6160 RCX: 00007f3898f8e929
[  455.245305][T10685] RDX: 00000000fffffeea RSI: 0000200000001400 RDI: 0000000000000006
[  455.245315][T10685] RBP: 00007f3899e36090 R08: 0000000000000000 R09: 0000000000000000
[  455.245325][T10685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  455.245335][T10685] R13: 0000000000000000 R14: 00007f38991b6160 R15: 00007ffce61c3f78
[  455.245358][T10685]  </TASK>
[  455.853137][T10689] relay: one or more items not logged [item size (56) > sub-buffer size (8)]
[  456.791809][   T24] usb 4-1: USB disconnect, device number 25
[  458.544708][   T30] kauditd_printk_skb: 41 callbacks suppressed
[  458.544770][   T30] audit: type=1400 audit(1749944384.832:545): avc:  denied  { setopt } for  pid=10702 comm="syz.4.1192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  458.779839][   T30] audit: type=1400 audit(1749944384.842:546): avc:  denied  { bind } for  pid=10702 comm="syz.4.1192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  459.730848][ T5826] Bluetooth: hci2: unexpected event for opcode 0x2062
[  460.429744][ T5935] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  460.609786][ T5935] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  460.725889][ T5935] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  460.934193][ T5935] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  461.090066][ T5935] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.098114][ T5935] usb 2-1: Product: syz
[  461.102761][ T5935] usb 2-1: Manufacturer: syz
[  461.109984][ T5935] usb 2-1: SerialNumber: syz
[  461.174103][T10751] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1208'.
[  461.213743][T10751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1208'.
[  461.252301][   T30] audit: type=1400 audit(1749944387.542:547): avc:  denied  { connect } for  pid=10752 comm="syz.2.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  461.300363][T10755] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  461.305591][T10760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1211'.
[  461.306867][T10755] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  461.307052][T10755] vhci_hcd vhci_hcd.0: Device attached
[  461.356968][T10757] vhci_hcd: connection closed
[  461.357539][ T6963] vhci_hcd: stop threads
[  461.366917][ T6963] vhci_hcd: release socket
[  461.371831][ T6963] vhci_hcd: disconnect device
[  461.590337][    T9] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  461.784673][    T9] usb 3-1: config 0 has no interfaces?
[  461.794267][    T9] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  461.804062][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.812093][    T9] usb 3-1: Product: syz
[  461.816421][    T9] usb 3-1: Manufacturer: syz
[  461.821077][    T9] usb 3-1: SerialNumber: syz
[  461.827647][    T9] usb 3-1: config 0 descriptor??
[  462.045929][T10760] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1211'.
[  462.075140][T10760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1211'.
[  462.087468][    T9] usb 3-1: USB disconnect, device number 22
[  462.978387][ T5935] cdc_ncm 2-1:1.0: bind() failure
[  463.004369][ T5935] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  463.011534][ T5935] cdc_ncm 2-1:1.1: bind() failure
[  463.022824][ T5935] usb 2-1: USB disconnect, device number 17
[  463.144764][   T30] audit: type=1400 audit(1749944389.432:548): avc:  denied  { shutdown } for  pid=10792 comm="syz.0.1221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  463.193500][T10798] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  463.213534][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1225'.
[  463.341863][ T5826] Bluetooth: hci3: command 0x0406 tx timeout
[  463.793371][   T30] audit: type=1400 audit(1749944390.082:549): avc:  denied  { create } for  pid=10808 comm="syz.3.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  463.800285][T10809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1227'.
[  463.814075][   T30] audit: type=1400 audit(1749944390.082:550): avc:  denied  { write } for  pid=10808 comm="syz.3.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  464.982326][ T5935] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  465.026521][T10840] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1239'.
[  465.100180][   T24] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  465.331241][   T24] usb 2-1: device descriptor read/64, error -71
[  465.682375][   T24] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  465.683688][ T5935] usb 3-1: config index 0 descriptor too short (expected 16456, got 72)
[  465.772713][ T5935] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  465.809739][ T5935] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  465.952640][ T5935] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  465.980063][T10853] kAFS: No cell specified
[  465.984424][ T5935] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  465.997326][ T5935] usb 3-1: config 0 has no interface number 0
[  466.003569][ T5935] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  466.015890][ T5935] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  466.025980][ T5935] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  466.030093][   T24] usb 2-1: device descriptor read/64, error -71
[  466.066946][T10854] netlink: 'syz.0.1242': attribute type 1 has an invalid length.
[  466.075079][   T30] audit: type=1400 audit(1749944392.352:551): avc:  denied  { create } for  pid=10851 comm="syz.0.1242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  466.097954][ T5935] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  466.133918][ T5935] usb 3-1: config 0 interface 125 has no altsetting 0
[  466.140677][   T30] audit: type=1400 audit(1749944392.352:552): avc:  denied  { write } for  pid=10851 comm="syz.0.1242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  466.207478][T10856] 8021q: adding VLAN 0 to HW filter on device bond2
[  466.222786][ T5935] usb 3-1: config 0 interface 125 has no altsetting 2
[  466.235934][ T5935] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  466.245322][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.263204][ T5935] usb 3-1: Product: syz
[  466.272937][T10856] bond1: (slave bond2): making interface the new active one
[  466.287971][   T24] usb usb2-port1: attempt power cycle
[  466.296373][T10862] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1242'.
[  466.306826][T10856] bond1: (slave bond2): Enslaving as an active interface with an up link
[  466.311055][ T5935] usb 3-1: Manufacturer: syz
[  466.326522][ T5935] usb 3-1: SerialNumber: syz
[  466.333760][ T5935] usb 3-1: config 0 descriptor??
[  466.346048][ T5935] usb 3-1: selecting invalid altsetting 2
[  466.524071][T10854] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  466.813911][T10866] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1244'.
[  466.879965][   T24] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  466.928116][   T24] usb 2-1: device descriptor read/8, error -71
[  467.288075][   T24] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  467.379567][T10871] ptrace attach of "./syz-executor exec"[10874] was attempted by "./syz-executor exec"[10871]
[  467.436292][ T5935] get_1284_register timeout
[  467.590807][    C0] usb 3-1: async_complete: urb error -71
[  467.596564][    C0] usb 3-1: async_complete: urb error -71
[  467.603198][ T5935] uss720 3-1:0.125: probe with driver uss720 failed with error -5
[  467.644205][   T24] usb 2-1: device descriptor read/8, error -71
[  467.663511][ T5935] usb 3-1: USB disconnect, device number 23
[  467.797521][   T24] usb usb2-port1: unable to enumerate USB device
[  468.078166][T10888] 8021q: adding VLAN 0 to HW filter on device team0
[  468.094840][T10888] team0: Cannot enslave team device to itself
[  468.293651][T10892] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1251'.
[  468.632910][T10903] xt_TPROXY: Can be used only with -p tcp or -p udp
[  469.802592][  T911] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  470.096097][  T911] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  470.161131][  T911] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  470.260648][  T911] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  470.270454][  T911] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.384485][T10922] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1257'.
[  470.846707][T10905] kAFS: unable to lookup cell '.,'
[  470.868113][T10924] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  471.321939][   T30] audit: type=1400 audit(1749944397.582:553): avc:  denied  { setopt } for  pid=10928 comm="syz.3.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  471.438035][T10936] ubi31: attaching mtd0
[  471.446711][T10936] ubi31 error: ubi_attach_mtd_dev: bad VID header (16) or data offsets (80)
[  471.797208][ T5826] Bluetooth: hci3: Malformed Event: 0x02
[  473.022059][    T9] usb 2-1: USB disconnect, device number 22
[  475.570164][  T911] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  476.374775][  T911] usb 5-1: Using ep0 maxpacket: 16
[  476.382449][  T911] usb 5-1: device descriptor read/all, error -71
[  476.490106][T10973] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1270'.
[  477.859464][T10999] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1279'.
[  478.722097][T11013] binder_alloc: 10983: binder_alloc_buf, no vma
[  479.052228][T11015] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1283'.
[  479.350167][  T911] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  479.750541][   T30] audit: type=1326 audit(1749944406.032:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  479.854877][   T30] audit: type=1326 audit(1749944406.032:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.008594][  T911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  480.018556][  T911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  480.030005][   T30] audit: type=1326 audit(1749944406.032:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.053548][  T911] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  480.062709][  T911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.494304][   T30] audit: type=1326 audit(1749944406.032:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.524678][   T30] audit: type=1326 audit(1749944406.032:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.551823][   T30] audit: type=1326 audit(1749944406.032:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.562225][  T911] usb 4-1: config 0 descriptor??
