last executing test programs:

14.05172612s ago: executing program 1 (id=988):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000040)={0x13, 0x65, 0xffff, 0x1000, 0x6, '9P2000'}, 0x13)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r5, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})
utime(&(0x7f00000000c0)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), 0x0, 0x0, 0x10000, &(0x7f0000000800)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6673757569643d63332d6262e2332d342c646f6e745f61707072616973652c0000000000000000000000000000000000fd4de5a907ff70d1cf6967510dac143c4b1910e7d6b2cc31"])
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="574b0000000000c400000800000114000180060001000b000000080005"], 0x28}, 0x1, 0x0, 0x0, 0x24044000}, 0x20000000)
userfaultfd(0x1c0801)
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)

12.517980391s ago: executing program 1 (id=992):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8) (fail_nth: 4)

12.187126652s ago: executing program 1 (id=994):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r0, 0x4, 0x7c00)
memfd_create(&(0x7f0000000040)='\x00', 0x5)
sched_setscheduler(0x0, 0x5, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x4d, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x14, 0x4, 0x8, 0x8001, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r2, 0xae78, &(0x7f0000000100)=0x1)
setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x0, 0x1)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000340)="0fc79fc83766b95e0b000066b813c1000066ba000000000f30f20f2db00000b89c000f00d866b92409000066b89fc9000066ba000000000f300f684b00670fdf12baa000b085ee9ab600640036f30f1efa", 0x51}], 0x1, 0x24, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x6e, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000007c0)={0x0, 0x989680}, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x17, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000001a40)={0x1f, 0xffff}, 0x6)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x280, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @multicast2, 0x0, 0x0, 'team_slave_1\x00', 'wg0\x00'}, 0x0, 0x218, 0x280, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @broadcast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)

10.388820569s ago: executing program 4 (id=1000):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0x80087601, 0x1000000000000) (fail_nth: 3)

9.937913329s ago: executing program 1 (id=1002):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, 0x0, &(0x7f0000000080))
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20)
r3 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r4)
ppoll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x4000}], 0x1, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r6 = add_key$user(&(0x7f0000000200), &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000540)="f20ea8accdb7d9e23df4640df90c16152470e807043cc00b5b", 0x19, 0xffffffffffffffff)
r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r6, r7, r6}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r8)
sendmsg$IEEE802154_ADD_IFACE(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f00"], 0x28}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)={0x144, r5, 0x1, 0x0, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xea, 0xa9, @random="32cf634b8eedfcba0414c74c1315467ac790d22adafd6d96596f8513b47385fb1bd82fde5f522c3afebc0482a456f4e73b4c0c7fb91057f8377e94112d7e304d6259868fd080fee7de3ddcf577d3e1aeb0f543ad55547b617c53551027c6e66dc239f08fd8978544fe0d5b740adce00c43c1105317bda3c2daaf78161c2d8c2aad9330fe0dfcc40cee0ca63686e3b93e9f173554797dad84c932ad071e4ea1bf5a7e4dc3e8ecc5b7106f015264c41d6e99fa0d242ba51ae20c4daaecdf927995a3f01667bd6b7d21ee333d7c1d4ea03fc02d086a319320affcbe215840122e9eef3e1e44b038"}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x7}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0x28, 0xa9, @random="c8998762fe2864808190f64909d1a26f4ef5545a729a121561982e04466f2a9947829e56"}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x144}}, 0x90)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000400)={0xf0f02a, 0x1})

8.921595756s ago: executing program 4 (id=1006):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r2, 0x80885659, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})

8.053528468s ago: executing program 1 (id=1007):
mkdir(&(0x7f0000000300)='./file1\x00', 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000440)='./file1/file0\x00', &(0x7f00000003c0)='autofs\x00', 0x2000888, 0xfffffffffffffffd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$pptp(0x18, 0x1, 0x2)
accept(r3, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000100))
r5 = syz_open_procfs(0x0, 0x0)
pread64(r5, &(0x7f0000032500)=""/102400, 0x190f5, 0x4001)

7.984425816s ago: executing program 4 (id=1008):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000880)={0xa, @raw_data="9303859727f09bf0c3f827ea7fff8b0efe2b538af7bbbfdfdfd0607542cce710810e6b37aaddbdb3ff8914597356f9d858d82448b876271c5e786132e961817b84a3e6c091f49a6e3bff6fc20caa7b7792a28302460b734274a01ebd0668b15d584215e094c8035e6b98c9cb240ae7f46264fdfb53dce63f1a7b39b9acbe7d74a275302cddcd2629979af3983d6e4bce8dedfec4825ef0d12c7fa09857fcfcd22998c51d1af4c9e5a86df83d9bfab08aa20fdb27a5d2bca4c6c30e24d280831f561ac88fabd99dfb"})

7.895590454s ago: executing program 4 (id=1009):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x0)
r1 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x80)
ioctl$CEC_RECEIVE(r2, 0xc0386106, &(0x7f0000000000)={0x0, 0x7, 0x1, 0x0, 0x0, 0x9, '&\x00', 0x0, 0x0, 0x4a, 0x0, 0x0, 0x0, 0xe})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x9, {"a2e339084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b39333b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d316d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, 0xffffffffffffffff)

7.743074197s ago: executing program 1 (id=1010):
close(0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, 0x0, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB='\v\x00\x00'], 0x119)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYRES32=r3], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
syz_io_uring_setup(0x1083f, 0x0, 0x0, 0x0)
r4 = getpid()
landlock_restrict_self(0xffffffffffffffff, 0x2000000)
sched_setscheduler(r4, 0x2, &(0x7f0000000140)=0x8000)
r5 = openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000240)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0)
close(r6)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
bind$llc(r7, &(0x7f0000000280)={0x1a, 0x306, 0x2, 0x5, 0xfd, 0xf8, @random="1489b031712b"}, 0x10)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
ioctl$SIOCSIFHWADDR(r6, 0x8b30, &(0x7f0000000000)={'wlan1\x00', @random="0011002000"})
close(0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$inet(0x2, 0x3, 0x2) (async)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, 0x0, 0x0) (async)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) (async)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB='\v\x00\x00'], 0x119) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYRES32=r3], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) (async)
syz_io_uring_setup(0x1083f, 0x0, 0x0, 0x0) (async)
getpid() (async)
landlock_restrict_self(0xffffffffffffffff, 0x2000000) (async)
sched_setscheduler(r4, 0x2, &(0x7f0000000140)=0x8000) (async)
openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0) (async)
openat$cgroup_ro(r5, &(0x7f0000000240)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0) (async)
close(r6) (async)
pipe(&(0x7f0000000200)) (async)
bind$llc(r7, &(0x7f0000000280)={0x1a, 0x306, 0x2, 0x5, 0xfd, 0xf8, @random="1489b031712b"}, 0x10) (async)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)) (async)
ioctl$SIOCSIFHWADDR(r8, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) (async)
ioctl$SIOCSIFHWADDR(r6, 0x8b30, &(0x7f0000000000)={'wlan1\x00', @random="0011002000"}) (async)

6.318289198s ago: executing program 4 (id=1013):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x10, &(0x7f0000000280)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x24, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000280), 0x2)
r2 = ioctl$UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f0000000340)={0x0, 0x1, [{0xffffffffffffffff, 0x0, 0xfffffffffffff000}]})
lsm_set_self_attr(0x67, &(0x7f0000000040)={0x65, 0x0, 0x20}, 0x20, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000240)={0x20, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000080}, 0xc, &(0x7f00000002c0)={&(0x7f0000000080)={0x1c0, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5d}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_AF={0x6}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2a}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x800}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x81}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'macvtap0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x5}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0x54, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x60}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x401}]}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x1c}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6erspan0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x400}]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40010}, 0x8000)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6.167235405s ago: executing program 0 (id=1014):
unshare(0x22020600)
setsockopt$rose(0xffffffffffffffff, 0x104, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xe, 0x200001ad, &(0x7f0000000000)=ANY=[@ANYBLOB="620a0040000000008000ba2f"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0xfc}}, 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

6.145890625s ago: executing program 2 (id=1015):
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17) (async)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x14)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) (async)
r1 = dup(r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
mlock2(&(0x7f0000293000/0x4000)=nil, 0x4000, 0x0) (async)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r1, 0x0) (async)
syz_clone(0x84000, 0x0, 0x0, 0x0, &(0x7f00000011c0), &(0x7f0000001200)) (async)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3)

6.085830374s ago: executing program 3 (id=1016):
unshare(0x22020600)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xe, 0x200001ad, &(0x7f0000000000)=ANY=[@ANYBLOB="620a0040000000008000ba2f"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0xfc}}, 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

5.205740169s ago: executing program 2 (id=1017):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x80, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

5.203325043s ago: executing program 0 (id=1018):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007292bd404020305582a80000000109021b0001000000000904000001df7fa9000905", @ANYBLOB="86"], 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) (async)
r4 = socket$caif_seqpacket(0x25, 0x5, 0x0)
r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x8) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) (async)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r7 = dup(r6)
ioctl$USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0x0, 0x0, 0x0, 0xfa5, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x15, 0x7, &(0x7f0000000780)=ANY=[@ANYBLOB="80d00600db0000003068ffff000000002059f4ff01000000185400000b0000000000000000000000182900fdf52ff83bf7351ac8d0da94d20f0167e5ff6ede5aeff293a55b1e1d8ec9c2a36ab6d31cbad2680269c604eb6ac04c99ef06ac1e701f3288270c02a881d4890658d86e3a763be243e6af27239a60266ae7d32088da61a4b35669eb4b897a277a232d39477cd4ccfa0764695cef548e43662c63b3489e6b50b205900951285481f90bdc0e60a2152e2523cc3827ef8078bee692d826af86b322fbab2553ec1349c3abbba41d809d7cedfb3a00000000000000", @ANYRES32, @ANYBLOB="0000000004000000"], &(0x7f0000000480)='GPL\x00', 0x7ff, 0x8e, &(0x7f00000004c0)=""/142, 0x41000, 0x26, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, &(0x7f0000000640)=[r3, r5, r7], &(0x7f0000000680)=[{0x5, 0x5, 0x3, 0x4}, {0x0, 0x1, 0xf, 0x9}, {0x3, 0x1, 0x0, 0x7}, {0x2, 0x2, 0xa, 0x7}], 0x10, 0x455, @void, @value}, 0x94) (async)
close(r5) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000200), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES64=r3, @ANYBLOB=',wfdno=', @ANYRESOCT=r4])
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, 0x1, 0x9, 0x801, 0x0, 0x0, {}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x400}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x15}, @NFCTH_STATUS={0x8}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x818}}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x7}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x11}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x1) (async)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) (async)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0) (async)
sendmmsg(r9, &(0x7f0000000180), 0x400008a, 0x0)

5.101556527s ago: executing program 2 (id=1019):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x2c800)
ioctl$VIDIOC_DQEVENT(r0, 0x80885659, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x801)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b7000000286c0000bca30000000000002403000040feffff7b0af0ff0000000079a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300"/4140], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = accept$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10)
getsockopt$inet_int(r4, 0x0, 0x21, &(0x7f0000000140), &(0x7f0000000180)=0x4)
r5 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x18, 0x2, 0x5})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})

4.129307595s ago: executing program 2 (id=1020):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0x4000423)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e21, @loopback}, {0x2, 0x4e23, @broadcast}, 0x280, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000004, 0x9, 0x7})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x24}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getrlimit(0xb, &(0x7f0000000040))
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000000)=0x49d0, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @local}, 0x1c)
prlimit64(0x0, 0x6, &(0x7f0000000240)={0x5, 0x3}, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x4001, 0x3, 0x240, 0x0, 0x720d, 0x148, 0xf8, 0x148, 0x1a8, 0x240, 0x240, 0x1a8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @remote, 0xffffffff, 0x0, 'wg1\x00', 'veth0_to_bridge\x00', {0xff}, {}, 0x84, 0x3, 0x11}, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x1, 0x84]}, {0xffffffffffffffff, [0x6, 0xb2cc575b459b5b33, 0x4, 0x2, 0x1], 0x6, 0x3}}}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x0, 0x0, 0xfffffff2]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
recvmmsg(r3, &(0x7f00000066c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001fc0)=""/148, 0x94}}], 0x1, 0x2000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="1b0000000000000000000000008000000000", @ANYRESOCT=r0], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

4.076309947s ago: executing program 3 (id=1021):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
unshare(0x200)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x40047454, &(0x7f00000003c0)=0xc446806)

3.159525356s ago: executing program 2 (id=1022):
unshare(0x22020600)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3.011937612s ago: executing program 3 (id=1023):
unshare(0x22020600)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xe, 0x200001ad, &(0x7f0000000000)=ANY=[@ANYBLOB="620a0040000000008000ba2f"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

2.671154624s ago: executing program 0 (id=1024):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000040)={0x13, 0x65, 0xffff, 0x1000, 0x6, '9P2000'}, 0x13)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r4, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, 0x0)
utime(&(0x7f00000000c0)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), 0x0, 0x0, 0x10000, &(0x7f0000000800)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6673757569643d63332d6262e2332d342c646f6e745f61707072616973652c0000000000000000000000000000000000fd4de5a907ff70d1cf6967510dac143c4b1910e7d6b2cc31"])
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="574b0000000000c400000800000114000180060001000b000000080005"], 0x28}, 0x1, 0x0, 0x0, 0x24044000}, 0x20000000)
userfaultfd(0x1c0801)
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)

1.726014518s ago: executing program 0 (id=1025):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x31, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000680), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000001a80)={&(0x7f0000000a80)="ee", 0x1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f00000000c0)={r2})
r3 = socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0x3, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r4, 0x0, 0x0)
socket$inet(0xa, 0x801, 0x84)
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
r5 = gettid()
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
write$sequencer(r6, &(0x7f0000000240)=ANY=[@ANYBLOB="0293"], 0x9)
ioctl$SNDCTL_SEQ_SYNC(r6, 0x5101)
getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f0000000040), &(0x7f0000000100)=0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800), 0x4)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000840)={'gretap0\x00', <r7=>0x0, 0x1, 0x8, 0x80, 0x9, {{0x32, 0x4, 0x0, 0x6, 0xc8, 0x267, 0x0, 0x9, 0x2f, 0x0, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x43}, {[@timestamp={0x44, 0x18, 0x8c, 0x0, 0x0, [0x0, 0x8000, 0xc, 0x7, 0x25]}, @timestamp={0x44, 0x4, 0xf, 0x0, 0x5}, @rr={0x7, 0x17, 0xf7, [@rand_addr=0x64010101, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @lsrr={0x83, 0xb, 0x36, [@multicast1, @broadcast]}, @timestamp_prespec={0x44, 0xc, 0x7, 0x3, 0x0, [{@multicast2, 0x1800}]}, @ra={0x94, 0x4}, @cipso={0x86, 0x3d, 0x3, [{0x0, 0x12, "fadf9dbeaecb9aa9ad8c6367389ef5e2"}, {0x5, 0x4, "f115"}, {0x5, 0x12, "f2ffa0f03fb43a8e74ad61d8f3c1fb53"}, {0xfe7e28675fc6337a, 0xc, "1eec104488c14b25f7eb"}, {0x7, 0x3, "16"}]}, @ssrr={0x89, 0x7, 0xe1, [@rand_addr=0x64010100]}, @rr={0x7, 0x1f, 0xe7, [@multicast1, @remote, @loopback, @dev={0xac, 0x14, 0x14, 0x1f}, @broadcast, @dev={0xac, 0x14, 0x14, 0x1d}, @rand_addr=0x64010101]}, @noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r8=>0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote}}}})
r9 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x12, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000640)='.\x00', &(0x7f00000006c0), 0x11090, &(0x7f0000000700)=ANY=[@ANYBLOB='to=\x00'/15, @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',uname=*/,cache=loose,msize=0x00000000000008bc,appraise_type=imasig,obj_user=/selinux/policy\x00,seclabel,defcontext=system_u,mask=MAY_APPEND,fsmagic=0x0000000000000007,appraise,\x00'])
sendmsg$ETHTOOL_MSG_COALESCE_GET(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c00)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd2869fbdbdf25130000003c0001801400020000000000000000000800030001000000080001009163a87c805724d536ed52864aff1cdb7eb62ddc4ac0fcb8ef7f33", @ANYRES32=r8, @ANYBLOB="1400020062617461647630000000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
r10 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x11, &(0x7f0000000ac0)=ANY=[@ANYRES32=0x0, @ANYRES8, @ANYBLOB="0000000000000000b70500000800000085000000a500000085200000010000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x1, 0xa9, &(0x7f00000002c0)=""/169, 0x40f00, 0x0, '\x00', r7, 0x25, r9, 0x8, &(0x7f00000003c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0x8, 0x1ff, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000540)=[0xffffffffffffffff, r10, 0x1], 0x0, 0x10, 0x3, @void, @value}, 0x94)
setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000040)={@mcast2}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000063110c00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.608105011s ago: executing program 4 (id=1026):
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xd, 0x40010408, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008340)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x800000000000000, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
write$tcp_congestion(r2, 0x0, 0x0)
r3 = semget$private(0x0, 0x1, 0x0)
semtimedop(r3, &(0x7f0000000180), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
setresuid(0x0, 0xee01, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r4, &(0x7f0000002cc0)=[{{&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000000180)="0561ce7e42ce", 0x6}], 0x1}}], 0x2, 0x240088f0)

