last executing test programs:

4m49.648582084s ago: executing program 1 (id=89):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8008b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f0000000500)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x4, 0xc3, &(0x7f0000000400)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = accept$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs, &(0x7f0000000080)=0x6e)
connect$unix(r0, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, 0x0, 0xff2e)
ioctl$TCSETS(r2, 0x40045431, 0x0)
r3 = syz_open_pts(r2, 0x191200)
dup3(r3, r2, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r5=>0x0})
bind$can_raw(r4, &(0x7f0000000000)={0x1d, r5}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0)
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180), 0x0})
lseek(0xffffffffffffffff, 0x4, 0x3)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x8001000000000000, 0x40, &(0x7f0000001080)=@raw={'raw\x00', 0x8, 0x3, 0x2f8, 0x0, 0x5, 0x148, 0x0, 0x0, 0x260, 0x2a8, 0x2a8, 0x260, 0x2a8, 0x3, 0x0, {[{{@ip={@private=0xa010102, @remote, 0xffffffff, 0xffffffff, 'macvlan0\x00', 'bond_slave_0\x00', {}, {}, 0x8, 0x0, 0x65}, 0x0, 0x110, 0x138, 0x0, {0x0, 0x6002}, [@common=@unspec=@statistic={{0x38}, {0x1, 0x0, 0x581b, 0x0, 0x3, {0x4}}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00', {}, 0x4, 0x6}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1d, 0x3, 0x1}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x1b}, @multicast2, 0x0, 0xffffff00, 'xfrm0\x00', 'veth0_to_hsr\x00'}, 0x0, 0xc8, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xd}}, @common=@addrtype={{0x30}, {0x100, 0x949, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="6f79fb339557", 0x0, 0x0, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xffff, 0x1, 0x0, 0x26]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x358)
socket$nl_generic(0x10, 0x3, 0x10)

4m47.73811908s ago: executing program 1 (id=95):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f0000000040), 0x4)
getsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, 0x0, &(0x7f00000000c0))
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000100)=0x819, 0x4)
mmap(&(0x7f00000c4000/0x4000)=nil, 0x4000, 0x100000e, 0x4010, r0, 0x4c527000)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x8014, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r2 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x1, &(0x7f0000000240))
fcntl$F_GET_RW_HINT(r3, 0x40b, &(0x7f0000000140))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r6=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001c00)=ANY=[@ANYBLOB="28040000", @ANYRES16=r5, @ANYBLOB="05002abd7000fddbdf2501000000060006004e24000004040880bc00008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240001000000000000000000000000000000000000000000000000000000000000000000200004000a004e2000000001ff01000000000000000000000000000102000000240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c08000300070000004c02008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff2402098058000080060001000200000041000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff050003000100000064000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a00000014000200000000000000000000000000000000010500030002000000dc000080060001000a0000001400020000000000000000000000ffffac1414aa05000300030000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000000500030001000000060001000200000008000200640101000500030000000000060001000200000008000200ac1e0101050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff020000000000000000000000000001050003000200000064000080080003000000000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a5499400008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e2200000000000000000000000008000100", @ANYRES32=r6], 0x428}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
r7 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r7, 0x5411, &(0x7f0000000000))
pipe(&(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
vmsplice(r9, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000a00)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
mremap(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000009000/0x1000)=nil)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e0b080510"], 0xe)
splice(r8, 0x0, r10, 0x0, 0x25a5, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

4m46.09811875s ago: executing program 1 (id=100):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x4, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x27, 0xb}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x2d}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x10002)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000180)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f000000000000000000000000000034461ae4"], 0x38}, 0x1, 0x0, 0x0, 0x408d4}, 0x800)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000005130a4a04e5221657b07d616e94cc1d006baba3bc5dda1e67a8c2995fae7817f2c11cf7b8e291d2e074c47695671d2b83571", @ANYRES16=0x0, @ANYBLOB="200026bd7000fcdbdf2505000000"], 0xfebe}}, 0x200040d1)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000400), 0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