[  480.602702][   T30] audit: type=1326 audit(1749944406.032:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.669538][   T30] audit: type=1326 audit(1749944406.032:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  480.829060][   T30] audit: type=1326 audit(1749944406.032:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  481.190126][   T30] audit: type=1326 audit(1749944406.072:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11025 comm="syz.1.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  481.412049][  T911] ath6kl: Failed to submit usb control message: -71
[  481.418697][  T911] ath6kl: unable to send the bmi data to the device: -71
[  481.437552][  T911] ath6kl: Unable to send get target info: -71
[  482.040313][T11051] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1293'.
[  482.347557][  T911] ath6kl: Failed to init ath6kl core: -71
[  482.359129][  T911] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  482.515000][  T911] usb 4-1: USB disconnect, device number 26
[  482.679473][T11075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1301'.
[  483.106062][T11082] xt_TPROXY: Can be used only with -p tcp or -p udp
[  483.330238][T11087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1303'.
[  484.166808][T11100] FAULT_INJECTION: forcing a failure.
[  484.166808][T11100] name failslab, interval 1, probability 0, space 0, times 0
[  484.180688][T11100] CPU: 0 UID: 0 PID: 11100 Comm: syz.4.1305 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  484.180712][T11100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  484.180721][T11100] Call Trace:
[  484.180727][T11100]  <TASK>
[  484.180734][T11100]  dump_stack_lvl+0x16c/0x1f0
[  484.180763][T11100]  should_fail_ex+0x512/0x640
[  484.180784][T11100]  ? fs_reclaim_acquire+0xae/0x150
[  484.180803][T11100]  ? tomoyo_encode2+0x100/0x3e0
[  484.180825][T11100]  should_failslab+0xc2/0x120
[  484.180849][T11100]  __kmalloc_noprof+0xd2/0x510
[  484.180876][T11100]  tomoyo_encode2+0x100/0x3e0
[  484.180902][T11100]  tomoyo_encode+0x29/0x50
[  484.180925][T11100]  tomoyo_realpath_from_path+0x18f/0x6e0
[  484.180951][T11100]  ? tomoyo_profile+0x47/0x60
[  484.180978][T11100]  tomoyo_path_number_perm+0x245/0x580
[  484.180997][T11100]  ? tomoyo_path_number_perm+0x237/0x580
[  484.181019][T11100]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  484.181041][T11100]  ? find_held_lock+0x2b/0x80
[  484.181084][T11100]  ? find_held_lock+0x2b/0x80
[  484.181102][T11100]  ? hook_file_ioctl_common+0x145/0x410
[  484.181125][T11100]  ? __fget_files+0x20e/0x3c0
[  484.181153][T11100]  security_file_ioctl+0x9b/0x240
[  484.181178][T11100]  __x64_sys_ioctl+0xb7/0x210
[  484.181205][T11100]  do_syscall_64+0xcd/0x4c0
[  484.181234][T11100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.181251][T11100] RIP: 0033:0x7f03e038e929
[  484.181265][T11100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.181281][T11100] RSP: 002b:00007f03e1158038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  484.181298][T11100] RAX: ffffffffffffffda RBX: 00007f03e05b6080 RCX: 00007f03e038e929
[  484.181310][T11100] RDX: 0000200000000040 RSI: 00000000c028aa03 RDI: 0000000000000005
[  484.181320][T11100] RBP: 00007f03e1158090 R08: 0000000000000000 R09: 0000000000000000
[  484.181330][T11100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.181344][T11100] R13: 0000000000000000 R14: 00007f03e05b6080 R15: 00007ffd55fc7d48
[  484.181368][T11100]  </TASK>
[  484.182506][T11100] ERROR: Out of memory at tomoyo_realpath_from_path.
[  485.833725][T11125] fuse: Bad value for 'fd'
[  486.190096][  T911] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  486.352199][  T911] usb 4-1: Using ep0 maxpacket: 32
[  486.626036][  T911] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  486.634987][  T911] usb 4-1: config 0 has no interface number 0
[  486.645176][  T911] usb 4-1: config 0 interface 12 has no altsetting 0
[  486.952611][T11146] xt_TPROXY: Can be used only with -p tcp or -p udp
[  487.838546][  T911] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  487.847772][  T911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.859401][  T911] usb 4-1: Product: syz
[  487.863878][  T911] usb 4-1: Manufacturer: syz
[  487.868473][  T911] usb 4-1: SerialNumber: syz
[  488.244413][  T911] usb 4-1: config 0 descriptor??
[  488.343802][T11161] tmpfs: Bad value for 'huge'
[  489.109985][ T5820] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=5820 comm=kworker/1:3
[  489.691588][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  489.691603][   T30] audit: type=1400 audit(1749944644.983:595): avc:  denied  { map } for  pid=11122 comm="syz.3.1314" path="pipe:[26706]" dev="pipefs" ino=26706 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  490.794647][  T911] f81534 4-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  490.820105][  T911] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  490.822713][T11185] bridge2: entered promiscuous mode
[  490.827394][  T911] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  490.827455][  T911] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  490.946300][  T911] usb 4-1: USB disconnect, device number 27
[  490.995807][T11192] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1330'.
[  491.009996][T11191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1331'.
[  491.033275][T11192] fuse: Bad value for 'fd'
[  492.201005][T11209] xt_TPROXY: Can be used only with -p tcp or -p udp
[  492.671914][T11217] tmpfs: Bad value for 'huge'
[  493.810046][ T5894] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  493.881820][T11230] FAULT_INJECTION: forcing a failure.
[  493.881820][T11230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  493.917698][T11230] CPU: 1 UID: 0 PID: 11230 Comm: syz.3.1340 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  493.917727][T11230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  493.917738][T11230] Call Trace:
[  493.917744][T11230]  <TASK>
[  493.917751][T11230]  dump_stack_lvl+0x16c/0x1f0
[  493.917783][T11230]  should_fail_ex+0x512/0x640
[  493.917815][T11230]  _copy_from_iter+0x29f/0x16f0
[  493.917843][T11230]  ? __alloc_skb+0x200/0x380
[  493.917868][T11230]  ? __pfx__copy_from_iter+0x10/0x10
[  493.917895][T11230]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  493.917921][T11230]  netlink_sendmsg+0x829/0xdd0
[  493.917942][T11230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  493.917967][T11230]  ____sys_sendmsg+0xa98/0xc70
[  493.917985][T11230]  ? copy_msghdr_from_user+0x10a/0x160
[  493.918007][T11230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  493.918035][T11230]  ___sys_sendmsg+0x134/0x1d0
[  493.918059][T11230]  ? __pfx____sys_sendmsg+0x10/0x10
[  493.918081][T11230]  ? __lock_acquire+0x622/0x1c90
[  493.918138][T11230]  __sys_sendmsg+0x16d/0x220
[  493.918161][T11230]  ? __pfx___sys_sendmsg+0x10/0x10
[  493.918198][T11230]  do_syscall_64+0xcd/0x4c0
[  493.918223][T11230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.918239][T11230] RIP: 0033:0x7f27ec58e929
[  493.918251][T11230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.918266][T11230] RSP: 002b:00007f27ed445038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  493.918281][T11230] RAX: ffffffffffffffda RBX: 00007f27ec7b5fa0 RCX: 00007f27ec58e929
[  493.918292][T11230] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  493.918302][T11230] RBP: 00007f27ed445090 R08: 0000000000000000 R09: 0000000000000000
[  493.918312][T11230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.918322][T11230] R13: 0000000000000000 R14: 00007f27ec7b5fa0 R15: 00007ffe7bb136e8
[  493.918346][T11230]  </TASK>
[  494.260110][ T5894] usb 5-1: Using ep0 maxpacket: 32
[  494.272912][ T5894] usb 5-1: config 2 has an invalid interface number: 157 but max is 0
[  494.284248][ T5894] usb 5-1: config 2 has 2 interfaces, different from the descriptor's value: 1
[  494.293704][ T5894] usb 5-1: config 2 has no interface number 1
[  494.303329][ T5894] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=a4.1b
[  494.312447][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.320753][ T5894] usb 5-1: Product: syz
[  494.324926][ T5894] usb 5-1: Manufacturer: syz
[  494.329527][ T5894] usb 5-1: SerialNumber: syz
[  494.424073][ T5894] imon 5-1:2.157: inconsistent driver matching
[  494.446712][ T5894] imon 5-1:2.157: unable to register, err -22
[  494.469563][ T5894] imon 5-1:2.157: probe with driver imon failed with error -22
[  494.515610][ T5894] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  494.533597][ T5894] imon 5-1:2.0: unable to initialize intf0, err -19
[  494.547001][ T5894] imon:imon_probe: failed to initialize context!