751.274232ms ago: executing program 0 (id=1027):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, 0x0)
r2 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8)
r3 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000100), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r3)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, r4)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x2280, 0x0)
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0xfe47, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000), 0x1})

608.489134ms ago: executing program 0 (id=1028):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000005000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="05005b"], 0x24}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x24, r4, 0x5, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40048}, 0x20002040)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r9 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x181)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x1, 0x0, 0x9}, 0x8}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x67}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x2, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x81}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r11 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0x0)
ioctl$CEC_S_MODE(r11, 0x40046109, &(0x7f00000000c0)=0x31)
r12 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x180)
ioctl$CEC_ADAP_S_LOG_ADDRS(r12, 0xc05c6104, &(0x7f0000000340)={"6d71f879", 0x0, 0x2, 0x0, 0x0, 0x0, "244a18d1c4e6469a005caf0c0ff58a", "ce4250d8", "000400", '\x00', ["26e203a56a36ac4f0b8b8c4f", "5e10229555954b0f02cd1469", '\x00', "79f56cb7422723000029edb7"]})
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r13, 0x80)
sendfile(r9, r13, 0x0, 0x7ffff000)
r14 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r14, 0x80087601, 0x1000000000000)

601.605092ms ago: executing program 3 (id=1029):
r0 = socket(0x10, 0x3, 0x0)
syz_io_uring_setup(0x7d6, &(0x7f0000000080)={0x0, 0x0, 0x100, 0x2, 0xca}, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) (async)
move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], &(0x7f0000000180)=[0x1], 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xb, 0x18, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r1 = syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000000c0)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) (async)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x3, 0x0, 0x0, 0x69, 0x0, 0x0, 0x0, 0x1})
r7 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r7, 0x82307202, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async)
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="380000006800010000000000000000000a00000000000000100008800c0001000002002000000000060007000800000008000500", @ANYRES32=r8], 0x38}}, 0x0)

315.177464ms ago: executing program 3 (id=1030):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x2, 0xb1, 0xd}, 0x18)
getdents64(r1, &(0x7f0000000100)=""/6, 0x6) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x5, 0x0, 0x0, @void, @value}, 0x10) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

314.851626ms ago: executing program 3 (id=1031):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x8003, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = inotify_init1(0x80800)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x13, 0x10, 0x2, 0x0, 0x40000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x14, 0x7, 0xa, 0x301}, 0x14}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB="180006000000000000000000094000003a11", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

0s ago: executing program 2 (id=1032):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES32=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket(0x10, 0x803, 0x0)
mount(0x0, 0x0, &(0x7f0000000280)='tracefs\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x325000, 0x800}, 0x1c)
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

kernel console output (not intermixed with test programs):