[  494.558678][T11236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1344'.
[  494.582862][ T5894] imon 5-1:2.0: unable to register, err -19
[  494.594136][ T5894] usb 5-1: USB disconnect, device number 30
[  494.791401][T11240] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1343'.
[  495.050262][T11249] xt_TPROXY: Can be used only with -p tcp or -p udp
[  496.149413][T11256] FAULT_INJECTION: forcing a failure.
[  496.149413][T11256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.229809][T11256] CPU: 1 UID: 0 PID: 11256 Comm: syz.2.1347 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  496.229836][T11256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  496.229846][T11256] Call Trace:
[  496.229852][T11256]  <TASK>
[  496.229859][T11256]  dump_stack_lvl+0x16c/0x1f0
[  496.229891][T11256]  should_fail_ex+0x512/0x640
[  496.229918][T11256]  _copy_to_user+0x32/0xd0
[  496.229946][T11256]  simple_read_from_buffer+0xcb/0x170
[  496.229971][T11256]  proc_fail_nth_read+0x197/0x270
[  496.229995][T11256]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.230019][T11256]  ? rw_verify_area+0xcf/0x680
[  496.230039][T11256]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.230060][T11256]  vfs_read+0x1e1/0xc60
[  496.230086][T11256]  ? __pfx___mutex_lock+0x10/0x10
[  496.230112][T11256]  ? __pfx_vfs_read+0x10/0x10
[  496.230142][T11256]  ? __fget_files+0x20e/0x3c0
[  496.230173][T11256]  ksys_read+0x12a/0x250
[  496.230194][T11256]  ? __pfx_ksys_read+0x10/0x10
[  496.230224][T11256]  do_syscall_64+0xcd/0x4c0
[  496.230252][T11256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.230270][T11256] RIP: 0033:0x7f3898f8d33c
[  496.230285][T11256] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  496.230301][T11256] RSP: 002b:00007f3899e78030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  496.230318][T11256] RAX: ffffffffffffffda RBX: 00007f38991b5fa0 RCX: 00007f3898f8d33c
[  496.230330][T11256] RDX: 000000000000000f RSI: 00007f3899e780a0 RDI: 0000000000000003
[  496.230340][T11256] RBP: 00007f3899e78090 R08: 0000000000000000 R09: 0000000000000000
[  496.230350][T11256] R10: 0000200000000740 R11: 0000000000000246 R12: 0000000000000001
[  496.230360][T11256] R13: 0000000000000000 R14: 00007f38991b5fa0 R15: 00007ffce61c3f78
[  496.230385][T11256]  </TASK>
[  496.411552][    C1] vkms_vblank_simulate: vblank timer overrun
[  496.542253][T11260] syzkaller1: entered promiscuous mode
[  496.547739][T11260] syzkaller1: entered allmulticast mode
[  498.182193][T11273] xt_TPROXY: Can be used only with -p tcp or -p udp
[  498.718710][T11285] xt_l2tp: missing protocol rule (udp|l2tpip)
[  498.749585][T11282] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1354'.
[  499.721051][T11290] binder_alloc: 11289: binder_alloc_buf, no vma
[  499.797738][T11280] netlink: 'syz.3.1353': attribute type 2 has an invalid length.
[  499.815144][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1359'.
[  499.889956][   T24] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  499.909816][  T911] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  500.044122][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  500.110097][  T911] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  500.121033][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  500.133384][  T911] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  500.146440][   T24] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  500.200106][  T911] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  500.227943][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.271678][  T911] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.280415][T11301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1360'.
[  500.296122][   T24] usb 2-1: config 0 descriptor??
[  500.307954][  T911] usb 5-1: Product: syz
[  500.319501][  T911] usb 5-1: Manufacturer: syz
[  500.326320][  T911] usb 5-1: SerialNumber: syz
[  500.971726][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  500.978037][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  500.989899][T11282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  501.011605][   T24] ath6kl: Failed to submit usb control message: -71
[  501.025828][   T24] ath6kl: unable to send the bmi data to the device: -71
[  501.033471][   T24] ath6kl: Unable to send get target info: -71
[  501.046616][   T24] ath6kl: Failed to init ath6kl core: -71
[  501.056715][   T24] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  501.076181][   T24] usb 2-1: USB disconnect, device number 23
[  501.404501][T11315] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1363'.
[  501.843325][  T911] cdc_ncm 5-1:1.0: bind() failure
[  502.948507][  T911] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  502.978158][  T911] cdc_ncm 5-1:1.1: bind() failure
[  503.149766][  T911] usb 5-1: USB disconnect, device number 31
[  503.233982][   T30] audit: type=1804 audit(1749944658.513:596): pid=11326 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1366" name="file0" dev="tmpfs" ino=1603 res=1 errno=0
[  503.476193][T11343] netlink: 'syz.4.1369': attribute type 2 has an invalid length.
[  504.130097][T11351] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1373'.
[  505.524576][T11354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1374'.
[  506.333717][T11347] delete_channel: no stack
[  506.432807][ T5894] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  506.616045][T11373] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1376'.
[  507.649133][ T5894] usb 2-1: device descriptor read/all, error -71
[  508.060009][ T5880] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  508.302291][ T5880] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  508.323335][ T5880] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  508.338896][ T5880] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  508.348397][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.356710][ T5880] usb 5-1: Product: syz
[  508.361011][ T5935] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  508.363291][ T5880] usb 5-1: Manufacturer: syz
[  508.428883][T11395] tmpfs: Bad value for 'huge'
[  508.838395][ T5880] usb 5-1: SerialNumber: syz
[  508.975151][T11397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1386'.
[  509.058350][ T5935] usb 4-1: config 0 has an invalid interface number: 45 but max is 0
[  509.243513][ T5935] usb 4-1: config 0 has no interface number 0
[  509.276972][ T5935] usb 4-1: too many endpoints for config 0 interface 45 altsetting 49: 52, using maximum allowed: 30
[  509.454484][ T5935] usb 4-1: config 0 interface 45 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 52
[  509.521856][   T30] audit: type=1400 audit(1749944664.793:597): avc:  denied  { cmd } for  pid=11402 comm="syz.0.1387" path="socket:[27114]" dev="sockfs" ino=27114 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  509.552235][ T5935] usb 4-1: config 0 interface 45 has no altsetting 0
[  509.560367][ T5935] usb 4-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  509.569790][ T5935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.588959][ T5935] usb 4-1: config 0 descriptor??
[  509.827217][ T5935] kaweth 4-1:0.45: Firmware present in device.
[  510.011749][ T5935] kaweth 4-1:0.45: Statistics collection: b40053f2
[  510.018436][ T5935] kaweth 4-1:0.45: Multicast filter limit: 65d7
[  510.021248][ T5894] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  510.030662][ T5935] kaweth 4-1:0.45: MTU: 47010
[  510.050668][ T5894] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  510.059876][ T5935] kaweth 4-1:0.45: Read MAC address 78:0c:5c:74:35:c8
[  510.109282][ T5880] cdc_ncm 5-1:1.0: bind() failure
[  510.185121][ T5880] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  510.190215][T11409] fido_id[11409]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  510.207528][ T5880] cdc_ncm 5-1:1.1: bind() failure
[  510.229153][ T5935] kaweth 4-1:0.45: probe with driver kaweth failed with error -5
[  510.249009][ T5880] usb 5-1: USB disconnect, device number 32
[  510.266441][ T5935] usb 4-1: USB disconnect, device number 28
[  510.719937][T11420] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1391'.
[  511.816641][T11426] mmap: syz.3.1396 (11426): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  511.995442][T11442] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1401'.
[  512.012237][T11442] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  512.021408][T11442] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  512.030203][T11442] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  512.038888][T11442] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  512.227341][T11442] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  512.236395][T11442] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  512.246403][T11442] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  512.255404][T11442] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  512.299861][   T30] audit: type=1400 audit(1749944667.503:598): avc:  denied  { mount } for  pid=11444 comm="syz.1.1402" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  512.495687][   T30] audit: type=1400 audit(1749944667.513:599): avc:  denied  { watch } for  pid=11444 comm="syz.1.1402" path="/272/file0" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  512.578142][   T30] audit: type=1400 audit(1749944667.863:600): avc:  denied  { unmount } for  pid=5817 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  513.984967][T11464] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1407'.
[  514.146382][   T30] audit: type=1400 audit(1749944669.413:601): avc:  denied  { write } for  pid=11461 comm="syz.0.1406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  514.281241][T11474] tmpfs: Bad value for 'huge'
[  515.940324][T11489] binder_alloc: 11485: binder_alloc_buf, no vma
[  516.161470][  T911] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  516.196762][  T911] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  516.430623][ T5880] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  516.593513][ T5880] usb 4-1: config 0 has no interfaces?
[  516.607104][ T5880] usb 4-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=87.c0
[  516.624714][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.641098][ T5880] usb 4-1: Product: syz
[  516.651516][ T5880] usb 4-1: Manufacturer: syz
[  516.656674][ T5880] usb 4-1: SerialNumber: syz
[  516.663999][ T5880] usb 4-1: config 0 descriptor??
[  516.889948][    T9] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  517.101580][    T9] usb 5-1: device descriptor read/64, error -71
[  517.105038][ T5880] usb 4-1: USB disconnect, device number 29
[  517.538515][T11514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1420'.
[  517.567663][    T9] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  517.721234][T11478] delete_channel: no stack
[  517.910193][    T9] usb 5-1: device descriptor read/64, error -71
[  518.020052][    T9] usb usb5-port1: attempt power cycle
[  518.189813][ T5880] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  518.219736][ T5934] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  518.353939][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  518.364428][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  518.377672][ T5880] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  518.388069][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.389705][    T9] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  518.405004][ T5880] usb 2-1: config 0 descriptor??
[  518.434633][ T5934] usb 4-1: config 8 has an invalid interface number: 177 but max is 0
[  518.449771][ T5934] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  518.467527][ T5934] usb 4-1: config 8 has no interface number 0
[  518.475418][    T9] usb 5-1: device descriptor read/8, error -71
[  518.484292][ T5934] usb 4-1: config 8 interface 177 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  518.497993][ T5934] usb 4-1: config 8 interface 177 has no altsetting 0
[  518.505085][ T5934] usb 4-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  518.516794][ T5934] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.532221][ T5934] ir_toy 4-1:8.177: required endpoints not found
[  518.621165][T11513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  518.635729][ T5880] ath6kl: Failed to submit usb control message: -71
[  518.642539][ T5880] ath6kl: unable to send the bmi data to the device: -71
[  518.653582][ T5880] ath6kl: Unable to send get target info: -71
[  518.733317][    T9] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  518.742813][ T5934] usb 4-1: USB disconnect, device number 30
[  518.763208][ T5880] ath6kl: Failed to init ath6kl core: -71
[  518.771218][ T5880] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  518.785837][ T5880] usb 2-1: USB disconnect, device number 26
[  518.877028][T11533] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1425'.
[  519.257386][    T9] usb 5-1: device descriptor read/8, error -71
[  519.370558][    T9] usb usb5-port1: unable to enumerate USB device
[  519.551952][T11537] random: crng reseeded on system resumption
[  520.436425][T11551] input: syz0 as /devices/virtual/input/input34
[  520.639460][T11554] FAULT_INJECTION: forcing a failure.
[  520.639460][T11554] name failslab, interval 1, probability 0, space 0, times 0
[  520.659760][T11554] CPU: 0 UID: 0 PID: 11554 Comm: syz.1.1431 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  520.659786][T11554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.659796][T11554] Call Trace:
[  520.659803][T11554]  <TASK>
[  520.659810][T11554]  dump_stack_lvl+0x16c/0x1f0
[  520.659842][T11554]  should_fail_ex+0x512/0x640
[  520.659866][T11554]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  520.659893][T11554]  should_failslab+0xc2/0x120
[  520.659918][T11554]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  520.659943][T11554]  ? find_held_lock+0x2b/0x80
[  520.659964][T11554]  ? kstrdup_const+0x63/0x80
[  520.659990][T11554]  kstrdup+0x53/0x100
[  520.660013][T11554]  kstrdup_const+0x63/0x80
[  520.660035][T11554]  __kernfs_new_node+0x9b/0x8e0
[  520.660064][T11554]  ? __pfx___kernfs_new_node+0x10/0x10
[  520.660095][T11554]  ? find_held_lock+0x2b/0x80
[  520.660116][T11554]  ? kernfs_root+0xee/0x2a0
[  520.660146][T11554]  kernfs_new_node+0x13c/0x1e0
[  520.660178][T11554]  kernfs_create_dir_ns+0x4c/0x1a0
[  520.660198][T11554]  sysfs_create_dir_ns+0x13a/0x2b0
[  520.660223][T11554]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  520.660244][T11554]  ? find_held_lock+0x2b/0x80
[  520.660269][T11554]  ? class_dir_child_ns_type+0xd/0x60
[  520.660297][T11554]  kobject_add_internal+0x2c4/0x9b0
[  520.660319][T11554]  kobject_add+0x16e/0x240
[  520.660336][T11554]  ? __pfx_kobject_add+0x10/0x10
[  520.660353][T11554]  ? get_device_parent+0x1c5/0x4e0
[  520.660378][T11554]  ? kobject_put+0xab/0x5a0
[  520.660407][T11554]  ? device_add+0xbff/0x1a70
[  520.660437][T11554]  device_add+0x288/0x1a70
[  520.660467][T11554]  ? __pfx_device_add+0x10/0x10
[  520.660496][T11554]  ? __pfx___mutex_lock+0x10/0x10
[  520.660525][T11554]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  520.660552][T11554]  input_register_device+0x7e8/0x1130
[  520.660578][T11554]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  520.660606][T11554]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  520.660631][T11554]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  520.660657][T11554]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  520.660700][T11554]  ? selinux_file_ioctl+0x180/0x270
[  520.660722][T11554]  ? selinux_file_ioctl+0xb4/0x270
[  520.660746][T11554]  ? __pfx_uinput_ioctl+0x10/0x10
[  520.660773][T11554]  __x64_sys_ioctl+0x18e/0x210
[  520.660795][T11554]  do_syscall_64+0xcd/0x4c0
[  520.660823][T11554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.660841][T11554] RIP: 0033:0x7f9860d8e929
[  520.660855][T11554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.660871][T11554] RSP: 002b:00007f985ebf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  520.660888][T11554] RAX: ffffffffffffffda RBX: 00007f9860fb5fa0 RCX: 00007f9860d8e929
[  520.660900][T11554] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[  520.660910][T11554] RBP: 00007f985ebf6090 R08: 0000000000000000 R09: 0000000000000000
[  520.660920][T11554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.660930][T11554] R13: 0000000000000000 R14: 00007f9860fb5fa0 R15: 00007fff5efec7e8
[  520.660957][T11554]  </TASK>
[  520.660965][T11554] kobject: kobject_add_internal failed for input35 (error: -12 parent: input)
[  521.399047][   T30] audit: type=1326 audit(1749944676.653:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  521.433307][   T30] audit: type=1326 audit(1749944676.653:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  521.590093][   T24] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  521.950266][   T30] audit: type=1326 audit(1749944676.653:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  521.978674][   T30] audit: type=1326 audit(1749944676.653:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  522.035625][   T30] audit: type=1326 audit(1749944676.653:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  522.038009][T11580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1437'.
[  522.184212][   T30] audit: type=1326 audit(1749944676.653:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  522.189841][   T24] usb 5-1: Using ep0 maxpacket: 32
[  522.207798][    C0] vkms_vblank_simulate: vblank timer overrun
[  522.219779][   T30] audit: type=1326 audit(1749944676.653:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  522.339490][   T30] audit: type=1326 audit(1749944676.653:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  522.599011][   T30] audit: type=1326 audit(1749944676.653:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11568 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  522.626688][   T24] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  522.629865][    T9] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  522.636867][   T30] audit: type=1326 audit(1749944676.673:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11575 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f9860dc11e5 code=0x7ffc0000
[  522.666190][   T24] usb 5-1: config 0 has no interface number 0
[  522.674115][   T24] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  522.683622][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.692140][   T24] usb 5-1: Product: syz
[  522.696333][   T24] usb 5-1: Manufacturer: syz
[  522.701106][   T24] usb 5-1: SerialNumber: syz
[  522.732966][T11585] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1438'.
[  522.869604][   T24] usb 5-1: config 0 descriptor??
[  523.145274][   T24] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  523.195159][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  523.211551][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  523.231107][    T9] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  523.244792][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.291179][    T9] usb 2-1: config 0 descriptor??
[  523.574571][   T24] usb 5-1: qt2_attach - failed to power on unit: -71
[  523.598469][   T24] quatech2 5-1:0.51: probe with driver quatech2 failed with error -71
[  523.630052][   T24] usb 5-1: USB disconnect, device number 37
[  524.525987][    T9] ath6kl: Failed to submit usb control message: -110
[  524.546784][T11579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  524.559777][    T9] ath6kl: unable to send the bmi data to the device: -110
[  524.625656][    T9] ath6kl: Unable to send get target info: -110
[  524.651175][    T9] ath6kl: Failed to init ath6kl core: -110
[  524.657964][    T9] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -110
[  524.724858][    T9] usb 2-1: USB disconnect, device number 27
[  525.311929][T11620] xt_TPROXY: Can be used only with -p tcp or -p udp
[  525.504964][T11621] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1450'.