.181878][ T8011]  ? security_capable+0x7e/0x260
[  224.181900][ T8011]  ? ns_capable+0xd7/0x110
[  224.181921][ T8011]  __sys_bpf+0x1747/0x49c0
[  224.181944][ T8011]  ? __pfx_lock_release+0x10/0x10
[  224.181963][ T8011]  ? __pfx___sys_bpf+0x10/0x10
[  224.181983][ T8011]  ? vfs_write+0x306/0x1150
[  224.182007][ T8011]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  224.182035][ T8011]  ? fput+0x67/0x440
[  224.182056][ T8011]  ? ksys_write+0x1ba/0x250
[  224.182074][ T8011]  ? __pfx_ksys_write+0x10/0x10
[  224.182096][ T8011]  __x64_sys_bpf+0x78/0xc0
[  224.182108][ T8011]  ? lockdep_hardirqs_on+0x7c/0x110
[  224.182124][ T8011]  do_syscall_64+0xcd/0x250
[  224.182143][ T8011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.182169][ T8011] RIP: 0033:0x7fbf61d8cd29
[  224.182181][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.182195][ T8011] RSP: 002b:00007fbf62c63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.182209][ T8011] RAX: ffffffffffffffda RBX: 00007fbf61fa5fa0 RCX: 00007fbf61d8cd29
[  224.182220][ T8011] RDX: 0000000000000028 RSI: 0000000020000300 RDI: 0000000000000012
[  224.182229][ T8011] RBP: 00007fbf62c63090 R08: 0000000000000000 R09: 0000000000000000
[  224.182239][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.182248][ T8011] R13: 0000000000000001 R14: 00007fbf61fa5fa0 R15: 00007ffe006c64a8
[  224.182271][ T8011]  </TASK>
[  224.846187][ T2144] usb 4-1: USB disconnect, device number 31
[  225.925473][ T2144] usb 3-1: USB disconnect, device number 22
[  225.925497][    T8] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  226.116840][    T8] usb 2-1: unable to get BOS descriptor set
[  226.129581][    T8] usb 2-1: config 3 has an invalid interface number: 64 but max is 0
[  226.144129][    T8] usb 2-1: config 3 has no interface number 0
[  226.355609][ T2144] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  226.361569][    T8] usb 2-1: config 3 interface 64 has no altsetting 0
[  226.443910][    T8] usb 2-1: New USB device found, idVendor=0403, idProduct=fc82, bcdDevice=20.bd
[  226.462403][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.505102][    T8] usb 2-1: Product: syz
[  226.520988][    T8] usb 2-1: Manufacturer: syz
[  226.535666][    T8] usb 2-1: SerialNumber: syz
[  226.638223][ T2144] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  226.678213][ T2144] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  226.724493][ T2144] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  226.741964][ T2144] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  226.752589][ T2144] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.765186][   T29] audit: type=1400 audit(1737638839.824:423): avc:  denied  { append } for  pid=8023 comm="syz.1.557" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  226.771594][ T8041] netlink: 80 bytes leftover after parsing attributes in process `syz.3.562'.
[  226.809021][ T2144] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  226.822809][ T2144] usb 3-1: invalid MIDI out EP 0
[  226.826837][    T8] ftdi_sio 2-1:3.64: FTDI USB Serial Device converter detected
[  226.848826][    T8] ftdi_sio ttyUSB0: unknown device type: 0x20bd
[  226.904663][ T2144] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  226.983125][ T5972] udevd[5972]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  227.229910][ T5870] usb 3-1: USB disconnect, device number 23
[  227.291228][    T8] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  227.334046][ T8045] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  227.445446][    T8] usb 5-1: Using ep0 maxpacket: 8
[  227.446963][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  227.446983][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  227.446996][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  227.447009][    T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  227.447026][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  227.447038][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.604491][   T29] audit: type=1400 audit(1737638840.664:424): avc:  denied  { setopt } for  pid=8049 comm="syz.3.565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  227.606250][ T8052] fuse: Bad value for 'fd'
[  227.653993][    T8] usb 5-1: GET_CAPABILITIES returned 0
[  227.659753][    T8] usbtmc 5-1:16.0: can't read capabilities
[  228.093674][ T8059] bridge0: port 3(ipvlan0) entered blocking state
[  228.100924][ T8059] bridge0: port 3(ipvlan0) entered disabled state
[  228.108701][ T8059] ipvlan0: entered allmulticast mode
[  228.114096][ T8059] bridge0: entered allmulticast mode
[  228.178585][ T8059] ipvlan0: left allmulticast mode
[  228.183835][ T8059] bridge0: left allmulticast mode
[  228.574465][    T8] usb 5-1: USB disconnect, device number 29
[  229.746744][ T5913] usb 2-1: USB disconnect, device number 34
[  229.766639][ T5913] ftdi_sio 2-1:3.64: device disconnected
[  229.820476][ T8069] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  229.943306][ T8074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.571'.
[  230.031371][   T29] audit: type=1400 audit(1737638843.094:425): avc:  denied  { ioctl } for  pid=8070 comm="syz.1.570" path="socket:[18105]" dev="sockfs" ino=18105 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  230.176669][   T29] audit: type=1400 audit(1737638843.124:426): avc:  denied  { bind } for  pid=8070 comm="syz.1.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  230.723638][ T8091] netlink: 4 bytes leftover after parsing attributes in process `syz.0.575'.
[  230.810455][   T29] audit: type=1400 audit(1737638843.124:427): avc:  denied  { name_bind } for  pid=8070 comm="syz.1.570" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  230.831637][    C0] vkms_vblank_simulate: vblank timer overrun
[  230.980487][   T29] audit: type=1400 audit(1737638843.124:428): avc:  denied  { node_bind } for  pid=8070 comm="syz.1.570" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  231.055559][ T5870] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  231.487082][ T5870] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  231.516280][ T5870] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  231.603263][ T5870] usb 1-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  231.668781][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.711604][ T5870] usb 1-1: Product: syz
[  231.741787][ T5870] usb 1-1: Manufacturer: syz
[  231.941490][ T5870] usb 1-1: SerialNumber: syz
[  231.986569][ T5870] usb 1-1: config 0 descriptor??
[  232.012329][ T5870] HFC-S_USB 1-1:0.0: probe with driver HFC-S_USB failed with error -5
[  232.713859][ T8122] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  233.779396][ T8131] netlink: 80 bytes leftover after parsing attributes in process `syz.3.586'.
[  234.834618][   T29] audit: type=1400 audit(1737638847.894:429): avc:  denied  { setopt } for  pid=8136 comm="syz.4.587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  235.051169][ T8147] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  235.700400][ T5913] usb 1-1: USB disconnect, device number 26
[  237.153705][ T8162] overlayfs: missing 'lowerdir'
[  237.397338][ T2144] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  237.688264][ T8171] netlink: 68 bytes leftover after parsing attributes in process `syz.0.596'.
[  237.697295][ T8171] netlink: 68 bytes leftover after parsing attributes in process `syz.0.596'.
[  237.896927][ T2144] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  237.939481][ T2144] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  238.106603][ T2144] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  238.116059][ T2144] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.137213][ T8165] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  238.147990][ T2144] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  239.095173][   T29] audit: type=1400 audit(1737638852.154:430): avc:  denied  { connect } for  pid=8163 comm="syz.3.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  239.124555][   T29] audit: type=1400 audit(1737638852.154:431): avc:  denied  { write } for  pid=8163 comm="syz.3.597" path="socket:[18287]" dev="sockfs" ino=18287 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  239.294009][ T5870] usb 4-1: USB disconnect, device number 32
[  239.325545][ T5865] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  239.642681][ T5865] usb 5-1: Using ep0 maxpacket: 8
[  239.662521][ T5865] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  239.699345][ T5865] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  239.783764][ T5865] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  240.115427][ T5865] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  240.135575][ T5865] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  240.144793][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.237212][ T8193] netlink: 80 bytes leftover after parsing attributes in process `syz.1.604'.
[  240.396879][ T5865] usb 5-1: GET_CAPABILITIES returned 0
[  240.402474][ T5865] usbtmc 5-1:16.0: can't read capabilities
[  240.518753][ T8201] netlink: 80 bytes leftover after parsing attributes in process `syz.1.607'.
[  240.743966][ T8205] overlayfs: missing 'lowerdir'
[  240.846162][ T5865] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[  240.851932][ T8209] bridge0: port 3(ipvlan0) entered blocking state
[  240.861117][ T8209] bridge0: port 3(ipvlan0) entered disabled state
[  240.868520][ T8209] ipvlan0: entered allmulticast mode
[  240.873928][ T8209] bridge0: entered allmulticast mode
[  240.898632][ T8209] ipvlan0: left allmulticast mode
[  240.903813][ T8209] bridge0: left allmulticast mode
[  241.053264][ T5865] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  241.212255][ T5865] usb 1-1: config 0 has no interfaces?
[  241.329873][ T5865] usb 1-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  241.366286][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.396230][ T5865] usb 1-1: Product: syz
[  241.400492][ T5865] usb 1-1: Manufacturer: syz
[  241.408204][ T5865] usb 1-1: SerialNumber: syz
[  241.411441][ T5870] usb 5-1: USB disconnect, device number 30
[  241.414310][ T5865] usb 1-1: config 0 descriptor??
[  241.769267][ T8224] netlink: 32 bytes leftover after parsing attributes in process `syz.2.615'.
[  243.137932][ T8234] netlink: 48 bytes leftover after parsing attributes in process `syz.2.616'.
[  244.198182][    T8] usb 1-1: USB disconnect, device number 27
[  244.368560][ T8251] overlayfs: missing 'lowerdir'
[  244.665543][   T29] audit: type=1400 audit(1737638857.694:432): avc:  denied  { ioctl } for  pid=8258 comm="syz.4.626" path="socket:[18754]" dev="sockfs" ino=18754 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  244.998326][ T8255] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  245.078774][ T8266] binder: BINDER_SET_CONTEXT_MGR already set
[  245.095540][ T8266] binder: 8265:8266 ioctl 4018620d 200001c0 returned -16
[  245.127215][ T8266] Cannot find add_set index 3 as target
[  245.211925][   T29] audit: type=1804 audit(1737638858.274:433): pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.628" name="/newroot/130/bus/file0" dev="overlay" ino=709 res=1 errno=0
[  246.312439][ T8293] IPVS: Error connecting to the multicast addr
[  248.189934][ T8311] netlink: 80 bytes leftover after parsing attributes in process `syz.0.639'.
[  248.355996][ T8314] netlink: 12 bytes leftover after parsing attributes in process `syz.0.640'.
[  249.336513][ T8326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.646'.
[  250.103504][ T8331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.645'.
[  250.556441][    T8] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  250.748726][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  251.290444][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  251.372060][    T8] usb 2-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  251.385522][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.413469][    T8] usb 2-1: Product: syz
[  251.446478][    T8] usb 2-1: Manufacturer: syz
[  251.451128][    T8] usb 2-1: SerialNumber: syz
[  251.470392][    T8] usb 2-1: config 0 descriptor??
[  251.497710][    T8] HFC-S_USB 2-1:0.0: probe with driver HFC-S_USB failed with error -5
[  251.561381][ T8351] netlink: 80 bytes leftover after parsing attributes in process `syz.4.650'.
[  251.743647][ T8349] netlink: 16 bytes leftover after parsing attributes in process `syz.0.651'.
[  252.400393][ T8367] netlink: 80 bytes leftover after parsing attributes in process `syz.0.654'.
[  252.487780][ T8369] netlink: 20 bytes leftover after parsing attributes in process `syz.4.655'.
[  252.528063][ T8369] netlink: 12 bytes leftover after parsing attributes in process `syz.4.655'.
[  252.734708][ T8380] FAULT_INJECTION: forcing a failure.
[  252.734708][ T8380] name failslab, interval 1, probability 0, space 0, times 0
[  252.747668][ T8380] CPU: 1 UID: 0 PID: 8380 Comm: syz.0.659 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  252.747691][ T8380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  252.747702][ T8380] Call Trace:
[  252.747707][ T8380]  <TASK>
[  252.747714][ T8380]  dump_stack_lvl+0x16c/0x1f0
[  252.747748][ T8380]  should_fail_ex+0x497/0x5b0
[  252.747767][ T8380]  ? fs_reclaim_acquire+0xae/0x150
[  252.747790][ T8380]  should_failslab+0xc2/0x120
[  252.747816][ T8380]  __kmalloc_noprof+0xcb/0x510
[  252.747846][ T8380]  tomoyo_encode2+0x100/0x3e0
[  252.747876][ T8380]  tomoyo_encode+0x29/0x50
[  252.747901][ T8380]  tomoyo_realpath_from_path+0x19d/0x720
[  252.747930][ T8380]  ? tomoyo_path_number_perm+0x235/0x590
[  252.747955][ T8380]  tomoyo_path_number_perm+0x248/0x590
[  252.747976][ T8380]  ? tomoyo_path_number_perm+0x235/0x590
[  252.748001][ T8380]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  252.748033][ T8380]  ? __pfx___schedule+0x10/0x10
[  252.748063][ T8380]  ? irqentry_exit+0x3b/0x90
[  252.748082][ T8380]  ? lockdep_hardirqs_on+0x7c/0x110
[  252.748108][ T8380]  ? __x64_sys_ioctl+0x94/0x200
[  252.748125][ T8380]  ? security_file_ioctl+0x18/0x240
[  252.748154][ T8380]  security_file_ioctl+0x9b/0x240
[  252.748181][ T8380]  __x64_sys_ioctl+0xb7/0x200
[  252.748200][ T8380]  do_syscall_64+0xcd/0x250
[  252.748221][ T8380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.748245][ T8380] RIP: 0033:0x7fbe61f8cd29
[  252.748263][ T8380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.748278][ T8380] RSP: 002b:00007fbe62d10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.748296][ T8380] RAX: ffffffffffffffda RBX: 00007fbe621a6080 RCX: 00007fbe61f8cd29
[  252.748307][ T8380] RDX: 0000000020000540 RSI: 00000000c0086202 RDI: 000000000000000a
[  252.748317][ T8380] RBP: 00007fbe62d10090 R08: 0000000000000000 R09: 0000000000000000
[  252.748328][ T8380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.748337][ T8380] R13: 0000000000000000 R14: 00007fbe621a6080 R15: 00007ffe232a34e8
[  252.748360][ T8380]  </TASK>
[  252.956834][ T8380] ERROR: Out of memory at tomoyo_realpath_from_path.
[  253.089371][ T6058] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[  253.427262][    T9] usb 2-1: USB disconnect, device number 35
[  253.504934][ T6058] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  253.602914][ T8384] netlink: 4 bytes leftover after parsing attributes in process `syz.2.658'.
[  253.875702][ T5913] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  254.138386][ T6058] usb 4-1: config 0 has no interfaces?
[  254.158392][ T6058] usb 4-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  254.159927][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  254.167729][ T6058] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.185639][ T6058] usb 4-1: Product: syz
[  254.189918][ T6058] usb 4-1: Manufacturer: syz
[  254.194577][ T6058] usb 4-1: SerialNumber: syz
[  254.210655][ T6058] usb 4-1: config 0 descriptor??
[  254.505879][ T5913] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  254.526479][ T5913] usb 3-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  254.552916][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.585636][ T5913] usb 3-1: Product: syz
[  254.589851][ T5913] usb 3-1: Manufacturer: syz
[  254.594462][ T5913] usb 3-1: SerialNumber: syz
[  254.642989][ T5913] usb 3-1: config 0 descriptor??
[  254.652876][ T5913] HFC-S_USB 3-1:0.0: probe with driver HFC-S_USB failed with error -5
[  254.801891][   T29] audit: type=1400 audit(1737638867.864:434): avc:  denied  { mounton } for  pid=8392 comm="syz.1.664" path="/proc/438/task" dev="proc" ino=18974 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  254.827229][ T8393] ptrace attach of "./syz-executor exec"[8398] was attempted by "./syz-executor exec"[8393]
[  255.390061][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  255.877068][ T8413] netlink: 80 bytes leftover after parsing attributes in process `syz.4.668'.
[  255.938667][ T6058] usb 4-1: USB disconnect, device number 33
[  255.997848][ T8417] input: syz0 as /devices/virtual/input/input21
[  256.719851][ T5865] usb 3-1: USB disconnect, device number 24
[  257.054174][ T8433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.672'.
[  257.845932][ T5865] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  258.017062][ T5865] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  258.050648][ T8431] netlink: 80 bytes leftover after parsing attributes in process `syz.0.675'.
[  258.075209][ T5865] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  258.145591][ T5865] usb 2-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  258.199567][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.231764][ T5865] usb 2-1: Product: syz
[  258.241421][   T29] audit: type=1400 audit(1737638871.264:435): avc:  denied  { setopt } for  pid=8436 comm="syz.3.676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  258.260759][ T5865] usb 2-1: Manufacturer: syz
[  258.278977][ T5865] usb 2-1: SerialNumber: syz
[  258.318964][ T5865] usb 2-1: config 0 descriptor??
[  258.371648][ T5865] HFC-S_USB 2-1:0.0: probe with driver HFC-S_USB failed with error -5
[  258.479425][ T8451] netlink: 80 bytes leftover after parsing attributes in process `syz.4.680'.
[  258.834488][ T8462] FAULT_INJECTION: forcing a failure.
[  258.834488][ T8462] name failslab, interval 1, probability 0, space 0, times 0
[  258.860582][ T8462] CPU: 0 UID: 0 PID: 8462 Comm: syz.4.682 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  258.860604][ T8462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  258.860613][ T8462] Call Trace:
[  258.860618][ T8462]  <TASK>
[  258.860624][ T8462]  dump_stack_lvl+0x16c/0x1f0
[  258.860646][ T8462]  should_fail_ex+0x497/0x5b0
[  258.860665][ T8462]  ? fs_reclaim_acquire+0xae/0x150
[  258.860683][ T8462]  should_failslab+0xc2/0x120
[  258.860706][ T8462]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  258.860727][ T8462]  ? __alloc_skb+0x2b1/0x380
[  258.860751][ T8462]  __alloc_skb+0x2b1/0x380
[  258.860770][ T8462]  ? __pfx___alloc_skb+0x10/0x10
[  258.860792][ T8462]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  258.860817][ T8462]  netlink_alloc_large_skb+0x69/0x130
[  258.860838][ T8462]  netlink_sendmsg+0x689/0xd70
[  258.860862][ T8462]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.860887][ T8462]  ____sys_sendmsg+0xaaf/0xc90
[  258.860903][ T8462]  ? copy_msghdr_from_user+0x10b/0x160
[  258.860922][ T8462]  ? __pfx_____sys_sendmsg+0x10/0x10
[  258.860941][ T8462]  ___sys_sendmsg+0x135/0x1e0
[  258.860953][ T8462]  ? __pfx____sys_sendmsg+0x10/0x10
[  258.860974][ T8462]  ? __pfx_lock_release+0x10/0x10
[  258.860985][ T8462]  ? trace_lock_acquire+0x14e/0x1f0
[  258.860998][ T8462]  ? __fget_files+0x206/0x3a0
[  258.861013][ T8462]  __sys_sendmsg+0x16e/0x220
[  258.861024][ T8462]  ? __pfx___sys_sendmsg+0x10/0x10
[  258.861043][ T8462]  do_syscall_64+0xcd/0x250
[  258.861054][ T8462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.861067][ T8462] RIP: 0033:0x7f1f6978cd29