[  526.590346][T11644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1455'.
[  526.604158][T11644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1455'.
[  527.243551][T11644] syz.1.1455 (11644): drop_caches: 2
[  527.312132][    T9] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  528.526494][    T9] usb 5-1: Using ep0 maxpacket: 8
[  528.538371][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  528.552768][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  528.581273][    T9] usb 5-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  528.829236][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.843544][T11661] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1462'.
[  528.856323][    T9] usb 5-1: Product: syz
[  528.881872][    T9] usb 5-1: Manufacturer: syz
[  528.892289][    T9] usb 5-1: SerialNumber: syz
[  528.907555][    T9] usb 5-1: config 0 descriptor??
[  528.925667][    T9] snd_usb_toneport 5-1:0.0: Line 6 TonePort UX2 found
[  528.994363][T11662] block device autoloading is deprecated and will be removed.
[  529.236583][    T9] snd_usb_toneport 5-1:0.0: Line 6 TonePort UX2 now disconnected
[  529.267284][T11667] binder_alloc: 11665: binder_alloc_buf, no vma
[  529.327630][    T9] snd_usb_toneport 5-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  529.545323][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  529.545339][   T30] audit: type=1400 audit(1749944684.753:627): avc:  denied  { bind } for  pid=11631 comm="syz.4.1453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  530.800033][    T9] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  530.807812][   T30] audit: type=1400 audit(1749944685.643:628): avc:  denied  { read } for  pid=11683 comm="syz.0.1469" name="file0" dev="tmpfs" ino=1789 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  530.889155][   T30] audit: type=1400 audit(1749944686.173:629): avc:  denied  { ioctl } for  pid=11688 comm="syz.1.1470" path="socket:[27557]" dev="sockfs" ino=27557 ioctlcmd=0x5878 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  530.932249][ T5934] usb 5-1: USB disconnect, device number 38
[  530.938558][T11690] tipc: Started in network mode
[  530.948749][T11690] tipc: Node identity 4, cluster identity 4711
[  530.957527][T11690] tipc: Node number set to 4
[  530.989824][    T9] usb 4-1: Using ep0 maxpacket: 16
[  530.998124][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  531.019495][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.094939][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  531.155180][    T9] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  531.176801][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.189503][T11698] FAULT_INJECTION: forcing a failure.
[  531.189503][T11698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.204684][T11698] CPU: 0 UID: 0 PID: 11698 Comm: syz.4.1473 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  531.204707][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  531.204717][T11698] Call Trace:
[  531.204723][T11698]  <TASK>
[  531.204730][T11698]  dump_stack_lvl+0x16c/0x1f0
[  531.204760][T11698]  should_fail_ex+0x512/0x640
[  531.204786][T11698]  _copy_from_iter+0x29f/0x16f0
[  531.204813][T11698]  ? __alloc_skb+0x200/0x380
[  531.204838][T11698]  ? __pfx__copy_from_iter+0x10/0x10
[  531.204864][T11698]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  531.204891][T11698]  netlink_sendmsg+0x829/0xdd0
[  531.204914][T11698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  531.204943][T11698]  ____sys_sendmsg+0xa98/0xc70
[  531.204962][T11698]  ? copy_msghdr_from_user+0x10a/0x160
[  531.204986][T11698]  ? __pfx_____sys_sendmsg+0x10/0x10
[  531.205017][T11698]  ___sys_sendmsg+0x134/0x1d0
[  531.205042][T11698]  ? __pfx____sys_sendmsg+0x10/0x10
[  531.205064][T11698]  ? __lock_acquire+0x622/0x1c90
[  531.205122][T11698]  __sys_sendmsg+0x16d/0x220
[  531.205145][T11698]  ? __pfx___sys_sendmsg+0x10/0x10
[  531.205186][T11698]  do_syscall_64+0xcd/0x4c0
[  531.205214][T11698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.205231][T11698] RIP: 0033:0x7f03e038e929
[  531.205245][T11698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.205262][T11698] RSP: 002b:00007f03e1179038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  531.205278][T11698] RAX: ffffffffffffffda RBX: 00007f03e05b5fa0 RCX: 00007f03e038e929
[  531.205290][T11698] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000003
[  531.205300][T11698] RBP: 00007f03e1179090 R08: 0000000000000000 R09: 0000000000000000
[  531.205310][T11698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  531.205320][T11698] R13: 0000000000000000 R14: 00007f03e05b5fa0 R15: 00007ffd55fc7d48
[  531.205344][T11698]  </TASK>
[  531.404770][    T9] usb 4-1: config 0 descriptor??
[  531.466649][T11702] Invalid option length (599) for dns_resolver key
[  531.956099][T11712] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1477'.
[  532.105755][T11677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  532.130479][T11677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.152659][T11715] binder_alloc: 11713: binder_alloc_buf, no vma
[  532.175706][    T9] sony 0003:054C:0268.0010: item fetching failed at offset 0/2
[  532.198534][    T9] sony 0003:054C:0268.0010: parse failed
[  532.219911][    T9] sony 0003:054C:0268.0010: probe with driver sony failed with error -22
[  532.404282][T11721] input: syz0 as /devices/virtual/input/input36
[  532.585605][    T9] usb 4-1: USB disconnect, device number 31
[  532.605595][   T30] audit: type=1400 audit(1749944687.893:630): avc:  denied  { connect } for  pid=11706 comm="syz.2.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  532.732981][   T30] audit: type=1326 audit(1749944688.023:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11725 comm="syz.1.1481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  532.757276][   T30] audit: type=1326 audit(1749944688.023:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11725 comm="syz.1.1481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  532.781847][   T30] audit: type=1326 audit(1749944688.023:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11725 comm="syz.1.1481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  532.829793][   T30] audit: type=1326 audit(1749944688.023:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11725 comm="syz.1.1481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  532.879944][   T30] audit: type=1326 audit(1749944688.023:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11725 comm="syz.1.1481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  532.903308][    C1] vkms_vblank_simulate: vblank timer overrun
[  532.927705][   T30] audit: type=1326 audit(1749944688.023:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11725 comm="syz.1.1481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  532.951073][    C1] vkms_vblank_simulate: vblank timer overrun
[  533.350369][    T9] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  534.648375][    T9] usb 2-1: config 0 has no interfaces?
[  535.426227][    T9] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  535.436220][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.449708][    T9] usb 2-1: Product: syz
[  535.499461][    T9] usb 2-1: Manufacturer: syz
[  535.675206][T11736] netlink: 'syz.4.1484': attribute type 2 has an invalid length.
[  535.699115][    T9] usb 2-1: SerialNumber: syz
[  536.291087][    T9] usb 2-1: config 0 descriptor??
[  536.487873][T11766] could not allocate digest TFM handle digest_null
[  536.522316][T11772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1491'.
[  536.816567][T11780] vivid-000: disconnect
[  537.413131][T11773] vivid-000: reconnect
[  537.479890][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  537.479905][   T30] audit: type=1326 audit(1749944692.743:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e038e929 code=0x7ffc0000
[  537.479948][   T30] audit: type=1326 audit(1749944692.743:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e038e929 code=0x7ffc0000
[  537.479986][   T30] audit: type=1326 audit(1749944692.753:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03e038e929 code=0x7ffc0000
[  537.480043][   T30] audit: type=1326 audit(1749944692.753:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e038e929 code=0x7ffc0000
[  537.480080][   T30] audit: type=1326 audit(1749944692.753:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f03e038d290 code=0x7ffc0000
[  537.480117][   T30] audit: type=1326 audit(1749944692.753:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e038e929 code=0x7ffc0000
[  537.480173][   T30] audit: type=1326 audit(1749944692.753:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11778 comm="syz.4.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f03e038e929 code=0x7ffc0000
[  537.607644][T11785] overlayfs: failed to clone lowerpath
[  537.812504][T11791] binder_alloc: 11782: binder_alloc_buf, no vma
[  537.903723][    T9] usb 2-1: can't set config #0, error -71
[  537.969344][    T9] usb 2-1: USB disconnect, device number 28
[  540.143244][ T5935] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  540.182361][T11824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1506'.
[  540.452801][ T5935] usb 3-1: config 0 has an invalid interface number: 139 but max is 0
[  540.479705][ T5935] usb 3-1: config 0 has no interface number 0
[  540.495147][ T5935] usb 3-1: config 0 interface 139 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  540.530065][ T5935] usb 3-1: config 0 interface 139 altsetting 0 has an endpoint descriptor with address 0xBD, changing to 0x8D
[  540.551905][ T5935] usb 3-1: config 0 interface 139 altsetting 0 endpoint 0x8D has invalid maxpacket 14158, setting to 64
[  540.575152][ T5935] usb 3-1: config 0 interface 139 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  540.620652][ T5935] usb 3-1: New USB device found, idVendor=0711, idProduct=0210, bcdDevice=fd.d6
[  540.639681][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.659693][ T5935] usb 3-1: Product: syz
[  540.666542][   T30] audit: type=1326 audit(1749944695.953:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11837 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  540.699714][ T5935] usb 3-1: Manufacturer: syz
[  540.705888][ T5935] usb 3-1: SerialNumber: syz
[  540.720874][ T5935] usb 3-1: config 0 descriptor??
[  540.730029][T11815] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  540.749732][   T30] audit: type=1326 audit(1749944695.983:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11837 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  540.752266][T11815] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  540.811352][   T30] audit: type=1326 audit(1749944695.983:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11837 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9860d8e929 code=0x7ffc0000
[  541.056355][ T5935] mct_u232 3-1:0.139: MCT U232 converter detected
[  541.068121][ T5935] usb 3-1: MCT U232 converter now attached to ttyUSB0
[  541.085775][ T5935] usb 3-1: USB disconnect, device number 24
[  541.649809][T11852] binder_alloc: 11850: binder_alloc_buf, no vma
[  541.675703][ T5935] mct_u232 ttyUSB0: MCT U232 converter now disconnected from ttyUSB0
[  541.709185][ T5935] mct_u232 3-1:0.139: device disconnected
[  541.816303][T11861] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1514'.
[  541.826959][T11861] 0ªX¹¦À: renamed from caif0
[  541.838624][T11861] 0ªX¹¦À: entered allmulticast mode
[  541.844630][T11861] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  543.917830][T11842] delete_channel: no stack
[  544.219065][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  544.219079][   T30] audit: type=1400 audit(1749944699.503:689): avc:  denied  { write } for  pid=11883 comm="syz.3.1522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  544.256119][T11884] netlink: 'syz.3.1522': attribute type 4 has an invalid length.
[  544.292274][   T30] audit: type=1400 audit(1749944699.503:688): avc:  denied  { relabelfrom } for  pid=11882 comm="syz.1.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  544.312857][T11886] netlink: 'syz.3.1522': attribute type 4 has an invalid length.
[  544.315032][   T30] audit: type=1400 audit(1749944699.503:690): avc:  denied  { relabelto } for  pid=11882 comm="syz.1.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  545.075060][T11907] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1528'.
[  545.238393][T11909] binder_alloc: 11904: binder_alloc_buf, no vma
[  545.283142][T11907] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  545.584934][T11922] FAULT_INJECTION: forcing a failure.
[  545.584934][T11922] name failslab, interval 1, probability 0, space 0, times 0
[  545.739929][    T9] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  546.117365][T11922] CPU: 0 UID: 0 PID: 11922 Comm: syz.3.1533 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  546.117382][T11922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  546.117389][T11922] Call Trace:
[  546.117393][T11922]  <TASK>
[  546.117397][T11922]  dump_stack_lvl+0x16c/0x1f0
[  546.117419][T11922]  should_fail_ex+0x512/0x640
[  546.117433][T11922]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  546.117449][T11922]  should_failslab+0xc2/0x120
[  546.117465][T11922]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  546.117479][T11922]  ? copy_process+0x4b6/0x76a0
[  546.117496][T11922]  copy_process+0x4b6/0x76a0
[  546.117516][T11922]  ? __pfx_copy_process+0x10/0x10
[  546.117532][T11922]  ? lockdep_init_map_type+0x5c/0x280
[  546.117550][T11922]  ? lockdep_init_map_type+0x5c/0x280
[  546.117567][T11922]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  546.117584][T11922]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  546.117602][T11922]  vhost_task_create+0x1d2/0x2e0
[  546.117613][T11922]  ? __pfx_vhost_task_create+0x10/0x10
[  546.117628][T11922]  ? __pfx_vhost_task_fn+0x10/0x10
[  546.117645][T11922]  kvm_mmu_post_init_vm+0x1b7/0x370
[  546.117660][T11922]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  546.117673][T11922]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  546.117689][T11922]  kvm_vcpu_ioctl+0x5eb/0x1690
[  546.117704][T11922]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  546.117720][T11922]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  546.117738][T11922]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  546.117758][T11922]  ? hook_file_ioctl_common+0x145/0x410
[  546.117772][T11922]  ? selinux_file_ioctl+0x180/0x270
[  546.117786][T11922]  ? selinux_file_ioctl+0xb4/0x270
[  546.117801][T11922]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  546.117815][T11922]  __x64_sys_ioctl+0x18e/0x210
[  546.117828][T11922]  do_syscall_64+0xcd/0x4c0
[  546.117846][T11922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.117857][T11922] RIP: 0033:0x7f27ec58e929
[  546.117866][T11922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.117876][T11922] RSP: 002b:00007f27ed445038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  546.117887][T11922] RAX: ffffffffffffffda RBX: 00007f27ec7b5fa0 RCX: 00007f27ec58e929
[  546.117894][T11922] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  546.117900][T11922] RBP: 00007f27ed445090 R08: 0000000000000000 R09: 0000000000000000
[  546.117906][T11922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.117912][T11922] R13: 0000000000000000 R14: 00007f27ec7b5fa0 R15: 00007ffe7bb136e8
[  546.117926][T11922]  </TASK>
[  546.571087][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  546.581230][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  546.596000][    T9] usb 3-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  546.610301][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.654258][    T9] usb 3-1: Product: syz
[  546.669682][    T9] usb 3-1: Manufacturer: syz
[  546.679853][    T9] usb 3-1: SerialNumber: syz
[  546.731361][    T9] usb 3-1: config 0 descriptor??
[  546.780005][ T5880] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  546.781990][    T9] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  546.960134][T11935] random: crng reseeded on system resumption
[  546.966630][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  546.988874][    T9] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  546.990604][ T5880] usb 2-1: device descriptor read/64, error -71
[  547.006601][   T30] audit: type=1400 audit(1749944702.303:691): avc:  denied  { create } for  pid=11937 comm="syz.0.1538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  547.056164][    T9] usb 3-1: media controller created
[  547.108486][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  547.163181][T11944] syz_tun: entered promiscuous mode
[  547.269773][ T5880] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  547.277562][    T9] DVB: Unable to find symbol tda10046_attach()
[  547.287502][    T9] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  547.305880][    T9] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  547.430935][ T5880] usb 2-1: device descriptor read/64, error -71
[  547.436661][T11954] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1544'.
[  547.653645][T11957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1543'.
[  547.721690][ T5880] usb usb2-port1: attempt power cycle
[  548.289806][ T5880] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  548.343894][ T5880] usb 2-1: device descriptor read/8, error -71
[  548.610102][ T5880] usb 2-1: new full-speed USB device number 32 using dummy_hcd
[  548.643074][ T5880] usb 2-1: device descriptor read/8, error -71
[  548.704108][ T5934] usb 5-1: new low-speed USB device number 39 using dummy_hcd
[  548.717785][    T9] dvb_usb_m920x 3-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  548.730134][    T9] usb 3-1: USB disconnect, device number 25
[  548.762460][ T5880] usb usb2-port1: unable to enumerate USB device
[  548.975112][ T5934] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  549.258383][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  549.276072][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 59553, setting to 8
[  549.289263][ T5934] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  549.298131][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  549.309087][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 59553, setting to 8
[  549.321766][ T5934] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  549.330045][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  549.341318][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 59553, setting to 8
[  549.357029][ T5934] usb 5-1: string descriptor 0 read error: -22
[  549.363674][ T5934] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  549.373591][ T5934] usb 5-1: New USB device strings: Mfr=1, Product=66, SerialNumber=3
[  549.400932][ T5934] adutux 5-1:168.0: interrupt endpoints not found
[  549.439020][   T30] audit: type=1400 audit(1749944704.723:692): avc:  denied  { listen } for  pid=11983 comm="syz.0.1550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  550.787105][T12007] fuse: Bad value for 'group_id'
[  550.794978][T12007] fuse: Bad value for 'group_id'
[  550.807477][T12009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1559'.