[  258.861075][ T8462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.861083][ T8462] RSP: 002b:00007f1f6a678038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  258.861092][ T8462] RAX: ffffffffffffffda RBX: 00007f1f699a5fa0 RCX: 00007f1f6978cd29
[  258.861097][ T8462] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  258.861102][ T8462] RBP: 00007f1f6a678090 R08: 0000000000000000 R09: 0000000000000000
[  258.861107][ T8462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.861112][ T8462] R13: 0000000000000000 R14: 00007f1f699a5fa0 R15: 00007ffc64173b18
[  258.861122][ T8462]  </TASK>
[  259.873874][ T5865] usb 2-1: USB disconnect, device number 36
[  259.955903][ T8470] binder: 8463:8470 ioctl c0306201 0 returned -14
[  259.975471][   T29] audit: type=1400 audit(1737638873.004:436): avc:  denied  { execute } for  pid=8463 comm="syz.2.684" path="/dev/sg0" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  260.000928][ T8470] binder: 8463:8470 ioctl c0306201 20000300 returned -14
[  260.159833][   T29] audit: type=1400 audit(1737638873.224:437): avc:  denied  { bind } for  pid=8482 comm="syz.1.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  260.163434][ T8485] netlink: 80 bytes leftover after parsing attributes in process `syz.3.692'.
[  260.281415][ T8491] netlink: 80 bytes leftover after parsing attributes in process `syz.3.695'.
[  261.393962][ T8505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.698'.
[  262.206650][ T8510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.699'.
[  262.465602][ T5865] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  262.678719][ T5865] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  262.725421][    T8] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  262.733700][ T5865] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  262.769363][ T5865] usb 3-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  262.785598][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.803825][ T5865] usb 3-1: Product: syz
[  262.808348][ T5865] usb 3-1: Manufacturer: syz
[  262.812954][ T5865] usb 3-1: SerialNumber: syz
[  262.826969][ T5865] usb 3-1: config 0 descriptor??
[  262.837745][ T5865] HFC-S_USB 3-1:0.0: probe with driver HFC-S_USB failed with error -5
[  262.886880][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  263.291694][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  263.332543][    T8] usb 1-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  263.345551][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.353947][    T8] usb 1-1: Product: syz
[  263.358919][    T8] usb 1-1: Manufacturer: syz
[  263.363800][    T8] usb 1-1: SerialNumber: syz
[  263.373398][    T8] usb 1-1: config 0 descriptor??
[  263.392706][    T8] HFC-S_USB 1-1:0.0: probe with driver HFC-S_USB failed with error -5
[  263.563228][ T8523] netlink: 'syz.3.704': attribute type 11 has an invalid length.
[  263.750946][ T8529] netlink: 80 bytes leftover after parsing attributes in process `syz.4.706'.
[  263.835485][   T29] audit: type=1400 audit(1737638876.794:438): avc:  denied  { accept } for  pid=8524 comm="syz.1.705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  264.820187][ T8542] netlink: 12 bytes leftover after parsing attributes in process `syz.3.710'.
[  265.596236][ T5870] usb 1-1: USB disconnect, device number 28
[  265.603784][    T8] usb 3-1: USB disconnect, device number 25
[  266.308421][ T5865] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  266.464653][ T8575] overlay: Unknown parameter 'smackfsdef'
[  267.102567][ T5865] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  267.209275][ T5865] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  268.185279][ T5865] usb 5-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  268.197657][ T8583] netlink: 12 bytes leftover after parsing attributes in process `syz.1.721'.
[  268.207024][ T5865] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.215194][ T5865] usb 5-1: Product: syz
[  268.220279][ T5865] usb 5-1: Manufacturer: syz
[  268.224896][ T5865] usb 5-1: SerialNumber: syz
[  268.232152][ T5865] usb 5-1: config 0 descriptor??
[  268.819965][ T5865] HFC-S_USB 5-1:0.0: probe with driver HFC-S_USB failed with error -5
[  268.862428][ T8587] FAULT_INJECTION: forcing a failure.
[  268.862428][ T8587] name failslab, interval 1, probability 0, space 0, times 0
[  268.883948][   T29] audit: type=1400 audit(1737638881.924:439): avc:  denied  { ioctl } for  pid=8585 comm="syz.0.723" path="socket:[20367]" dev="sockfs" ino=20367 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  268.905194][ T8587] CPU: 1 UID: 0 PID: 8587 Comm: syz.0.723 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  268.905218][ T8587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  268.905226][ T8587] Call Trace:
[  268.905231][ T8587]  <TASK>
[  268.905237][ T8587]  dump_stack_lvl+0x16c/0x1f0
[  268.905258][ T8587]  should_fail_ex+0x497/0x5b0
[  268.905277][ T8587]  should_failslab+0xc2/0x120
[  268.905299][ T8587]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  268.905318][ T8587]  ? skb_clone+0x190/0x3f0
[  268.905344][ T8587]  skb_clone+0x190/0x3f0
[  268.905364][ T8587]  netlink_deliver_tap+0xabd/0xd30
[  268.905385][ T8587]  netlink_unicast+0x5e1/0x7f0
[  268.905404][ T8587]  ? __pfx_netlink_unicast+0x10/0x10
[  268.905427][ T8587]  netlink_sendmsg+0x8b8/0xd70
[  268.905446][ T8587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.905471][ T8587]  ____sys_sendmsg+0xaaf/0xc90
[  268.905485][ T8587]  ? copy_msghdr_from_user+0x10b/0x160
[  268.905503][ T8587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  268.905533][ T8587]  ? __lock_acquire+0xcc5/0x3c40
[  268.905561][ T8587]  ___sys_sendmsg+0x135/0x1e0
[  268.905581][ T8587]  ? __pfx____sys_sendmsg+0x10/0x10
[  268.905610][ T8587]  ? trace_lock_acquire+0x14e/0x1f0
[  268.905641][ T8587]  __sys_sendmmsg+0x201/0x420
[  268.905668][ T8587]  ? __pfx___sys_sendmmsg+0x10/0x10
[  268.905695][ T8587]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  268.905721][ T8587]  ? fput+0x67/0x440
[  268.905742][ T8587]  ? ksys_write+0x1ba/0x250
[  268.905757][ T8587]  ? __pfx_ksys_write+0x10/0x10
[  268.905778][ T8587]  __x64_sys_sendmmsg+0x9c/0x100
[  268.905795][ T8587]  ? lockdep_hardirqs_on+0x7c/0x110
[  268.905811][ T8587]  do_syscall_64+0xcd/0x250
[  268.905829][ T8587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.905847][ T8587] RIP: 0033:0x7fbe61f8cd29
[  268.905859][ T8587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.905872][ T8587] RSP: 002b:00007fbe62d31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  268.905886][ T8587] RAX: ffffffffffffffda RBX: 00007fbe621a5fa0 RCX: 00007fbe61f8cd29
[  268.905895][ T8587] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000006
[  268.905904][ T8587] RBP: 00007fbe62d31090 R08: 0000000000000000 R09: 0000000000000000
[  268.905912][ T8587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.905920][ T8587] R13: 0000000000000000 R14: 00007fbe621a5fa0 R15: 00007ffe232a34e8
[  268.905941][ T8587]  </TASK>
[  269.015716][ T8595] FAULT_INJECTION: forcing a failure.
[  269.015716][ T8595] name failslab, interval 1, probability 0, space 0, times 0
[  269.174407][ T8595] CPU: 1 UID: 0 PID: 8595 Comm: syz.2.726 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  269.174428][ T8595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  269.174438][ T8595] Call Trace:
[  269.174443][ T8595]  <TASK>
[  269.174448][ T8595]  dump_stack_lvl+0x16c/0x1f0
[  269.174474][ T8595]  should_fail_ex+0x497/0x5b0
[  269.174495][ T8595]  should_failslab+0xc2/0x120
[  269.174519][ T8595]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  269.174542][ T8595]  ? skb_clone+0x190/0x3f0
[  269.174567][ T8595]  skb_clone+0x190/0x3f0
[  269.174587][ T8595]  netlink_deliver_tap+0xabd/0xd30
[  269.174611][ T8595]  netlink_unicast+0x5e1/0x7f0
[  269.174632][ T8595]  ? __pfx_netlink_unicast+0x10/0x10
[  269.174664][ T8595]  netlink_sendmsg+0x8b8/0xd70
[  269.174687][ T8595]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.174716][ T8595]  ____sys_sendmsg+0xaaf/0xc90
[  269.174733][ T8595]  ? copy_msghdr_from_user+0x10b/0x160
[  269.174753][ T8595]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.174780][ T8595]  ___sys_sendmsg+0x135/0x1e0
[  269.174800][ T8595]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.174830][ T8595]  ? __pfx_lock_release+0x10/0x10
[  269.174849][ T8595]  ? trace_lock_acquire+0x14e/0x1f0
[  269.174872][ T8595]  ? __fget_files+0x206/0x3a0
[  269.174898][ T8595]  __sys_sendmsg+0x16e/0x220
[  269.174919][ T8595]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.174957][ T8595]  do_syscall_64+0xcd/0x250
[  269.174979][ T8595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.175000][ T8595] RIP: 0033:0x7f020c18cd29
[  269.175012][ T8595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.175027][ T8595] RSP: 002b:00007f020cfc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.175043][ T8595] RAX: ffffffffffffffda RBX: 00007f020c3a5fa0 RCX: 00007f020c18cd29
[  269.175052][ T8595] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  269.175061][ T8595] RBP: 00007f020cfc3090 R08: 0000000000000000 R09: 0000000000000000
[  269.175070][ T8595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.175079][ T8595] R13: 0000000000000000 R14: 00007f020c3a5fa0 R15: 00007fff7aa55678
[  269.175100][ T8595]  </TASK>
[  269.445544][ T5865] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  269.595559][ T5865] usb 2-1: Using ep0 maxpacket: 16
[  269.602199][ T5865] usb 2-1: unable to get BOS descriptor or descriptor too short
[  269.610777][ T5865] usb 2-1: config 1 has an invalid interface number: 61 but max is 2
[  269.619029][ T5865] usb 2-1: config 1 has an invalid descriptor of length 8, skipping remainder of the config
[  269.629228][ T5865] usb 2-1: config 1 has 4 interfaces, different from the descriptor's value: 3
[  269.638255][ T5865] usb 2-1: config 1 has no interface number 3
[  269.644390][ T5865] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 9504, setting to 1024
[  269.689104][ T5865] usb 2-1: config 1 interface 61 has no altsetting 0
[  269.711148][ T5865] usb 2-1: config 1 interface 1 has no altsetting 0
[  269.729344][ T5865] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  269.738627][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.748553][ T5865] usb 2-1: Product: syz
[  269.753193][ T5865] usb 2-1: Manufacturer: syz
[  269.758160][ T5865] usb 2-1: SerialNumber: syz
[  269.820381][    T8] usb 5-1: USB disconnect, device number 31
[  270.020144][ T8608] loop2: detected capacity change from 0 to 7
[  270.029722][ T8608] Dev loop2: unable to read RDB block 7
[  270.035450][ T8608]  loop2: unable to read partition table
[  270.041175][ T8608] loop2: partition table beyond EOD, truncated
[  270.047369][ T8608] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  270.095476][ T8608] loop2: detected capacity change from 7 to 0
[  270.251434][ T8602] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  270.257557][ T8602] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  270.263510][ T8602] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  270.271164][ T8602] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  270.277154][ T8602] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  270.324655][ T5865] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  270.355622][ T5865] usb 2-1: 2:1: invalid format type 0xc496 is detected, processed as PCM
[  270.364190][ T5865] usb 2-1: 2:1 : sample bitwidth 156 in over sample bytes 2
[  270.378775][ T5865] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  270.410839][ T5865] usb 2-1: USB disconnect, device number 37
[  270.596353][ T5912] udevd[5912]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  270.647556][    T8] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  270.832258][    T8] usb 4-1: Using ep0 maxpacket: 8
[  270.869414][    T8] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  270.884722][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  270.901639][   T29] audit: type=1400 audit(1737638883.964:440): avc:  denied  { shutdown } for  pid=8621 comm="syz.1.736" faddr=fe80::bb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  270.934637][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  270.966459][    T8] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  270.989591][    T8] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  271.005391][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.380245][    T8] usb 4-1: GET_CAPABILITIES returned 0
[  271.405039][    T8] usbtmc 4-1:16.0: can't read capabilities
[  271.412420][ T8633] Cannot find add_set index 3 as target
[  271.545602][ T5818] Bluetooth: hci1: command 0x0c1a tx timeout
[  271.875896][ T8642] bridge0: port 3(ipvlan2) entered blocking state
[  271.883650][ T8642] bridge0: port 3(ipvlan2) entered disabled state
[  271.892995][ T8642] ipvlan2: entered allmulticast mode
[  271.898495][ T8642] bridge0: entered allmulticast mode
[  271.918108][ T8642] ipvlan2: left allmulticast mode
[  271.923263][ T8642] bridge0: left allmulticast mode
[  272.254341][ T6058] usb 4-1: USB disconnect, device number 34
[  272.345702][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout
[  272.351896][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  272.367335][ T5818] Bluetooth: hci3: command 0x0c1a tx timeout
[  272.797722][    T8] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  272.958171][    T8] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  272.968046][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.976156][    T8] usb 3-1: Product: syz
[  273.009145][    T8] usb 3-1: Manufacturer: syz
[  273.039244][    T8] usb 3-1: SerialNumber: syz
[  273.061082][    T8] usb 3-1: config 0 descriptor??
[  273.202215][   T29] audit: type=1400 audit(1737638886.264:441): avc:  denied  { read } for  pid=8653 comm="syz.1.745" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  273.275554][   T29] audit: type=1400 audit(1737638886.294:442): avc:  denied  { open } for  pid=8653 comm="syz.1.745" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  273.299239][   T29] audit: type=1400 audit(1737638886.324:443): avc:  denied  { write } for  pid=8653 comm="syz.1.745" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  273.389184][   T29] audit: type=1400 audit(1737638886.454:444): avc:  denied  { append } for  pid=8640 comm="syz.2.741" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  273.393847][    T8] usb 3-1: ignoring: probably an ADSL modem
[  273.945495][ T8650] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  273.951573][ T8650] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  273.957675][ T8650] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  273.963823][ T8650] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  274.057460][    T8] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  274.363095][    T8] usb 3-1: USB disconnect, device number 26
[  274.550952][ T8677] Cannot find add_set index 3 as target
[  274.601262][ T8674] overlayfs: missing 'lowerdir'
[  274.747437][   T29] audit: type=1400 audit(1737638887.814:445): avc:  denied  { listen } for  pid=8681 comm="syz.0.753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  274.775969][   T29] audit: type=1400 audit(1737638887.834:446): avc:  denied  { accept } for  pid=8681 comm="syz.0.753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  274.830282][   T29] audit: type=1400 audit(1737638887.884:447): avc:  denied  { shutdown } for  pid=8681 comm="syz.0.753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  275.316636][ T5818] Bluetooth: hci1: command 0x0c1a tx timeout
[  275.416276][ T8675] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  275.507971][   T29] audit: type=1400 audit(1737638888.564:448): avc:  denied  { nlmsg_read } for  pid=8688 comm="syz.2.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  275.752649][ T8698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.757'.
[  276.045599][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  276.051804][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[  276.058551][ T5818] Bluetooth: hci2: command 0x0c1a tx timeout
[  276.125591][    T8] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  276.370653][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  276.477087][    T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  276.616931][    T8] usb 5-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  277.129336][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.142257][    T8] usb 5-1: Product: syz
[  277.146813][    T8] usb 5-1: Manufacturer: syz
[  277.151649][    T8] usb 5-1: SerialNumber: syz
[  277.151975][ T8715] netlink: 12 bytes leftover after parsing attributes in process `syz.1.762'.
[  277.158671][    T8] usb 5-1: config 0 descriptor??
[  277.173402][    T8] HFC-S_USB 5-1:0.0: probe with driver HFC-S_USB failed with error -5
[  277.182085][ T8717] overlayfs: failed to resolve './file0': -2
[  279.237456][ T6058] usb 5-1: USB disconnect, device number 32
[  279.361914][ T8742] FAULT_INJECTION: forcing a failure.
[  279.361914][ T8742] name failslab, interval 1, probability 0, space 0, times 0
[  279.405559][ T8742] CPU: 0 UID: 0 PID: 8742 Comm: syz.3.770 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  279.405581][ T8742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  279.405590][ T8742] Call Trace:
[  279.405596][ T8742]  <TASK>
[  279.405601][ T8742]  dump_stack_lvl+0x16c/0x1f0
[  279.405624][ T8742]  should_fail_ex+0x497/0x5b0
[  279.405653][ T8742]  should_failslab+0xc2/0x120
[  279.405676][ T8742]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  279.405697][ T8742]  ? skb_clone+0x190/0x3f0
[  279.405722][ T8742]  skb_clone+0x190/0x3f0
[  279.405741][ T8742]  netlink_deliver_tap+0xabd/0xd30
[  279.405763][ T8742]  netlink_unicast+0x5e1/0x7f0
[  279.405786][ T8742]  ? __pfx_netlink_unicast+0x10/0x10
[  279.405809][ T8742]  netlink_sendmsg+0x8b8/0xd70
[  279.405831][ T8742]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.405859][ T8742]  ____sys_sendmsg+0xaaf/0xc90
[  279.405874][ T8742]  ? copy_msghdr_from_user+0x10b/0x160
[  279.405893][ T8742]  ? __pfx_____sys_sendmsg+0x10/0x10
[  279.405918][ T8742]  ___sys_sendmsg+0x135/0x1e0
[  279.405939][ T8742]  ? __pfx____sys_sendmsg+0x10/0x10
[  279.405969][ T8742]  ? __pfx_lock_release+0x10/0x10
[  279.405988][ T8742]  ? trace_lock_acquire+0x14e/0x1f0
[  279.406011][ T8742]  ? __fget_files+0x206/0x3a0
[  279.406037][ T8742]  __sys_sendmsg+0x16e/0x220
[  279.406059][ T8742]  ? __pfx___sys_sendmsg+0x10/0x10
[  279.406095][ T8742]  do_syscall_64+0xcd/0x250
[  279.406116][ T8742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.406137][ T8742] RIP: 0033:0x7f2796f8cd29
[  279.406150][ T8742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.406165][ T8742] RSP: 002b:00007f2797eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.406181][ T8742] RAX: ffffffffffffffda RBX: 00007f27971a5fa0 RCX: 00007f2796f8cd29
[  279.406191][ T8742] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  279.406200][ T8742] RBP: 00007f2797eb7090 R08: 0000000000000000 R09: 0000000000000000
[  279.406209][ T8742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.406218][ T8742] R13: 0000000000000000 R14: 00007f27971a5fa0 R15: 00007ffc59fdcc78
[  279.406240][ T8742]  </TASK>
[  279.406277][ T8742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.770'.
[  279.776981][ T8748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.771'.
[  280.685297][ T5913] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  281.406993][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  281.424870][ T8766] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  281.435510][   T29] audit: type=1400 audit(281.409:449): avc:  denied  { append } for  pid=8772 comm="syz.4.781" name="video8" dev="devtmpfs" ino=951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  281.458152][ T8766] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  281.464102][ T8766] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  281.472399][ T8766] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  281.481641][   T29] audit: type=1400 audit(281.449:450): avc:  denied  { write } for  pid=8772 comm="syz.4.781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  281.482247][ T5913] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  281.648810][ T5913] usb 3-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  281.679892][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.721766][   T29] audit: type=1400 audit(281.679:451): avc:  denied  { mount } for  pid=8776 comm="syz.1.782" name="/" dev="rpc_pipefs" ino=21027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  282.131373][ T5913] usb 3-1: Product: syz
[  282.157987][ T8777] 9pnet_fd: Insufficient options for proto=fd
[  282.167184][ T5913] usb 3-1: Manufacturer: syz
[  282.171807][ T5913] usb 3-1: SerialNumber: syz
[  282.181340][ T5913] usb 3-1: config 0 descriptor??
[  282.193497][ T5913] HFC-S_USB 3-1:0.0: probe with driver HFC-S_USB failed with error -5
[  282.199652][   T29] audit: type=1400 audit(282.169:452): avc:  denied  { watch } for  pid=8776 comm="syz.1.782" path="/157/file0" dev="rpc_pipefs" ino=21027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  282.245321][   T29] audit: type=1400 audit(282.189:453): avc:  denied  { unmount } for  pid=8776 comm="syz.1.782" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  282.324592][ T8786] netlink: zone id is out of range
[  282.333653][ T8786] netlink: zone id is out of range
[  282.338902][ T8786] netlink: zone id is out of range
[  282.344506][ T8786] netlink: zone id is out of range
[  282.377360][ T8786] netlink: set zone limit has 8 unknown bytes
[  282.779455][ T8792] netlink: 12 bytes leftover after parsing attributes in process `syz.4.786'.
[  282.993823][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  283.905805][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  283.911911][ T5818] Bluetooth: hci3: command 0x0c1a tx timeout
[  283.911921][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout
[  283.925063][ T6058] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  283.925125][ T5913] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  284.007241][ T5870] usb 3-1: USB disconnect, device number 27
[  284.155794][ T6058] usb 4-1: Using ep0 maxpacket: 8
[  284.155918][ T8807] binder: BINDER_SET_CONTEXT_MGR already set
[  284.164330][ T6058] usb 4-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d9.40
[  284.167203][ T8807] binder: 8806:8807 ioctl 4018620d 200001c0 returned -16
[  284.181485][ T6058] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.191902][ T5913] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  284.192301][ T6058] usb 4-1: Product: syz
[  284.270104][ T6058] usb 4-1: Manufacturer: syz
[  284.270357][ T5913] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  284.278760][ T8810] Cannot find add_set index 3 as target
[  284.308684][ T6058] usb 4-1: SerialNumber: syz
[  284.308892][ T5913] usb 2-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00
[  284.340808][ T5913] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.342712][ T6058] usb 4-1: config 0 descriptor??
[  284.348964][    T8] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  284.445577][   T29] audit: type=1400 audit(284.369:454): avc:  denied  { open } for  pid=8804 comm="syz.4.791" path="/dev/ptyqd" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  284.468415][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.508894][   T29] audit: type=1400 audit(284.399:455): avc:  denied  { ioctl } for  pid=8804 comm="syz.4.791" path="/dev/ptyqd" dev="devtmpfs" ino=132 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  284.509727][ T5913] usb 2-1: config 0 descriptor??
[  284.533190][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.545654][   T29] audit: type=1400 audit(284.399:456): avc:  denied  { read } for  pid=8806 comm="syz.2.792" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  284.567471][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.716529][   T29] audit: type=1400 audit(284.409:457): avc:  denied  { open } for  pid=8806 comm="syz.2.792" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  284.752208][    T8] usb 1-1: config index 0 descriptor too short (expected 45, got 36)
[  284.783781][    T8] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  284.807034][ T6058] usb 4-1: USB disconnect, device number 35
[  284.845392][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  284.850476][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.872991][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  284.885300][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  284.926500][    T8] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  284.937999][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.993732][    T8] usb 1-1: config 0 descriptor??
[  285.006892][ T8801] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  285.892803][ T5912] udevd[5912]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  285.968235][ T5913] usbhid 2-1:0.0: can't add hid device: -71
[  286.015514][ T5913] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  286.116670][ T8822] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  286.358001][    T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd
[  286.376183][ T5913] usb 2-1: USB disconnect, device number 38
[  286.415445][    T8] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  286.433436][    T8] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  286.742554][ T5913] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  286.831205][   T29] audit: type=1400 audit(286.799:458): avc:  denied  { execute } for  pid=8800 comm="syz.0.789" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=21782 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  286.975409][ T5913] usb 2-1: Using ep0 maxpacket: 32
[  286.997042][ T5913] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  287.005157][ T5913] usb 2-1: config 0 has no interface number 0
[  287.015626][ T6058] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  287.036637][ T5913] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  287.059918][ T5913] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.081977][ T5913] usb 2-1: Product: syz
[  287.087417][ T5913] usb 2-1: Manufacturer: syz
[  287.095199][ T5913] usb 2-1: SerialNumber: syz
[  287.105899][ T5913] usb 2-1: config 0 descriptor??
[  287.118490][ T5913] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  287.144623][ T8837] syz_tun: entered allmulticast mode
[  287.150743][ T5865] usb 1-1: USB disconnect, device number 29
[  287.177621][ T6058] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.198613][ T6058] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.217664][ T6058] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  287.225519][ T8838] netlink: 'syz.4.801': attribute type 1 has an invalid length.
[  287.235891][ T8837] syz_tun (unregistering): left allmulticast mode
[  287.237285][ T6058] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.259664][ T6058] usb 3-1: config 0 descriptor??
[  287.323156][ T5913] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  287.338855][ T5913] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  287.488452][ T5870] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  287.699432][ T6058] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  287.700646][ T5870] usb 5-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  287.715595][ T6058] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  287.747004][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.750955][ T6058] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0004/input/input23
[  287.755119][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 8
[  287.775122][ T6058] cm6533_jd 0003:0D8C:0022.0004: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  288.090238][ T5870] usb 5-1: config 0 descriptor??
[  288.906562][ T6058] usb 3-1: reset high-speed USB device number 28 using dummy_hcd
[  288.928286][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  288.937371][   T25] usb 2-1: USB disconnect, device number 39
[  288.946387][ T5870] hackrf 5-1:0.0: usb_control_msg() failed -71 request 0e
[  288.955126][   T25] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  288.959367][ T5870] hackrf 5-1:0.0: Could not detect board
[  288.982153][ T5870] hackrf 5-1:0.0: probe with driver hackrf failed with error -71
[  288.987270][   T25] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  289.013168][ T5870] usb 5-1: USB disconnect, device number 33
[  289.017306][   T25] quatech2 2-1:0.51: device disconnected
[  289.053561][   T29] audit: type=1400 audit(289.019:459): avc:  denied  { load_policy } for  pid=8854 comm="syz.3.804" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  289.074000][ T8855] SELinux:  policydb magic number 0x37cff8c does not match expected magic number 0xf97cff8c
[  289.086859][ T8855] SELinux: failed to load policy
[  289.256358][ T8865] FAULT_INJECTION: forcing a failure.
[  289.256358][ T8865] name failslab, interval 1, probability 0, space 0, times 0
[  289.274745][ T8865] CPU: 0 UID: 0 PID: 8865 Comm: syz.3.807 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  289.274769][ T8865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  289.274779][ T8865] Call Trace:
[  289.274784][ T8865]  <TASK>
[  289.274790][ T8865]  dump_stack_lvl+0x16c/0x1f0
[  289.274815][ T8865]  should_fail_ex+0x497/0x5b0
[  289.274831][ T8865]  ? fs_reclaim_acquire+0xae/0x150
[  289.274852][ T8865]  should_failslab+0xc2/0x120
[  289.274876][ T8865]  __kmalloc_noprof+0xcb/0x510
[  289.274897][ T8865]  ? d_absolute_path+0x137/0x1b0
[  289.274919][ T8865]  ? rcu_is_watching+0x12/0xc0
[  289.274938][ T8865]  tomoyo_encode2+0x100/0x3e0
[  289.274965][ T8865]  tomoyo_encode+0x29/0x50
[  289.274986][ T8865]  tomoyo_realpath_from_path+0x19d/0x720
[  289.275017][ T8865]  tomoyo_path_number_perm+0x248/0x590
[  289.275036][ T8865]  ? tomoyo_path_number_perm+0x235/0x590
[  289.275059][ T8865]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  289.275101][ T8865]  ? __pfx_lock_release+0x10/0x10
[  289.275120][ T8865]  ? trace_lock_acquire+0x14e/0x1f0
[  289.275140][ T8865]  ? lock_acquire+0x2f/0xb0
[  289.275158][ T8865]  ? __fget_files+0x40/0x3a0
[  289.275180][ T8865]  ? __fget_files+0x206/0x3a0
[  289.275202][ T8865]  security_file_ioctl+0x9b/0x240
[  289.275229][ T8865]  __x64_sys_ioctl+0xb7/0x200
[  289.275247][ T8865]  do_syscall_64+0xcd/0x250
[  289.275269][ T8865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.275291][ T8865] RIP: 0033:0x7f2796f8c92b
[  289.275305][ T8865] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  289.275321][ T8865] RSP: 002b:00007f2797eb4f10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  289.275340][ T8865] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f2796f8c92b
[  289.275349][ T8865] RDX: 00007f2797eb5fe0 RSI: 0000000041015500 RDI: 0000000000000004
[  289.275358][ T8865] RBP: 00007f2797eb5fe0 R08: 0000000000000000 R09: 00332e6364755f79
[  289.275367][ T8865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  289.275376][ T8865] R13: 00007f2797eb4fb0 R14: 0000000020000000 R15: 00007f27972d0320
[  289.275397][ T8865]  </TASK>
[  289.500818][ T8865] ERROR: Out of memory at tomoyo_realpath_from_path.
[  289.745499][ T5870] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  289.776351][   T29] audit: type=1400 audit(289.749:460): avc:  denied  { write } for  pid=8866 comm="syz.0.808" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  289.928187][ T5870] usb 4-1: Using ep0 maxpacket: 32
[  290.080406][ T5870] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  290.091187][ T5870] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  290.105936][ T5870] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  290.119615][ T5870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  290.129619][ T5870] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  290.185644][ T5870] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  290.217848][ T5870] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  290.255489][ T5870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.294553][ T5870] usb 4-1: config 0 descriptor??
[  290.633284][   T29] audit: type=1400 audit(290.549:461): avc:  denied  { connect } for  pid=8876 comm="syz.2.811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  290.983937][ T5870] usblp 4-1:0.0: usblp1: USB Bidirectional printer dev 36 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  291.033938][   T25] usb 4-1: USB disconnect, device number 36
[  291.049890][ T5865] usb 3-1: USB disconnect, device number 28
[  291.058192][   T25] usblp1: removed
[  291.325509][   T29] audit: type=1400 audit(291.259:462): avc:  denied  { getopt } for  pid=8884 comm="syz.4.813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  291.346796][   T29] audit: type=1400 audit(291.279:463): avc:  denied  { ioctl } for  pid=8884 comm="syz.4.813" path="socket:[21955]" dev="sockfs" ino=21955 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  291.530888][   T29] audit: type=1400 audit(291.289:465): avc:  denied  { ioctl } for  pid=8884 comm="syz.4.813" path="socket:[21956]" dev="sockfs" ino=21956 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  292.040641][   T29] audit: type=1400 audit(291.289:464): avc:  denied  { ioctl } for  pid=8884 comm="syz.4.813" path="socket:[21956]" dev="sockfs" ino=21956 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  292.139864][   T29] audit: type=1400 audit(292.049:466): avc:  denied  { ioctl } for  pid=8895 comm="syz.0.816" path="/dev/btrfs-control" dev="devtmpfs" ino=1309 ioctlcmd=0x9404 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  292.177364][ T5913] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  292.198823][   T29] audit: type=1400 audit(292.109:467): avc:  denied  { create } for  pid=8899 comm="syz.3.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  292.240115][   T29] audit: type=1400 audit(292.109:468): avc:  denied  { ioctl } for  pid=8899 comm="syz.3.818" path="socket:[21977]" dev="sockfs" ino=21977 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  292.298515][ T8906] Cannot find add_set index 3 as target
[  292.346364][ T5913] usb 5-1: Using ep0 maxpacket: 8
[  292.356617][ T5913] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  292.366658][ T5913] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  292.382775][ T5913] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  292.409525][   T29] audit: type=1400 audit(292.369:469): avc:  denied  { append } for  pid=8910 comm="syz.1.822" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  292.435304][ T5913] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  292.448768][ T5913] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  292.458608][ T5913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.708688][ T5913] usb 5-1: GET_CAPABILITIES returned 0
[  292.746263][ T5913] usbtmc 5-1:16.0: can't read capabilities
[  292.994205][ T8921] Cannot find add_set index 3 as target
[  293.054512][ T8925] bridge0: port 3(ipvlan0) entered blocking state
[  293.061313][ T8925] bridge0: port 3(ipvlan0) entered disabled state
[  293.068610][ T8925] ipvlan0: entered allmulticast mode
[  293.073990][ T8925] bridge0: entered allmulticast mode
[  293.084422][ T8925] ipvlan0: left allmulticast mode
[  293.089610][ T8925] bridge0: left allmulticast mode
[  293.225450][ T5865] usb 2-1: new low-speed USB device number 40 using dummy_hcd
[  293.401509][ T5865] usb 2-1: No LPM exit latency info found, disabling LPM.
[  293.412302][ T5865] usb 2-1: config 1 interface 0 altsetting 60 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  293.426183][ T5865] usb 2-1: config 1 interface 0 has no altsetting 0
[  293.438765][ T5865] usb 2-1: string descriptor 0 read error: -22
[  293.444946][ T5865] usb 2-1: New USB device found, idVendor=17ef, idProduct=60b5, bcdDevice= 0.40
[  293.478217][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.522788][ T5870] usb 5-1: USB disconnect, device number 34
[  294.052069][ T5865] usbhid 2-1:1.0: can't add hid device: -71
[  294.060011][ T5865] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  294.077326][ T5865] usb 2-1: USB disconnect, device number 40
[  294.187091][ T8937] netlink: 20 bytes leftover after parsing attributes in process `syz.2.829'.
[  294.507715][ T6058] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  294.675852][ T6058] usb 1-1: Using ep0 maxpacket: 8
[  294.695646][ T6058] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  294.760619][ T6058] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  294.870383][ T6058] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  294.925471][ T6058] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  294.970508][ T6058] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  295.021197][ T6058] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.023011][   T29] audit: type=1326 audit(294.989:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.836" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2796f8cd29 code=0x0
[  295.125472][ T5913] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  295.157420][ T8964] fuse: Bad value for 'fd'
[  295.215399][ T5870] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  295.268295][ T6058] usb 1-1: GET_CAPABILITIES returned 0
[  295.276823][ T5913] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  295.303648][ T5913] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  295.325720][ T6058] usbtmc 1-1:16.0: can't read capabilities
[  295.366103][ T5870] usb 2-1: Using ep0 maxpacket: 16
[  295.390135][ T5913] usb 3-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  295.423782][ T5870] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  295.461675][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.620896][ T5870] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  295.761845][ T5913] usb 3-1: Product: syz
[  295.829297][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.848907][ T5913] usb 3-1: Manufacturer: syz
[  295.851375][ T6058] usb 1-1: USB disconnect, device number 30
[  295.870906][ T5913] usb 3-1: SerialNumber: syz
[  295.875661][ T5870] usb 2-1: Product: syz
[  295.887594][ T5870] usb 2-1: Manufacturer: syz
[  295.893270][ T5913] usb 3-1: config 0 descriptor??
[  295.898383][ T5870] usb 2-1: SerialNumber: syz
[  295.904812][ T5913] HFC-S_USB 3-1:0.0: probe with driver HFC-S_USB failed with error -5
[  295.953334][ T5870] usb 2-1: config 0 descriptor??
[  295.980824][ T5870] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  295.989036][ T5870] usb 2-1: Detected FT232R
[  296.839822][ T5870] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  296.855685][ T5870] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  296.872002][ T5870] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[  296.880193][ T5870] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  296.892983][ T5870] usb 2-1: USB disconnect, device number 41
[  296.916613][ T5870] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  296.949180][ T5870] ftdi_sio 2-1:0.0: device disconnected
[  298.415506][ T6058] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  298.630822][ T6058] usb 1-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  298.645394][ T6058] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.657902][    T8] usb 3-1: USB disconnect, device number 29
[  298.664412][ T6058] usb 1-1: config 0 descriptor??
[  298.845466][ T5870] usb 2-1: new low-speed USB device number 42 using dummy_hcd