[  550.919834][    T9] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  550.963545][   T30] audit: type=1400 audit(1749944706.253:693): avc:  denied  { create } for  pid=12012 comm="syz.0.1561" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  551.011547][   T24] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  551.084115][    T9] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  551.093798][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.102005][    T9] usb 3-1: Product: syz
[  551.106224][    T9] usb 3-1: Manufacturer: syz
[  551.110999][    T9] usb 3-1: SerialNumber: syz
[  551.117777][    T9] usb 3-1: config 0 descriptor??
[  551.171897][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  551.181781][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  551.193681][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  551.204250][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  551.215766][   T24] usb 2-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e
[  551.225205][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.233267][   T24] usb 2-1: Product: syz
[  551.237490][   T24] usb 2-1: Manufacturer: syz
[  551.242136][   T24] usb 2-1: SerialNumber: syz
[  551.250503][   T24] usb 2-1: config 0 descriptor??
[  551.259974][   T24] ti_usb_3410_5052 2-1:0.0: TI USB 3410 1 port adapter converter detected
[  551.271554][   T24] usb 2-1: TI USB 3410 1 port adapter converter now attached to ttyUSB0
[  551.325986][T11997] netlink: 348 bytes leftover after parsing attributes in process `syz.2.1554'.
[  551.343549][    T9] usb-storage 3-1:0.0: USB Mass Storage device detected
[  551.399385][    T9] usb 3-1: USB disconnect, device number 26
[  551.477209][ T5935] usb 2-1: USB disconnect, device number 33
[  551.490575][ T5935] ti_usb_3410_5052_1 ttyUSB0: TI USB 3410 1 port adapter converter now disconnected from ttyUSB0
[  551.505275][   T30] audit: type=1400 audit(1749944706.793:694): avc:  denied  { map } for  pid=12002 comm="syz.1.1556" path="socket:[30204]" dev="sockfs" ino=30204 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  551.530186][ T5935] ti_usb_3410_5052 2-1:0.0: device disconnected
[  551.613873][   T24] usb 5-1: USB disconnect, device number 39
[  552.442676][ T5934] usb 4-1: new full-speed USB device number 32 using dummy_hcd
[  552.465898][ T5935] kernel write not supported for file /1103/oom_adj (pid: 5935 comm: kworker/0:4)
[  552.940558][ T5934] usb 4-1: device descriptor read/64, error -71
[  553.361023][   T30] audit: type=1400 audit(1749944708.633:695): avc:  denied  { setattr } for  pid=12043 comm="syz.4.1570" name="ocfs2_control" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  553.460586][T12049] netlink: 'syz.0.1571': attribute type 12 has an invalid length.
[  553.475813][ T5934] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[  553.631723][ T5934] usb 4-1: device descriptor read/64, error -71
[  553.741925][ T5934] usb usb4-port1: attempt power cycle
[  554.027787][T12070] FAULT_INJECTION: forcing a failure.
[  554.027787][T12070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  554.044151][T12070] CPU: 1 UID: 0 PID: 12070 Comm: syz.2.1576 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  554.044176][T12070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  554.044186][T12070] Call Trace:
[  554.044193][T12070]  <TASK>
[  554.044200][T12070]  dump_stack_lvl+0x16c/0x1f0
[  554.044231][T12070]  should_fail_ex+0x512/0x640
[  554.044259][T12070]  _copy_from_user+0x2e/0xd0
[  554.044285][T12070]  memdup_user+0x6b/0xe0
[  554.044309][T12070]  strndup_user+0x78/0xe0
[  554.044333][T12070]  __do_sys_fsconfig+0x2e1/0xbe0
[  554.044354][T12070]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  554.044371][T12070]  ? fput+0x70/0xf0
[  554.044408][T12070]  do_syscall_64+0xcd/0x4c0
[  554.044437][T12070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.044455][T12070] RIP: 0033:0x7f3898f8e929
[  554.044469][T12070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.044485][T12070] RSP: 002b:00007f3899e78038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  554.044502][T12070] RAX: ffffffffffffffda RBX: 00007f38991b5fa0 RCX: 00007f3898f8e929
[  554.044514][T12070] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000000000000003
[  554.044523][T12070] RBP: 00007f3899e78090 R08: 0000000000000000 R09: 0000000000000000
[  554.044533][T12070] R10: 0000200000005fc0 R11: 0000000000000246 R12: 0000000000000001
[  554.044544][T12070] R13: 0000000000000000 R14: 00007f38991b5fa0 R15: 00007ffce61c3f78
[  554.044567][T12070]  </TASK>
[  554.109737][ T5934] usb 4-1: new full-speed USB device number 34 using dummy_hcd
[  554.251210][ T5934] usb 4-1: device descriptor read/8, error -71
[  554.523266][ T5934] usb 4-1: new full-speed USB device number 35 using dummy_hcd
[  554.658392][ T5934] usb 4-1: device descriptor read/8, error -71
[  554.831253][ T5934] usb usb4-port1: unable to enumerate USB device
[  555.572752][T12084] xt_l2tp: invalid flags combination: 8
[  555.587939][T12084] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1582'.
[  556.393701][T12096] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  556.400246][T12096] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  556.410530][T12096] vhci_hcd vhci_hcd.0: Device attached
[  556.420493][T12097] vhci_hcd: connection closed
[  556.428146][T12100] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  556.439318][T12100] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  556.448953][T12100] vhci_hcd vhci_hcd.0: Device attached
[  556.498002][   T36] vhci_hcd: stop threads
[  556.504093][   T36] vhci_hcd: release socket
[  556.782062][T12105] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  556.885490][T12101] vhci_hcd: connection closed
[  556.894543][   T36] vhci_hcd: disconnect device
[  556.905483][   T36] vhci_hcd: stop threads
[  556.919472][   T36] vhci_hcd: release socket
[  556.927242][   T36] vhci_hcd: disconnect device
[  557.059265][   T24] usb 39-1: new high-speed USB device number 5 using vhci_hcd
[  557.067381][   T24] usb 39-1: enqueue for inactive port 0
[  557.146645][   T24] vhci_hcd: vhci_device speed not set
[  559.159945][ T5894] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  560.206288][T12134] random: crng reseeded on system resumption
[  560.241257][ T5894] usb 3-1: device descriptor read/all, error -71
[  560.642853][ T5934] usb 2-1: new full-speed USB device number 34 using dummy_hcd
[  561.700687][ T5934] usb 2-1: device descriptor read/64, error -71
[  562.770259][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  562.776563][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  563.857090][T12156] netlink: 'syz.4.1599': attribute type 2 has an invalid length.
[  563.924919][T12160] tmpfs: Bad value for 'huge'
[  564.326280][T12132] delete_channel: no stack
[  564.551844][ T5934] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  564.783215][ T5934] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  565.037699][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.124841][T12172] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  565.131394][T12172] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  565.145798][ T5934] usb 2-1: Product: syz
[  565.156636][ T5934] usb 2-1: Manufacturer: syz
[  565.170070][T12172] vhci_hcd vhci_hcd.0: Device attached
[  565.171943][ T5934] usb 2-1: SerialNumber: syz
[  565.197605][ T5934] usb 2-1: config 0 descriptor??
[  565.290772][T12173] vhci_hcd: connection closed
[  565.291171][ T1166] vhci_hcd: stop threads
[  565.351225][ T1166] vhci_hcd: release socket
[  565.355740][ T1166] vhci_hcd: disconnect device
[  565.420634][T12150] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1601'.