[  298.893313][   T29] audit: type=1400 audit(298.859:471): avc:  denied  { write } for  pid=8974 comm="syz.0.840" path="socket:[22214]" dev="sockfs" ino=22214 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  298.925574][ T6058] hackrf 1-1:0.0: usb_control_msg() failed -71 request 0e
[  298.946208][ T6058] hackrf 1-1:0.0: Could not detect board
[  298.970292][ T6058] hackrf 1-1:0.0: probe with driver hackrf failed with error -71
[  298.995300][ T6058] usb 1-1: USB disconnect, device number 31
[  299.017739][ T5870] usb 2-1: No LPM exit latency info found, disabling LPM.
[  299.105565][ T5870] usb 2-1: config 1 interface 0 altsetting 60 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  299.181522][ T5870] usb 2-1: config 1 interface 0 has no altsetting 0
[  299.211627][ T5870] usb 2-1: string descriptor 0 read error: -22
[  299.223174][ T5870] usb 2-1: New USB device found, idVendor=17ef, idProduct=60b5, bcdDevice= 0.40
[  299.259023][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.505791][ T5870] usbhid 2-1:1.0: can't add hid device: -71
[  299.511822][ T5870] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  299.540653][ T5870] usb 2-1: USB disconnect, device number 42
[  299.605538][ T6058] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  299.915423][ T6058] usb 5-1: Using ep0 maxpacket: 8
[  299.943657][ T6058] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  299.959955][ T6058] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  300.003419][ T6058] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  300.304801][ T6058] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  300.350185][   T29] audit: type=1400 audit(300.299:472): avc:  denied  { bind } for  pid=9002 comm="syz.0.849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  300.385488][ T6058] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  300.394569][ T6058] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.407525][   T29] audit: type=1400 audit(300.299:473): avc:  denied  { setopt } for  pid=9002 comm="syz.0.849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  300.431381][   T29] audit: type=1400 audit(300.299:474): avc:  denied  { write } for  pid=9002 comm="syz.0.849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  300.454148][   T29] audit: type=1400 audit(300.299:475): avc:  denied  { read } for  pid=9002 comm="syz.0.849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  300.509901][ T9016] netlink: 4 bytes leftover after parsing attributes in process `syz.2.852'.
[  300.590957][ T9019] netlink: 4 bytes leftover after parsing attributes in process `syz.1.853'.
[  300.659764][ T6058] usb 5-1: GET_CAPABILITIES returned 0
[  300.665386][ T6058] usbtmc 5-1:16.0: can't read capabilities
[  300.778248][ T9011] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  300.788086][ T9011] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  300.794181][ T9011] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  300.800929][ T9011] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  301.162851][ T9026] bridge0: port 3(ipvlan0) entered blocking state
[  301.169727][ T9026] bridge0: port 3(ipvlan0) entered disabled state
[  301.178329][ T9026] ipvlan0: entered allmulticast mode
[  301.183939][ T9026] bridge0: entered allmulticast mode
[  301.196740][ T9026] ipvlan0: left allmulticast mode
[  301.201981][ T9026] bridge0: left allmulticast mode
[  301.269648][ T5870] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  301.735918][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  301.761870][ T5870] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  301.781021][ T5870] usb 3-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  302.020607][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.184934][    T8] usb 5-1: USB disconnect, device number 35
[  302.192116][ T5870] usb 3-1: Product: syz
[  302.205437][ T5870] usb 3-1: Manufacturer: syz
[  302.212360][ T5870] usb 3-1: SerialNumber: syz
[  302.235423][ T5870] usb 3-1: config 0 descriptor??
[  302.253894][ T5870] HFC-S_USB 3-1:0.0: probe with driver HFC-S_USB failed with error -5
[  302.425492][ T5143] Bluetooth: hci1: command 0x0c1a tx timeout
[  302.850577][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout
[  302.851534][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[  302.851625][ T5818] Bluetooth: hci4: command 0x0c1a tx timeout
[  303.435415][ T5870] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  303.537331][ T5865] usb 3-1: USB disconnect, device number 30
[  303.608788][ T5870] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  303.625772][ T9068] FAULT_INJECTION: forcing a failure.
[  303.625772][ T9068] name failslab, interval 1, probability 0, space 0, times 0
[  303.646976][ T5870] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  303.659576][ T9068] CPU: 0 UID: 0 PID: 9068 Comm: syz.2.868 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  303.659596][ T9068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  303.659603][ T9068] Call Trace:
[  303.659607][ T9068]  <TASK>
[  303.659613][ T9068]  dump_stack_lvl+0x16c/0x1f0
[  303.659633][ T9068]  should_fail_ex+0x497/0x5b0
[  303.659647][ T9068]  ? fs_reclaim_acquire+0xae/0x150
[  303.659663][ T9068]  should_failslab+0xc2/0x120
[  303.659685][ T9068]  __kmalloc_node_noprof+0xd1/0x510
[  303.659703][ T9068]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  303.659721][ T9068]  __kvmalloc_node_noprof+0xad/0x1a0
[  303.659738][ T9068]  io_uring_setup+0x649/0x33d0
[  303.659756][ T9068]  ? __pfx_io_uring_setup+0x10/0x10
[  303.659772][ T9068]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  303.659789][ T9068]  ? __fget_files+0x206/0x3a0
[  303.659810][ T9068]  ? ksys_write+0x1ba/0x250
[  303.659824][ T9068]  ? __pfx_ksys_write+0x10/0x10
[  303.659842][ T9068]  __x64_sys_io_uring_setup+0x98/0x140
[  303.659857][ T9068]  do_syscall_64+0xcd/0x250
[  303.659872][ T9068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.659888][ T9068] RIP: 0033:0x7f020c18cd29
[  303.659899][ T9068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.659911][ T9068] RSP: 002b:00007f020cfc3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  303.659923][ T9068] RAX: ffffffffffffffda RBX: 00007f020c3a5fa0 RCX: 00007f020c18cd29
[  303.659932][ T9068] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000002012
[  303.659939][ T9068] RBP: 00007f020cfc3090 R08: 0000000000000000 R09: 0000000000000000
[  303.659946][ T9068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.659954][ T9068] R13: 0000000000000000 R14: 00007f020c3a5fa0 R15: 00007fff7aa55678
[  303.659969][ T9068]  </TASK>
[  303.853342][ T5870] usb 1-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  303.862690][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.870822][ T5870] usb 1-1: Product: syz
[  303.875044][ T5870] usb 1-1: Manufacturer: syz
[  303.879783][ T5870] usb 1-1: SerialNumber: syz
[  303.930133][    T8] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  303.939272][ T5870] usb 1-1: config 0 descriptor??
[  303.954601][ T5870] HFC-S_USB 1-1:0.0: probe with driver HFC-S_USB failed with error -5
[  304.407653][    T8] usb 4-1: Using ep0 maxpacket: 8
[  304.441033][    T8] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  304.510139][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  304.559245][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  304.615510][    T8] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  304.628962][    T8] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  304.638901][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.747710][ T5865] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  304.859405][ T6058] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  304.920354][    T8] usb 4-1: GET_CAPABILITIES returned 0
[  304.947824][    T8] usbtmc 4-1:16.0: can't read capabilities
[  305.199903][ T9089] bridge0: port 3(ipvlan2) entered blocking state
[  305.206569][ T9089] bridge0: port 3(ipvlan2) entered disabled state
[  305.213245][ T9089] ipvlan2: entered allmulticast mode
[  305.218720][ T9089] bridge0: entered allmulticast mode
[  305.226511][ T9089] ipvlan2: left allmulticast mode
[  305.226680][ T5865] usb 5-1: Using ep0 maxpacket: 32
[  305.237095][ T9089] bridge0: left allmulticast mode
[  305.244673][ T5865] usb 5-1: unable to read config index 0 descriptor/start: -61
[  305.252722][ T5865] usb 5-1: can't read configurations, error -61
[  305.275486][ T6058] usb 2-1: Using ep0 maxpacket: 32
[  305.415466][ T6058] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  305.428324][ T6058] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  305.446143][ T6058] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  305.455631][ T6058] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  305.484031][ T5865] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  305.494478][ T6058] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  305.572395][ T6058] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  305.618896][ T6058] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  305.705525][ T6058] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.733648][ T6058] usb 2-1: config 0 descriptor??
[  305.753362][ T5870] usb 4-1: USB disconnect, device number 37
[  305.765491][ T5865] usb 5-1: Using ep0 maxpacket: 32
[  305.772621][ T5865] usb 5-1: unable to read config index 0 descriptor/start: -61
[  305.881496][ T5865] usb 5-1: can't read configurations, error -61
[  306.100448][ T5865] usb usb5-port1: attempt power cycle
[  306.217917][ T6058] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 43 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  306.324478][   T29] audit: type=1400 audit(306.289:476): avc:  denied  { bind } for  pid=9095 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  306.355745][   T29] audit: type=1400 audit(306.299:477): avc:  denied  { listen } for  pid=9095 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  306.362766][ T6058] usb 1-1: USB disconnect, device number 32
[  306.375097][   T29] audit: type=1400 audit(306.299:478): avc:  denied  { accept } for  pid=9095 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  306.428684][   T29] audit: type=1400 audit(306.399:479): avc:  denied  { read write } for  pid=9083 comm="syz.1.872" name="lp0" dev="devtmpfs" ino=3149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  306.449260][   T25] usb 2-1: USB disconnect, device number 43
[  306.452862][   T29] audit: type=1400 audit(306.399:480): avc:  denied  { open } for  pid=9083 comm="syz.1.872" path="/dev/usb/lp0" dev="devtmpfs" ino=3149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  306.484447][   T25] usblp0: removed
[  306.521791][ T5865] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  306.569889][ T5865] usb 5-1: Using ep0 maxpacket: 32
[  306.733620][ T5865] usb 5-1: unable to read config index 0 descriptor/start: -61
[  306.741498][ T5865] usb 5-1: can't read configurations, error -61
[  306.975663][ T6058] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  307.010110][ T5865] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  307.046680][ T5865] usb 5-1: Using ep0 maxpacket: 32
[  307.059404][ T5865] usb 5-1: unable to read config index 0 descriptor/start: -61
[  307.074280][ T5865] usb 5-1: can't read configurations, error -61
[  307.085960][ T5865] usb usb5-port1: unable to enumerate USB device
[  307.145494][ T6058] usb 1-1: Using ep0 maxpacket: 32
[  307.156103][ T6058] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  307.165548][ T6058] usb 1-1: config 0 has no interface number 0
[  307.184230][ T6058] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  307.262494][ T6058] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.271039][ T6058] usb 1-1: Product: syz
[  307.305265][ T6058] usb 1-1: Manufacturer: syz
[  307.325958][ T6058] usb 1-1: SerialNumber: syz
[  307.346179][ T6058] usb 1-1: config 0 descriptor??
[  307.361056][ T6058] smsc95xx v2.0.0
[  307.856063][   T29] audit: type=1400 audit(307.799:481): avc:  denied  { listen } for  pid=9100 comm="syz.0.878" lport=47357 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  307.972004][   T29] audit: type=1400 audit(307.849:482): avc:  denied  { accept } for  pid=9100 comm="syz.0.878" lport=47357 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  308.569412][ T9122] netlink: 4 bytes leftover after parsing attributes in process `syz.4.881'.
[  308.875545][ T5870] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  309.372771][ T5870] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  309.383142][ T5870] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  309.425176][ T5870] usb 5-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  309.434559][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.457681][ T5870] usb 5-1: Product: syz
[  309.469630][ T5870] usb 5-1: Manufacturer: syz
[  309.483793][ T5870] usb 5-1: SerialNumber: syz
[  309.500175][ T5870] usb 5-1: config 0 descriptor??
[  309.514065][ T5870] HFC-S_USB 5-1:0.0: probe with driver HFC-S_USB failed with error -5
[  310.620037][ T9152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.889'.
[  310.804162][ T6058] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  310.823013][ T6058] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  310.835420][ T6058] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  310.848485][ T6058] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  310.866742][ T6058] usb 1-1: USB disconnect, device number 33
[  311.419547][ T5870] usb 5-1: USB disconnect, device number 40
[  311.489390][    T9] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  311.698153][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  311.715111][ T9173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.895'.
[  311.718626][    T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  311.823457][    T9] usb 4-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  311.833060][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.842851][    T9] usb 4-1: Product: syz
[  311.847222][    T9] usb 4-1: Manufacturer: syz
[  311.851913][    T9] usb 4-1: SerialNumber: syz
[  311.856808][    T8] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  311.875753][    T9] usb 4-1: config 0 descriptor??
[  311.894085][    T9] HFC-S_USB 4-1:0.0: probe with driver HFC-S_USB failed with error -5
[  311.936933][ T9175] Cannot find add_set index 3 as target
[  312.016678][    T8] usb 1-1: Using ep0 maxpacket: 16
[  312.021969][ T2144] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  312.030207][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.050802][    T8] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  312.071358][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.090375][    T8] usb 1-1: config 0 descriptor??
[  312.221266][ T2144] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  312.232705][ T2144] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  312.248037][ T2144] usb 3-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  312.257642][ T2144] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.266578][ T2144] usb 3-1: Product: syz
[  312.388674][ T2144] usb 3-1: Manufacturer: syz
[  312.393440][ T2144] usb 3-1: SerialNumber: syz
[  312.413807][ T2144] usb 3-1: config 0 descriptor??
[  312.416982][   T29] audit: type=1400 audit(312.379:483): avc:  denied  { read write } for  pid=9159 comm="syz.0.893" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  312.441461][    C0] vkms_vblank_simulate: vblank timer overrun
[  312.650347][ T9184] bond0: entered promiscuous mode
[  312.655519][ T9184] bond_slave_0: entered promiscuous mode
[  312.662999][ T9184] bond_slave_1: entered promiscuous mode
[  312.706274][   T29] audit: type=1400 audit(312.379:484): avc:  denied  { open } for  pid=9159 comm="syz.0.893" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  313.169551][ T2144] HFC-S_USB 3-1:0.0: probe with driver HFC-S_USB failed with error -5
[  313.245765][ T2144] usb 4-1: USB disconnect, device number 38
[  313.492816][ T9194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.899'.
[  313.850656][ T9195] tmpfs: Bad value for 'mpol'
[  314.180406][    T8] usbhid 1-1:0.0: can't add hid device: -71
[  314.186483][    T8] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  314.199305][    T8] usb 1-1: USB disconnect, device number 34
[  314.565585][ T2144] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  315.066445][    T8] usb 3-1: USB disconnect, device number 31
[  315.255388][ T2144] usb 4-1: Using ep0 maxpacket: 32
[  315.303551][ T2144] usb 4-1: config 129 has an invalid interface number: 190 but max is 0
[  315.331929][ T9209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.903'.
[  315.377532][ T2144] usb 4-1: config 129 has no interface number 0
[  315.419132][ T2144] usb 4-1: config 129 interface 190 has no altsetting 0
[  315.440642][ T2144] usb 4-1: New USB device found, idVendor=04b4, idProduct=931d, bcdDevice=b8.db
[  315.459007][ T2144] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.482390][ T2144] usb 4-1: Product: syz
[  315.501381][ T2144] usb 4-1: Manufacturer: syz
[  315.511513][ T2144] usb 4-1: SerialNumber: syz
[  315.585464][    T8] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  315.645450][ T5870] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  315.810267][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  315.832180][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  316.244787][    T8] usb 1-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  316.254551][ T5870] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  316.274438][ T5870] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  316.287821][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.296168][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.304416][    T8] usb 1-1: Product: syz
[  316.308794][    T8] usb 1-1: Manufacturer: syz
[  316.315622][    T8] usb 1-1: SerialNumber: syz
[  316.320904][ T5870] usb 2-1: config 0 descriptor??
[  316.330282][    T8] usb 1-1: config 0 descriptor??
[  316.344309][ T5870] pwc: Askey VC010 type 2 USB webcam detected.
[  316.356662][    T8] HFC-S_USB 1-1:0.0: probe with driver HFC-S_USB failed with error -5
[  316.751392][ T5870] pwc: recv_control_msg error -32 req 02 val 2b00
[  316.800440][ T5870] pwc: recv_control_msg error -32 req 02 val 2700
[  316.801793][ T2144] usb 4-1: can't set first interface for hiFace device.
[  316.818938][ T5870] pwc: recv_control_msg error -32 req 02 val 2c00
[  316.831083][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  316.860657][ T2144] snd-usb-hiface 4-1:129.190: probe with driver snd-usb-hiface failed with error -5
[  316.915978][ T2144] usb 4-1: USB disconnect, device number 39
[  317.059691][ T9224] Cannot find add_set index 3 as target
[  317.147986][ T9230] netlink: 300 bytes leftover after parsing attributes in process `syz.1.905'.
[  317.210508][ T5870] pwc: recv_control_msg error -71 req 04 val 1300
[  317.230805][ T5870] pwc: recv_control_msg error -71 req 04 val 1400
[  317.248252][ T5870] pwc: recv_control_msg error -71 req 02 val 2000
[  317.274922][ T5870] pwc: recv_control_msg error -71 req 02 val 2100
[  317.294299][ T5870] pwc: recv_control_msg error -71 req 04 val 1500
[  317.317297][ T5870] pwc: recv_control_msg error -71 req 02 val 2500
[  317.337410][ T5870] pwc: recv_control_msg error -71 req 02 val 2400
[  317.358965][ T5870] pwc: recv_control_msg error -71 req 02 val 2600
[  317.375289][ T5870] pwc: recv_control_msg error -71 req 02 val 2900
[  317.459513][ T9233] syz.3.909: attempt to access beyond end of device
[  317.459513][ T9233] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  317.528252][ T5870] pwc: recv_control_msg error -71 req 02 val 2800
[  317.779670][ T5870] pwc: recv_control_msg error -71 req 04 val 1100
[  317.811317][ T5870] pwc: recv_control_msg error -71 req 04 val 1200
[  317.834770][ T5870] pwc: Registered as video103.
[  317.861207][ T5870] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input24
[  318.042654][ T5870] usb 2-1: USB disconnect, device number 44
[  318.327056][   T29] audit: type=1400 audit(318.219:485): avc:  denied  { listen } for  pid=9234 comm="syz.1.910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  318.371799][    T8] usb 1-1: USB disconnect, device number 35
[  318.753057][ T9249] FAULT_INJECTION: forcing a failure.
[  318.753057][ T9249] name failslab, interval 1, probability 0, space 0, times 0
[  318.765982][ T9249] CPU: 0 UID: 0 PID: 9249 Comm: syz.1.914 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  318.766002][ T9249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  318.766011][ T9249] Call Trace:
[  318.766016][ T9249]  <TASK>
[  318.766022][ T9249]  dump_stack_lvl+0x16c/0x1f0
[  318.766045][ T9249]  should_fail_ex+0x497/0x5b0
[  318.766061][ T9249]  ? fs_reclaim_acquire+0xae/0x150
[  318.766080][ T9249]  should_failslab+0xc2/0x120
[  318.766105][ T9249]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  318.766128][ T9249]  ? getname_flags.part.0+0x4c/0x550
[  318.766144][ T9249]  ? build_open_flags+0x22a/0x690
[  318.766171][ T9249]  getname_flags.part.0+0x4c/0x550
[  318.766189][ T9249]  getname+0x8d/0xe0
[  318.766207][ T9249]  do_sys_openat2+0x104/0x1e0
[  318.766231][ T9249]  ? __pfx_do_sys_openat2+0x10/0x10
[  318.766258][ T9249]  ? __fget_files+0x206/0x3a0
[  318.766283][ T9249]  __x64_sys_openat+0x175/0x210
[  318.766298][ T9249]  ? __pfx___x64_sys_openat+0x10/0x10
[  318.766312][ T9249]  ? ksys_write+0x1ba/0x250
[  318.766339][ T9249]  do_syscall_64+0xcd/0x250
[  318.766361][ T9249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.766383][ T9249] RIP: 0033:0x7fbf61d8b690
[  318.766396][ T9249] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  318.766412][ T9249] RSP: 002b:00007fbf62c41b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  318.766427][ T9249] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbf61d8b690
[  318.766438][ T9249] RDX: 0000000000000000 RSI: 00007fbf62c41c10 RDI: 00000000ffffff9c
[  318.766447][ T9249] RBP: 00007fbf62c41c10 R08: 0000000000000000 R09: 002367732f766564
[  318.766464][ T9249] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  318.766473][ T9249] R13: 0000000000000000 R14: 00007fbf61fa6080 R15: 00007ffe006c64a8
[  318.766495][ T9249]  </TASK>
[  318.767873][   T29] audit: type=1400 audit(318.719:486): avc:  denied  { append } for  pid=9246 comm="syz.1.914" name="sg0" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  319.207812][    T8] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  319.625426][    T8] usb 1-1: Using ep0 maxpacket: 32
[  319.633628][    T8] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  319.647773][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.678919][ T9257] netlink: 12 bytes leftover after parsing attributes in process `syz.4.916'.
[  319.702485][    T8] usb 1-1: Product: syz
[  319.716448][    T8] usb 1-1: Manufacturer: syz
[  319.734517][    T8] usb 1-1: SerialNumber: syz
[  319.780193][    T8] usb 1-1: config 0 descriptor??
[  319.799248][    T8] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  320.093574][ T9264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.918'.
[  320.187392][ T9268] netlink: 80 bytes leftover after parsing attributes in process `syz.3.921'.
[  320.385565][ T5870] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  320.388268][ T9272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.922'.
[  320.410306][ T2144] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  320.625822][    T8] gspca_ov534_9: reg_w failed -71
[  320.665525][ T5865] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  320.675748][ T5870] usb 3-1: Using ep0 maxpacket: 16
[  320.683365][ T5870] usb 3-1: config 0 interface 0 altsetting 249 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  320.694800][ T5870] usb 3-1: config 0 interface 0 altsetting 249 endpoint 0x81 has invalid wMaxPacketSize 0
[  320.696742][ T2144] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  320.705263][ T5870] usb 3-1: config 0 interface 0 has no altsetting 0
[  320.717843][ T2144] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  320.721668][ T5870] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  320.735958][ T2144] usb 2-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  320.740311][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.752861][ T2144] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.771436][ T2144] usb 2-1: Product: syz
[  320.771513][ T5870] usb 3-1: config 0 descriptor??
[  320.775992][ T2144] usb 2-1: Manufacturer: syz
[  320.785292][ T2144] usb 2-1: SerialNumber: syz
[  320.800344][ T2144] usb 2-1: config 0 descriptor??
[  320.808754][ T2144] HFC-S_USB 2-1:0.0: probe with driver HFC-S_USB failed with error -5
[  320.836881][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  320.847349][ T5865] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  320.862166][ T5865] usb 4-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=69.70
[  320.871394][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.881377][ T5865] usb 4-1: Product: syz
[  320.885716][ T5865] usb 4-1: Manufacturer: syz
[  320.890489][ T5865] usb 4-1: SerialNumber: syz
[  320.915297][ T5865] usb 4-1: config 0 descriptor??
[  320.922863][ T5865] HFC-S_USB 4-1:0.0: probe with driver HFC-S_USB failed with error -5
[  320.958532][ T9274] use of bytesused == 0 is deprecated and will be removed in the future,
[  320.965535][    T8] gspca_ov534_9: Unknown sensor 0000
[  320.967191][    T8] ov534_9 1-1:0.0: probe with driver ov534_9 failed with error -22
[  320.967332][ T9274] use the actual size instead.
[  320.980487][    T8] usb 1-1: USB disconnect, device number 36
[  321.567525][ T9293] netlink: 'syz.2.920': attribute type 10 has an invalid length.
[  321.581672][   T29] audit: type=1400 audit(321.529:487): avc:  denied  { write } for  pid=9262 comm="syz.2.920" name="btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  321.688649][ T9293] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  322.040179][ T5870] hid-picolcd 0003:04D8:F002.0005: unexpected long global item
[  322.092211][ T5870] hid-picolcd 0003:04D8:F002.0005: device report parse failed
[  322.112395][ T5870] hid-picolcd 0003:04D8:F002.0005: probe with driver hid-picolcd failed with error -22
[  322.345542][ T2144] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  322.415396][ T5870] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  322.505566][ T2144] usb 1-1: Using ep0 maxpacket: 8
[  322.517312][ T2144] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  322.530141][ T2144] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  322.541250][ T2144] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  322.555023][ T2144] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  322.555389][ T5870] usb 5-1: device descriptor read/64, error -71
[  322.572550][ T2144] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  322.583930][ T2144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.805502][ T2144] usb 1-1: GET_CAPABILITIES returned 0
[  322.811308][ T2144] usbtmc 1-1:16.0: can't read capabilities
[  322.825635][ T5870] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  322.965438][ T5870] usb 5-1: device descriptor read/64, error -71
[  323.171518][ T5870] usb usb5-port1: attempt power cycle
[  323.177230][    T8] usb 2-1: USB disconnect, device number 45
[  323.427905][ T5913] usb 4-1: USB disconnect, device number 40
[  323.445614][ T2144] usb 3-1: USB disconnect, device number 32
[  323.545484][ T5865] usb 1-1: USB disconnect, device number 37
[  323.945394][ T5870] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  324.168035][ T5870] usb 5-1: device descriptor read/8, error -71
[  324.294542][ T9312] Cannot find add_set index 3 as target
[  324.405565][ T5870] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  324.435864][ T5870] usb 5-1: device descriptor read/8, error -71
[  324.536519][ T6058] usb 4-1: new full-speed USB device number 41 using dummy_hcd
[  324.545809][ T5870] usb usb5-port1: unable to enumerate USB device
[  324.555459][ T5865] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  324.665482][ T2144] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  324.716978][ T6058] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 54995, setting to 64
[  324.728145][ T6058] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  324.739018][ T6058] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  324.755163][ T6058] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  324.764481][ T6058] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.772726][ T6058] usb 4-1: Product: syz
[  324.777209][ T6058] usb 4-1: Manufacturer: syz
[  324.782068][ T5865] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  324.791260][ T6058] usb 4-1: SerialNumber: syz
[  324.796250][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.805028][ T5865] usb 2-1: Product: syz
[  324.811542][ T9311] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  324.820256][ T9311] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  324.827744][ T5865] usb 2-1: Manufacturer: syz
[  324.832452][ T5865] usb 2-1: SerialNumber: syz
[  324.837412][ T2144] usb 1-1: Using ep0 maxpacket: 16
[  324.846287][ T2144] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  324.855057][ T5865] usb 2-1: config 0 descriptor??
[  324.860421][ T2144] usb 1-1: config 0 has no interface number 0
[  324.867920][ T5865] hso 2-1:0.0: Not our interface
[  324.873202][ T5865] usb-storage 2-1:0.0: USB Mass Storage device detected
[  324.886031][ T2144] usb 1-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=79.b0
[  324.899337][ T2144] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.907826][ T2144] usb 1-1: Product: syz
[  324.912044][ T2144] usb 1-1: Manufacturer: syz
[  324.917049][ T2144] usb 1-1: SerialNumber: syz
[  324.930013][ T2144] usb 1-1: config 0 descriptor??
[  325.082558][ T5870] usb 2-1: USB disconnect, device number 46
[  325.350478][ T9329] netlink: 28 bytes leftover after parsing attributes in process `syz.3.932'.
[  325.807444][ T5865] usb 1-1: USB disconnect, device number 38
[  326.045440][    T8] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  326.242760][ T9342] bond0: entered promiscuous mode
[  326.248041][ T9342] bond_slave_0: entered promiscuous mode
[  326.254432][ T9342] bond_slave_1: entered promiscuous mode
[  326.615367][    T8] usb 5-1: Using ep0 maxpacket: 32
[  326.627102][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  326.642458][    T8] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  326.660456][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.677719][    T8] usb 5-1: Product: syz
[  326.748112][    T8] usb 5-1: Manufacturer: syz
[  326.759677][    T8] usb 5-1: SerialNumber: syz
[  326.767458][    T8] usb 5-1: config 0 descriptor??
[  326.896379][ T9347] Cannot find add_set index 3 as target
[  326.907992][   T29] audit: type=1400 audit(326.879:488): avc:  denied  { getopt } for  pid=9348 comm="syz.1.943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  327.318674][ T6058] usb 4-1: bad CDC descriptors
[  327.443231][ T6058] usb 4-1: USB disconnect, device number 41
[  327.469543][    T8] gs_usb 5-1:0.0: Configuring for 2 interfaces
[  328.679485][ T9367] netlink: 'syz.3.946': attribute type 9 has an invalid length.
[  328.690404][ T9367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.946'.
[  328.708536][    T8] gs_usb 5-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[  328.738883][    T8] gs_usb 5-1:0.0: Couldn't get bit timing const for channel 1 (-EPROTO)
[  328.747695][ T9367] netlink: 'syz.3.946': attribute type 9 has an invalid length.
[  328.755575][ T5913] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  328.795460][ T9367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.946'.
[  328.871906][    T8] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71
[  328.914731][    T8] usb 5-1: USB disconnect, device number 45
[  328.928651][ T5913] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  328.956241][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  328.979150][ T5913] usb 1-1: config 0 has no interfaces?
[  328.989934][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.028476][ T5913] usb 1-1: config 0 has no interfaces?
[  329.041753][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.065721][ T5913] usb 1-1: config 0 has no interfaces?
[  329.085362][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.126207][ T5913] usb 1-1: config 0 has no interfaces?
[  329.139444][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.173061][ T5913] usb 1-1: config 0 has no interfaces?
[  329.273105][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.284371][ T5913] usb 1-1: config 0 has no interfaces?
[  329.305390][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  330.334231][ T5913] usb 1-1: config 0 has no interfaces?
[  330.419570][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  330.565367][ T5913] usb 1-1: config 0 has no interfaces?
[  330.576882][ T5913] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  330.589511][ T5913] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  330.639813][ T5913] usb 1-1: Product: syz
[  330.716939][ T5913] usb 1-1: Manufacturer: syz
[  331.001166][ T5913] usb 1-1: SerialNumber: syz
[  331.017784][ T5913] usb 1-1: config 0 descriptor??
[  331.053427][ T5913] usb 1-1: can't set config #0, error -71
[  331.171985][ T9403] netlink: 72 bytes leftover after parsing attributes in process `syz.4.959'.
[  331.773889][ T5913] usb 1-1: USB disconnect, device number 39
[  332.453536][   T29] audit: type=1400 audit(332.389:489): avc:  denied  { setopt } for  pid=9410 comm="syz.0.961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  332.992301][   T29] audit: type=1400 audit(332.959:490): avc:  denied  { map } for  pid=9420 comm="syz.2.965" path="socket:[24588]" dev="sockfs" ino=24588 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  333.034531][ T9421] input: syz0 as /devices/virtual/input/input25
[  333.111727][ T9423] FAULT_INJECTION: forcing a failure.
[  333.111727][ T9423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.185609][ T9423] CPU: 0 UID: 0 PID: 9423 Comm: syz.0.966 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  333.185628][ T9423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  333.185633][ T9423] Call Trace:
[  333.185636][ T9423]  <TASK>
[  333.185640][ T9423]  dump_stack_lvl+0x16c/0x1f0
[  333.185655][ T9423]  should_fail_ex+0x497/0x5b0
[  333.185667][ T9423]  _copy_to_user+0x32/0xd0
[  333.185679][ T9423]  simple_read_from_buffer+0xd0/0x160
[  333.185691][ T9423]  proc_fail_nth_read+0x198/0x270
[  333.185701][ T9423]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.185711][ T9423]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.185720][ T9423]  vfs_read+0x1df/0xbe0
[  333.185731][ T9423]  ? __fget_files+0x1fc/0x3a0
[  333.185742][ T9423]  ? __pfx___mutex_lock+0x10/0x10
[  333.185753][ T9423]  ? __pfx_vfs_read+0x10/0x10
[  333.185769][ T9423]  ? __fget_files+0x206/0x3a0
[  333.185783][ T9423]  ksys_read+0x12b/0x250
[  333.185793][ T9423]  ? __pfx_ksys_read+0x10/0x10
[  333.185806][ T9423]  do_syscall_64+0xcd/0x250
[  333.185818][ T9423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.185831][ T9423] RIP: 0033:0x7fbe61f8b73c
[  333.185838][ T9423] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  333.185847][ T9423] RSP: 002b:00007fbe62d31030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  333.185856][ T9423] RAX: ffffffffffffffda RBX: 00007fbe621a5fa0 RCX: 00007fbe61f8b73c
[  333.185861][ T9423] RDX: 000000000000000f RSI: 00007fbe62d310a0 RDI: 0000000000000003
[  333.185866][ T9423] RBP: 00007fbe62d31090 R08: 0000000000000000 R09: 0000000000000000
[  333.185871][ T9423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.185876][ T9423] R13: 0000000000000000 R14: 00007fbe621a5fa0 R15: 00007ffe232a34e8
[  333.185887][ T9423]  </TASK>
[  333.751898][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'.
[  335.365459][ T5913] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  335.545820][ T9451] 9pnet_fd: Insufficient options for proto=fd
[  335.566987][ T5913] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  335.577713][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.592150][ T5913] usb 2-1: config 0 has no interfaces?
[  335.602603][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.614025][ T5913] usb 2-1: config 0 has no interfaces?
[  335.631257][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.647931][ T5913] usb 2-1: config 0 has no interfaces?
[  335.676558][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.744160][ T5913] usb 2-1: config 0 has no interfaces?
[  335.753785][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.764581][ T5913] usb 2-1: config 0 has no interfaces?
[  335.771932][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.782686][ T5913] usb 2-1: config 0 has no interfaces?
[  335.800427][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.814816][ T5913] usb 2-1: config 0 has no interfaces?
[  335.828050][ T5913] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.847269][ T5913] usb 2-1: config 0 has no interfaces?
[  335.856426][ T5913] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  335.866010][ T5913] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  335.877165][ T5913] usb 2-1: Product: syz
[  335.898305][ T5913] usb 2-1: Manufacturer: syz
[  335.913409][ T5913] usb 2-1: SerialNumber: syz
[  336.098209][ T5913] usb 2-1: config 0 descriptor??
[  336.356901][ T9453] overlayfs: overlapping lowerdir path
[  336.605456][ T5913] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  336.784564][ T5913] usb 3-1: Using ep0 maxpacket: 16
[  336.805108][ T5913] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  336.814037][ T5913] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  336.827582][ T5913] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  336.877655][ T5913] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  336.887157][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.895149][ T5913] usb 3-1: Product: syz
[  336.915414][ T5913] usb 3-1: Manufacturer: syz
[  336.931780][ T5913] usb 3-1: SerialNumber: syz
[  337.085418][ T6058] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  337.160841][ T5913] usb 3-1: USB disconnect, device number 33
[  337.265382][ T6058] usb 1-1: Using ep0 maxpacket: 32
[  337.272168][ T6058] usb 1-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[  337.281834][ T6058] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.301659][ T6058] usb 1-1: config 0 descriptor??
[  337.471625][ T6058] usb 1-1: selecting invalid altsetting 3
[  337.480845][ T6058] comedi comedi0: could not set alternate setting 3 in high speed
[  337.636228][ T6058] usbduxsigma 1-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[  337.702617][ T6058] usbduxsigma 1-1:0.0: probe with driver usbduxsigma failed with error -22
[  337.723032][ T6058] usb 1-1: USB disconnect, device number 40
[  337.935652][ T6058] usb 2-1: USB disconnect, device number 47
[  338.263722][ T9486] Cannot find add_set index 3 as target
[  339.954615][ T9499] netlink: 12 bytes leftover after parsing attributes in process `syz.0.989'.
[  340.029070][ T9498] Cannot find add_set index 3 as target
[  340.701903][ T9508] FAULT_INJECTION: forcing a failure.
[  340.701903][ T9508] name failslab, interval 1, probability 0, space 0, times 0
[  340.785932][ T9508] CPU: 1 UID: 0 PID: 9508 Comm: syz.1.992 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  340.785958][ T9508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  340.785967][ T9508] Call Trace:
[  340.785972][ T9508]  <TASK>
[  340.785979][ T9508]  dump_stack_lvl+0x16c/0x1f0
[  340.786005][ T9508]  should_fail_ex+0x497/0x5b0
[  340.786023][ T9508]  ? fs_reclaim_acquire+0xae/0x150