[  565.452509][ T5934] usb-storage 2-1:0.0: USB Mass Storage device detected
[  565.523736][ T5820] vhci_hcd: vhci_device speed not set
[  565.750382][ T5934] usb 2-1: USB disconnect, device number 35
[  565.824827][T12186] xt_CT: No such helper "pptp"
[  670.829614][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  670.836586][    C1] rcu: 	0-...!: (1 ticks this GP) idle=b654/1/0x4000000000000000 softirq=52463/52463 fqs=0
[  670.847392][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=38593, q=553 ncpus=2)
[  670.855110][    C1] Sending NMI from CPU 1 to CPUs 0:
[  670.855134][    C0] NMI backtrace for cpu 0
[  670.855146][    C0] CPU: 0 UID: 0 PID: 12188 Comm: syz.3.1607 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  670.855163][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  670.855171][    C0] RIP: 0010:timerqueue_add+0x1b1/0x330
[  670.855190][    C0] Code: 00 0f 85 89 01 00 00 48 c7 45 10 00 00 00 00 31 ff 44 89 f6 49 89 2f e8 fd eb 3f f6 45 84 f6 0f 85 a9 00 00 00 e8 0f f1 3f f6 <48> 8b 34 24 48 89 ef e8 33 8f ff ff e8 fe f0 3f f6 44 89 f0 48 83
[  670.855204][    C0] RSP: 0018:ffffc90000007e00 EFLAGS: 00000046
[  670.855216][    C0] RAX: 0000000080010001 RBX: ffff888032e6d340 RCX: ffffffff8b7c2ad3
[  670.855225][    C0] RDX: ffff88801f7fc880 RSI: ffffffff8b7c2ae1 RDI: 0000000000000001
[  670.855234][    C0] RBP: ffff88802828f340 R08: 0000000000000001 R09: 0000000000000000
[  670.855242][    C0] R10: 0000000000000000 R11: ffffffff9af7a750 R12: dffffc0000000000
[  670.855251][    C0] R13: 184d7f0d335fc1c8 R14: 0000000000000000 R15: ffff888032e6d348
[  670.855260][    C0] FS:  00007f27ed4036c0(0000) GS:ffff888124754000(0000) knlGS:0000000000000000
[  670.855274][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  670.855283][    C0] CR2: 00007f27ed401fb8 CR3: 000000007e435000 CR4: 00000000003526f0
[  670.855292][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  670.855300][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  670.855309][    C0] Call Trace:
[  670.855314][    C0]  <IRQ>
[  670.855321][    C0]  __hrtimer_run_queues+0x8ff/0xad0
[  670.855341][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  670.855354][    C0]  ? read_tsc+0x9/0x20
[  670.855372][    C0]  hrtimer_interrupt+0x397/0x8e0
[  670.855391][    C0]  __sysvec_apic_timer_interrupt+0x108/0x3f0
[  670.855412][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  670.855430][    C0]  </IRQ>
[  670.855434][    C0]  <TASK>
[  670.855439][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  670.855453][    C0] RIP: 0010:unwind_next_frame+0x6a/0x20a0
[  670.855473][    C0] Code: 48 83 c4 38 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 48 b8 00 00 00 00 00 fc ff df 49 8d 6d 48 48 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 5e 18 00 00 49 8b 45 48 48 89 44 24 08 49 8d 45
[  670.855486][    C0] RSP: 0018:ffffc9000be77858 EFLAGS: 00000a06
[  670.855496][    C0] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffc9000be7781c
[  670.855505][    C0] RDX: 1ffff920017cef22 RSI: ffffffff8998b0ee RDI: ffffc9000be778c8
[  670.855513][    C0] RBP: ffffc9000be77910 R08: 0000000000000001 R09: 0000000000000000
[  670.855521][    C0] R10: 0000000000000000 R11: 0000000000084fee R12: ffffffff81a77fd0
[  670.855530][    C0] R13: ffffc9000be778c8 R14: 0000000000000000 R15: ffff88801f7fc880
[  670.855539][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  670.855559][    C0]  ? __netlink_create+0x5e/0x2c0
[  670.855579][    C0]  ? unwind_next_frame+0x3fe/0x20a0
[  670.855598][    C0]  ? sk_alloc+0x36/0xc20
[  670.855615][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  670.855633][    C0]  arch_stack_walk+0x94/0x100
[  670.855647][    C0]  ? __netlink_create+0x5e/0x2c0
[  670.855665][    C0]  ? lsm_blob_alloc+0x68/0x90
[  670.855684][    C0]  stack_trace_save+0x8e/0xc0
[  670.855700][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  670.855717][    C0]  ? sk_prot_alloc+0x1a8/0x2a0
[  670.855729][    C0]  ? stack_trace_save+0x8e/0xc0
[  670.855745][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  670.855761][    C0]  ? stack_depot_save_flags+0x28/0xa40
[  670.855778][    C0]  kasan_save_stack+0x33/0x60
[  670.855795][    C0]  ? kasan_save_stack+0x33/0x60
[  670.855809][    C0]  ? kasan_save_track+0x14/0x30
[  670.855824][    C0]  ? __kasan_kmalloc+0xaa/0xb0
[  670.855839][    C0]  ? __kmalloc_noprof+0x223/0x510
[  670.855854][    C0]  ? lsm_blob_alloc+0x68/0x90
[  670.855866][    C0]  ? security_sk_alloc+0x30/0x270
[  670.855881][    C0]  ? sk_prot_alloc+0x1c7/0x2a0
[  670.855893][    C0]  ? sk_alloc+0x36/0xc20
[  670.855912][    C0]  ? __netlink_create+0x5e/0x2c0
[  670.855949][    C0]  kasan_save_track+0x14/0x30
[  670.855964][    C0]  __kasan_kmalloc+0xaa/0xb0
[  670.855980][    C0]  __kmalloc_noprof+0x223/0x510
[  670.855999][    C0]  lsm_blob_alloc+0x68/0x90
[  670.856012][    C0]  security_sk_alloc+0x30/0x270
[  670.856028][    C0]  sk_prot_alloc+0x1c7/0x2a0
[  670.856042][    C0]  sk_alloc+0x36/0xc20
[  670.856059][    C0]  __netlink_create+0x5e/0x2c0
[  670.856075][    C0]  ? __wake_up+0x3f/0x60
[  670.856093][    C0]  netlink_create+0x39e/0x620
[  670.856111][    C0]  ? __pfx_genl_bind+0x10/0x10
[  670.856125][    C0]  ? __pfx_genl_unbind+0x10/0x10
[  670.856139][    C0]  ? __pfx_genl_release+0x10/0x10
[  670.856154][    C0]  __sock_create+0x338/0x8d0
[  670.856171][    C0]  __sys_socket+0x14d/0x260
[  670.856186][    C0]  ? __pfx___sys_socket+0x10/0x10
[  670.856201][    C0]  ? do_user_addr_fault+0x843/0x1370
[  670.856221][    C0]  __x64_sys_socket+0x72/0xb0
[  670.856235][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  670.856252][    C0]  do_syscall_64+0xcd/0x4c0
[  670.856272][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.856285][    C0] RIP: 0033:0x7f27ec590847
[  670.856297][    C0] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  670.856309][    C0] RSP: 002b:00007f27ed401fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  670.856321][    C0] RAX: ffffffffffffffda RBX: 00007f27ec7b6160 RCX: 00007f27ec590847
[  670.856329][    C0] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  670.856337][    C0] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  670.856345][    C0] R10: 00002000000006c0 R11: 0000000000000286 R12: 0000000000000000
[  670.856353][    C0] R13: 0000000000000000 R14: 00007f27ec7b6160 R15: 00007ffe7bb136e8
[  670.856368][    C0]  </TASK>
[  670.857129][    C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g38593 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  671.424858][    C1] rcu: 	Possible timer handling issue on cpu=0 timer-softirq=38931
[  671.432737][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g38593 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  671.444094][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  671.454049][    C1] rcu: RCU grace-period kthread stack dump:
[  671.459923][    C1] task:rcu_preempt     state:I stack:27784 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  671.471838][    C1] Call Trace:
[  671.475110][    C1]  <TASK>
[  671.478039][    C1]  __schedule+0x116a/0x5de0
[  671.482556][    C1]  ? __lock_acquire+0x622/0x1c90
[  671.487499][    C1]  ? __pfx___schedule+0x10/0x10
[  671.492354][    C1]  ? find_held_lock+0x2b/0x80
[  671.497027][    C1]  ? schedule+0x2d7/0x3a0
[  671.501360][    C1]  schedule+0xe7/0x3a0
[  671.505429][    C1]  schedule_timeout+0x123/0x290
[  671.510276][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  671.515647][    C1]  ? __pfx_process_timeout+0x10/0x10
[  671.520947][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  671.526752][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  671.532216][    C1]  rcu_gp_fqs_loop+0x1ea/0xb00
[  671.536986][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  671.542271][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  671.547472][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  671.552410][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  671.557268][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  671.563074][    C1]  rcu_gp_kthread+0x270/0x380
[  671.567753][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  671.572950][    C1]  ? rcu_is_watching+0x12/0xc0
[  671.577715][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  671.582914][    C1]  ? __kthread_parkme+0x19e/0x250
[  671.587939][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  671.593314][    C1]  kthread+0x3c2/0x780
[  671.597376][    C1]  ? __pfx_kthread+0x10/0x10
[  671.601962][    C1]  ? rcu_is_watching+0x12/0xc0
[  671.606720][    C1]  ? __pfx_kthread+0x10/0x10
[  671.611303][    C1]  ret_from_fork+0x5d7/0x6f0
[  671.615892][    C1]  ? __pfx_kthread+0x10/0x10
[  671.620476][    C1]  ret_from_fork_asm+0x1a/0x30
[  671.625250][    C1]  </TASK>