[  340.786045][ T9508]  should_failslab+0xc2/0x120
[  340.786070][ T9508]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  340.786093][ T9508]  ? avc_has_perm_noaudit+0x61/0x3a0
[  340.786112][ T9508]  ? security_context_to_sid_core+0xc3/0x870
[  340.786142][ T9508]  kmemdup_nul+0x49/0xf0
[  340.786162][ T9508]  security_context_to_sid_core+0xc3/0x870
[  340.786190][ T9508]  ? __pfx_security_context_to_sid_core+0x10/0x10
[  340.786215][ T9508]  ? avc_has_perm+0x11b/0x1c0
[  340.786237][ T9508]  ? cap_capable+0x1cf/0x240
[  340.786270][ T9508]  selinux_lsm_setattr+0x6c4/0x910
[  340.786294][ T9508]  ? __pfx_selinux_lsm_setattr+0x10/0x10
[  340.786319][ T9508]  ? lock_acquire+0x2f/0xb0
[  340.786344][ T9508]  selinux_setprocattr+0x41/0x60
[  340.786368][ T9508]  security_setprocattr+0x147/0x1a0
[  340.786393][ T9508]  proc_pid_attr_write+0x332/0x790
[  340.786414][ T9508]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  340.786434][ T9508]  vfs_writev+0x6da/0xdd0
[  340.786452][ T9508]  ? fdget_pos+0x267/0x390
[  340.786479][ T9508]  ? __pfx_vfs_writev+0x10/0x10
[  340.786496][ T9508]  ? __mutex_lock+0x1cc/0xb10
[  340.786512][ T9508]  ? find_held_lock+0x2d/0x110
[  340.786532][ T9508]  ? __pfx___mutex_lock+0x10/0x10
[  340.786550][ T9508]  ? trace_lock_acquire+0x14e/0x1f0
[  340.786576][ T9508]  ? __fget_files+0x206/0x3a0
[  340.786603][ T9508]  ? do_writev+0x133/0x340
[  340.786619][ T9508]  do_writev+0x133/0x340
[  340.786638][ T9508]  ? __pfx_do_writev+0x10/0x10
[  340.786663][ T9508]  do_syscall_64+0xcd/0x250
[  340.786684][ T9508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.786706][ T9508] RIP: 0033:0x7fbf61d8cd29
[  340.786719][ T9508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.786734][ T9508] RSP: 002b:00007fbf62c63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  340.786751][ T9508] RAX: ffffffffffffffda RBX: 00007fbf61fa5fa0 RCX: 00007fbf61d8cd29
[  340.786761][ T9508] RDX: 0000000000000008 RSI: 00000000200000c0 RDI: 0000000000000003
[  340.786771][ T9508] RBP: 00007fbf62c63090 R08: 0000000000000000 R09: 0000000000000000
[  340.786780][ T9508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.786789][ T9508] R13: 0000000000000000 R14: 00007fbf61fa5fa0 R15: 00007ffe006c64a8
[  340.786812][ T9508]  </TASK>
[  340.860719][ T9510] overlayfs: missing 'lowerdir'
[  342.499610][ T9532] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  342.570489][ T9540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.998'.
[  343.804878][ T9542] FAULT_INJECTION: forcing a failure.
[  343.804878][ T9542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.836717][ T9542] CPU: 1 UID: 0 PID: 9542 Comm: syz.4.1000 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  343.836744][ T9542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  343.836753][ T9542] Call Trace:
[  343.836759][ T9542]  <TASK>
[  343.836766][ T9542]  dump_stack_lvl+0x16c/0x1f0
[  343.836790][ T9542]  should_fail_ex+0x497/0x5b0
[  343.836813][ T9542]  _copy_to_user+0x32/0xd0
[  343.836835][ T9542]  simple_read_from_buffer+0xd0/0x160
[  343.836857][ T9542]  proc_fail_nth_read+0x198/0x270
[  343.836875][ T9542]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  343.836895][ T9542]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  343.836912][ T9542]  vfs_read+0x1df/0xbe0
[  343.836932][ T9542]  ? __fget_files+0x1fc/0x3a0
[  343.836953][ T9542]  ? __pfx___mutex_lock+0x10/0x10
[  343.836974][ T9542]  ? __pfx_vfs_read+0x10/0x10
[  343.836999][ T9542]  ? __fget_files+0x206/0x3a0
[  343.837025][ T9542]  ksys_read+0x12b/0x250
[  343.837050][ T9542]  ? __pfx_ksys_read+0x10/0x10
[  343.837076][ T9542]  do_syscall_64+0xcd/0x250
[  343.837097][ T9542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.837119][ T9542] RIP: 0033:0x7f1f6978b73c
[  343.837133][ T9542] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  343.837148][ T9542] RSP: 002b:00007f1f6a678030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  343.837165][ T9542] RAX: ffffffffffffffda RBX: 00007f1f699a5fa0 RCX: 00007f1f6978b73c
[  343.837176][ T9542] RDX: 000000000000000f RSI: 00007f1f6a6780a0 RDI: 0000000000000004
[  343.837186][ T9542] RBP: 00007f1f6a678090 R08: 0000000000000000 R09: 0000000000000000
[  343.837195][ T9542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.837205][ T9542] R13: 0000000000000000 R14: 00007f1f699a5fa0 R15: 00007ffc64173b18
[  343.837227][ T9542]  </TASK>
[  345.298382][   T29] audit: type=1400 audit(345.269:491): avc:  denied  { create } for  pid=9551 comm="syz.2.1003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  345.381184][   T29] audit: type=1400 audit(345.299:492): avc:  denied  { write } for  pid=9551 comm="syz.2.1003" path="socket:[24362]" dev="sockfs" ino=24362 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  345.429513][   T29] audit: type=1400 audit(345.299:493): avc:  denied  { nlmsg_read } for  pid=9551 comm="syz.2.1003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  345.698903][ T9576] FAULT_INJECTION: forcing a failure.
[  345.698903][ T9576] name failslab, interval 1, probability 0, space 0, times 0
[  345.743606][ T9576] CPU: 1 UID: 0 PID: 9576 Comm: syz.0.1011 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  345.743632][ T9576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  345.743642][ T9576] Call Trace:
[  345.743647][ T9576]  <TASK>
[  345.743654][ T9576]  dump_stack_lvl+0x16c/0x1f0
[  345.743680][ T9576]  should_fail_ex+0x497/0x5b0
[  345.743699][ T9576]  ? fs_reclaim_acquire+0xae/0x150
[  345.743721][ T9576]  should_failslab+0xc2/0x120
[  345.743746][ T9576]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  345.743770][ T9576]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  345.743793][ T9576]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  345.743819][ T9576]  mmu_topup_memory_caches+0x22/0xd0
[  345.743847][ T9576]  kvm_mmu_load+0xda/0x21f0
[  345.743873][ T9576]  ? kvm_apic_has_interrupt+0xb6/0x190
[  345.743895][ T9576]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  345.743916][ T9576]  ? kvm_guest_time_update+0x71e/0xeb0
[  345.743945][ T9576]  ? __pfx_kvm_mmu_load+0x10/0x10
[  345.743970][ T9576]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  345.743990][ T9576]  ? kvm_check_and_inject_events+0x725/0x12e0
[  345.744017][ T9576]  ? record_steal_time+0x31/0xbe0
[  345.744044][ T9576]  vcpu_run+0x33a4/0x4f50
[  345.744070][ T9576]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  345.744103][ T9576]  ? __pfx_vcpu_run+0x10/0x10
[  345.744130][ T9576]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  345.744154][ T9576]  ? rcu_is_watching+0x12/0xc0
[  345.744169][ T9576]  ? trace_lock_acquire+0x14e/0x1f0
[  345.744185][ T9576]  ? __local_bh_enable_ip+0xa4/0x120
[  345.744207][ T9576]  ? lockdep_hardirqs_on+0x7c/0x110
[  345.744229][ T9576]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  345.744259][ T9576]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  345.744285][ T9576]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  345.744318][ T9576]  kvm_vcpu_ioctl+0x6ce/0x1520
[  345.744335][ T9576]  ? do_vfs_ioctl+0x513/0x1990
[  345.744354][ T9576]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  345.744380][ T9576]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  345.744400][ T9576]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  345.744422][ T9576]  ? __pfx_lock_release+0x10/0x10
[  345.744454][ T9576]  ? selinux_file_ioctl+0x180/0x270
[  345.744470][ T9576]  ? selinux_file_ioctl+0xb4/0x270
[  345.744487][ T9576]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  345.744506][ T9576]  __x64_sys_ioctl+0x190/0x200
[  345.744525][ T9576]  do_syscall_64+0xcd/0x250
[  345.744547][ T9576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.744569][ T9576] RIP: 0033:0x7fbe61f8cd29
[  345.744582][ T9576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.744597][ T9576] RSP: 002b:00007fbe62d31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  345.744614][ T9576] RAX: ffffffffffffffda RBX: 00007fbe621a5fa0 RCX: 00007fbe61f8cd29
[  345.744625][ T9576] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  345.744635][ T9576] RBP: 00007fbe62d31090 R08: 0000000000000000 R09: 0000000000000000
[  345.744645][ T9576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.744654][ T9576] R13: 0000000000000000 R14: 00007fbe621a5fa0 R15: 00007ffe232a34e8
[  345.744678][ T9576]  </TASK>
[  347.104526][ T9590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1014'.
[  347.115516][ T6058] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  347.405045][ T5143] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  347.421053][ T5143] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  347.431440][ T5143] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  347.440440][ T5143] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  347.448789][ T5143] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  347.455989][ T5143] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  347.488244][   T29] audit: type=1400 audit(347.449:494): avc:  denied  { mounton } for  pid=9592 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  347.842047][ T6058] usb 5-1: Using ep0 maxpacket: 8
[  347.863414][ T6058] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  347.893172][ T6058] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.921567][ T6058] usb 5-1: Product: syz
[  347.935078][ T6058] usb 5-1: Manufacturer: syz
[  347.969150][ T6058] usb 5-1: SerialNumber: syz
[  348.005061][ T6058] usb 5-1: config 0 descriptor??
[  348.948983][ T6058] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  348.976169][ T2144] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  349.110324][ T9592] chnl_net:caif_netlink_parms(): no params data found
[  349.159046][ T2144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  349.205714][ T2144] usb 1-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  349.284069][ T2144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.529683][ T2144] usb 1-1: config 0 descriptor??
[  349.556478][ T5818] Bluetooth: hci3: command tx timeout
[  349.570053][ T2144] smsusb:smsusb_probe: board id=8, interface number 0
[  349.578168][ T2144] smsusb:smsusb_probe: Device initialized with return code -19
[  349.905890][ T9592] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.942167][ T9592] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.002683][ T9592] bridge_slave_0: entered allmulticast mode
[  350.040876][ T9592] bridge_slave_0: entered promiscuous mode
[  350.066997][ T9592] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.090046][ T9592] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.105581][ T9592] bridge_slave_1: entered allmulticast mode
[  350.116578][ T9592] bridge_slave_1: entered promiscuous mode
[  350.188782][    T8] usb 1-1: USB disconnect, device number 41
[  350.235071][ T9592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  350.266446][ T9592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  350.372897][ T9592] team0: Port device team_slave_0 added
[  350.394583][ T9592] team0: Port device team_slave_1 added
[  350.590307][ T9592] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.606435][ T9592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.635528][ T9592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.205556][ T6058] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  351.223605][ T9592] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.231284][ T9592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.256579][ T6058] usb 5-1: USB disconnect, device number 46
[  351.418541][ T9592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.602297][ T9592] hsr_slave_0: entered promiscuous mode
[  351.625371][ T5818] Bluetooth: hci3: command tx timeout
[  351.658456][ T9592] hsr_slave_1: entered promiscuous mode
[  351.696604][ T9592] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  351.725371][ T9592] Cannot create hsr debugfs directory
[  352.340144][ T9644] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  352.636616][   T29] audit: type=1400 audit(352.609:495): avc:  denied  { ioctl } for  pid=9645 comm="syz.3.1029" path="socket:[25226]" dev="sockfs" ino=25226 ioctlcmd=0x7202 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  352.660614][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.207330][ T9592] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  353.246659][ T9592] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  353.270649][ T9592] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  353.289789][ T9592] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  353.423802][   T29] audit: type=1400 audit(353.389:496): avc:  denied  { setattr } for  pid=9649 comm="syz.0.1028" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  353.526591][ T9659] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  353.539364][ T9659] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  353.547767][ T9659] CPU: 1 UID: 0 PID: 9659 Comm: syz.0.1028 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0
[  353.550772][   T29] audit: type=1400 audit(353.419:497): avc:  denied  { open } for  pid=9649 comm="syz.0.1028" path="/210/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  353.558075][ T9659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  353.558087][ T9659] RIP: 0010:iter_file_splice_write+0xa2d/0x10b0
[  353.558115][ T9659] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 b1 04 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 1a 05 00 00 49 8b 54 24 08 4c 89 ee 4c 89 ff 83
[  353.558132][ T9659] RSP: 0018:ffffc900037bf938 EFLAGS: 00010202
[  353.558148][ T9659] RAX: 0000000000000ad0 RBX: dffffc0000000000 RCX: ffffc9000e769000
[  353.558158][ T9659] RDX: 0000000000000001 RSI: ffffffff821ec755 RDI: 0000000000000008
[  353.558167][ T9659] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[  353.633856][ T9592] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.637481][ T9659] R10: 7fffffffffffff7f R11: ffffffff8180d92a R12: 0000000000000000
[  353.637495][ T9659] R13: ffff888041217028 R14: 7fffffffffffff7f R15: ffff8880363bdc00
[  353.637505][ T9659] FS:  00007fbe62d106c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  353.637521][ T9659] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  353.637530][ T9659] CR2: 000000110c391bdc CR3: 000000006bb62000 CR4: 00000000003526f0
[  353.637540][ T9659] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  353.637548][ T9659] DR3: 000000000000060c DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  353.659887][ T9592] 8021q: adding VLAN 0 to HW filter on device team0
[  353.660047][ T9659] Call Trace:
[  353.660057][ T9659]  <TASK>
[  353.692774][ T9592] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  353.699373][ T9659]  ? die_addr+0x3b/0xa0
[  353.699396][ T9659]  ? exc_general_protection+0x155/0x230
[  353.699421][ T9659]  ? asm_exc_general_protection+0x26/0x30
[  353.717670][ T9592] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  353.720142][ T9659]  ? __call_rcu_common.constprop.0+0x9a/0x870
[  353.762209][ T9659]  ? iter_file_splice_write+0x9f5/0x10b0
[  353.767872][ T9659]  ? iter_file_splice_write+0xa2d/0x10b0
[  353.773696][ T9659]  ? iter_file_splice_write+0x9f5/0x10b0
[  353.779350][ T9659]  ? __pfx_iter_file_splice_write+0x10/0x10
[  353.785257][ T9659]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.790907][ T9659]  ? splice_direct_to_actor+0x346/0xa40
[  353.796565][ T9659]  ? __pfx_iter_file_splice_write+0x10/0x10
[  353.802474][ T9659]  direct_splice_actor+0x18f/0x6c0
[  353.807589][ T9659]  splice_direct_to_actor+0x346/0xa40
[  353.812968][ T9659]  ? __pfx_direct_splice_actor+0x10/0x10
[  353.818612][ T9659]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  353.824521][ T9659]  ? __pfx___might_resched+0x10/0x10
[  353.829819][ T9659]  do_splice_direct+0x178/0x250
[  353.834681][ T9659]  ? __pfx_do_splice_direct+0x10/0x10
[  353.840066][ T9659]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  353.845971][ T9659]  do_sendfile+0xaed/0xe30
[  353.850392][ T9659]  ? __pfx_do_sendfile+0x10/0x10
[  353.855325][ T9659]  ? __pfx___schedule+0x10/0x10
[  353.860174][ T9659]  ? __x64_sys_futex+0x1e1/0x4c0
[  353.865116][ T9659]  ? __x64_sys_futex+0x1ea/0x4c0
[  353.870056][ T9659]  __x64_sys_sendfile64+0x1da/0x220
[  353.872592][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.875259][ T9659]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  353.875290][ T9659]  do_syscall_64+0xcd/0x250
[  353.875310][ T9659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.882332][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  353.887988][ T9659] RIP: 0033:0x7fbe61f8cd29
[  353.888004][ T9659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.929475][ T9659] RSP: 002b:00007fbe62d10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  353.937864][ T9659] RAX: ffffffffffffffda RBX: 00007fbe621a6080 RCX: 00007fbe61f8cd29
[  353.945815][ T9659] RDX: 0000000000000000 RSI: 000000000000000d RDI: 0000000000000009
[  353.953772][ T9659] RBP: 00007fbe6200e2a0 R08: 0000000000000000 R09: 0000000000000000
[  353.961715][ T9659] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000
[  353.969657][ T9659] R13: 0000000000000000 R14: 00007fbe621a6080 R15: 00007ffe232a34e8
[  353.977603][ T9659]  </TASK>
[  353.980606][ T9659] Modules linked in:
[  353.984873][ T9659] ---[ end trace 0000000000000000 ]---
[  354.015953][ T9659] RIP: 0010:iter_file_splice_write+0xa2d/0x10b0
[  354.025169][ T5818] Bluetooth: hci3: command tx timeout
[  354.039774][ T9659] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 b1 04 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 1a 05 00 00 49 8b 54 24 08 4c 89 ee 4c 89 ff 83
[  354.063483][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.070612][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  354.088319][ T9659] RSP: 0018:ffffc900037bf938 EFLAGS: 00010202
[  354.137208][ T9592] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.157773][ T9592] veth0_vlan: entered promiscuous mode
[  354.169643][ T9592] veth1_vlan: entered promiscuous mode
[  354.172466][ T9659] RAX: 0000000000000ad0 RBX: dffffc0000000000 RCX: ffffc9000e769000
[  354.187792][ T9592] veth0_macvtap: entered promiscuous mode
[  354.197258][ T9592] veth1_macvtap: entered promiscuous mode
[  354.209855][ T9592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.216880][ T9659] RDX: 0000000000000001 RSI: ffffffff821ec755 RDI: 0000000000000008
[  354.220901][ T9592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.238597][ T9592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.249526][ T9592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.259636][ T9592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.270155][ T9659] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[  354.278692][ T9659] R10: 7fffffffffffff7f R11: ffffffff8180d92a R12: 0000000000000000
[  354.287008][ T9592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.297124][ T9659] R13: ffff888041217028 R14: 7fffffffffffff7f R15: ffff8880363bdc00
[  354.305137][ T9592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.315761][ T9659] FS:  00007fbe62d106c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  354.324970][ T9592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.334935][ T9659] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  354.342180][ T9659] CR2: 00007f731f5b3440 CR3: 000000006bb62000 CR4: 00000000003526f0
[  354.351212][ T9592] batman_adv: batadv0: Interface activated: batadv_slave_0
[  354.359428][ T9659] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  354.369514][ T9659] DR3: 00000000000005ff DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  354.378808][ T9592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.389397][ T9659] Kernel panic - not syncing: Fatal exception
[  354.395682][ T9659] Kernel Offset: disabled
[  354.399982][ T9659] Rebooting in 86400 seconds..