4m44.752810642s ago: executing program 1 (id=103):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
pipe2$watch_queue(&(0x7f0000000280), 0x80) (async)
pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000600)="ad915d564c900300000000000000a055e8adc4f470ceb876d5885217e6511503064dd55d5be9ad8eac9dd7c288d4e03c0a5e7362163de57ab0c07ec00975f0e3a0e79461ddf24794c01ab3b23275f03425bc8c59a4d6432504aa46ef12cf08a93fb5d08c09ec917aa7ebb8fd57640f01c55f2bfca19d6d02000000000000008baa178b89f05a368290e18ae0aaf2c2d2c3f169ea91dc1750af9b5e7530c64ec016b141f5d31aaef98288f4dc3b6c9aa53161a41c6d3968350ce35e5aa5b3d955f31a71924350c5601aefc08a31c485297cb5bf5328fbd0ecfff9f591c9bf58d10b6bc8713a56919cef54c623023e04cb9d51d6", 0x7a)
r2 = accept4(r0, 0x0, 0x0, 0x80400)
r3 = inotify_init1(0x0)
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r5 = fcntl$dupfd(r3, 0x406, r3)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r5})
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_vhci(&(0x7f00000019c0)=ANY=[@ANYBLOB="040e7b070c20"], 0x7) (async)
syz_emit_vhci(&(0x7f00000019c0)=ANY=[@ANYBLOB="040e7b070c20"], 0x7)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002abd7000fccbdf250900000005000700020000000800010001000000050008"], 0x2c}, 0x1, 0x0, 0x0, 0x24084001}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000009180), 0xffffffffffffffff) (async)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000009180), 0xffffffffffffffff)
socket$qrtr(0x2a, 0x2, 0x0) (async)
r11 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r11, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r11, &(0x7f0000000200)=[{&(0x7f0000000940)="b3", 0x1}], 0x1) (async)
writev(r11, &(0x7f0000000200)=[{&(0x7f0000000940)="b3", 0x1}], 0x1)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000540)="af80cb03f9d41a14cfbcc88d36aa6f470871b9", 0x13)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r9, &(0x7f0000009340)={0x0, 0x0, &(0x7f0000009300)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01ec24020000000000000000000018000180140002007866726d300000000001010000000000058397bc87c1ac4a6c0c3886fabfd7477322bfdc0af5937298de269d250727aa1e6dfec4d9d3c15bf55b3701f09fa7fdef4012356cfba6ce1a94eae06e156edde5c8168ff3525630383255697e7c9155dc7e7449fcb000208b3290f4"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x44004) (async)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r9, &(0x7f0000009340)={0x0, 0x0, &(0x7f0000009300)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01ec24020000000000000000000018000180140002007866726d300000000001010000000000058397bc87c1ac4a6c0c3886fabfd7477322bfdc0af5937298de269d250727aa1e6dfec4d9d3c15bf55b3701f09fa7fdef4012356cfba6ce1a94eae06e156edde5c8168ff3525630383255697e7c9155dc7e7449fcb000208b3290f4"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x44004)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c00000010000304fcff00fffbdbdf25e7d81506", @ANYRES32=0x0, @ANYBLOB="a5fdad88000000001c0012800b00010062726964676500000c00028008001c00c3f94cca"], 0x3c}, 0x1, 0x300000000000000, 0x0, 0x4000040}, 0x0)
socket$netlink(0x10, 0x3, 0x1) (async)
r12 = socket$netlink(0x10, 0x3, 0x1)
syz_genetlink_get_family_id$tipc(&(0x7f0000000700), r2) (async)
r13 = syz_genetlink_get_family_id$tipc(&(0x7f0000000700), r2)
sendmsg$TIPC_CMD_GET_NODES(r12, &(0x7f00000007c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r13, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4803) (async)
sendmsg$TIPC_CMD_GET_NODES(r12, &(0x7f00000007c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r13, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4803)

4m43.029666889s ago: executing program 1 (id=108):
unshare(0x8000000)
r0 = semget$private(0x0, 0x1, 0x334)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0x1])
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCGETS2(r1, 0x802c542a, &(0x7f0000000000))
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x8000, 0x0)
semtimedop(r0, &(0x7f0000000040)=[{0x2, 0x81, 0x1000}], 0x1, 0x0)
unshare(0x2c040000)
semctl$GETZCNT(r0, 0x3, 0xf, &(0x7f0000000140)=""/152)

4m42.77311083s ago: executing program 1 (id=114):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/power/pm_freeze_timeout', 0x1, 0x8)
write$nci(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="7f00805c851edf85a5426dd0c31e8af5d634743403b5e0840097f132e877af1cba90"], 0x2f)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000380)=@ethtool_channels={0x3c, 0x400000, 0x101, 0xda, 0x1000000, 0x0, 0x8, 0x6, 0x401}})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'ip6gretap0\x00', <r4=>0x0})
r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001640), 0x842, 0x0)
pwrite64(r5, 0x0, 0x0, 0xffff)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="41000000000000001c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r4], 0x44}}, 0x0)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
r8 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r8, r7, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
r10 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r10, 0x0, &(0x7f0000000b80)={0x44, &(0x7f00000001c0)=ANY=[@ANYRES16=r10, @ANYRES8=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write(r10, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
read$char_usb(r11, 0x0, 0x0)
r12 = syz_io_uring_setup(0x10d2, &(0x7f0000000540)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f0000000600)=<r13=>0x0, &(0x7f00000005c0)=<r14=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x16, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808980200000000000000334d83239d0c2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebfcaad34732181feb215139f15eafddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a58090000000000000094f22cdf550ef091a78098534f0d973058594000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca3905689a1f3db9c24db65c1e0001581d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86c0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8dd4fc7ea0000af3904ea0f3698cd9492794b8212a350d726bff873339c4cad4ead1348474250eda2c8067ab730c1d82a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c3fc74c00000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860e44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cd32941a815e3f3ceafe3065b9594fdcb24ebb6eddb9e87c9ecec7a42c0000abe1c6ea55887dfa18d0aea1b6eca5a883702b0bf3aefcb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3c0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5b0300000026d3c27e7945b29996e5cefbc9f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac2bc3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa1784d927aca9b8540534c5c49a0300cfbc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984ae4e679107a14bbb24851f6199eaf9a1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a55594616020f72f1c55ee3d325c7496a7c2f10cfeae16ae436751227378f0b1ee78bd33c50206700dd90b96a330f92bff736c83ca53e7f02b734d1a9292337e2be3896f7e7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cde00995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb6961c07b47521973cf0bb6f5530f6216b047b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d420e7b2a9e2f87f7b44949fe14c00000000000f47030c09f62d444b4981db81799776eeb4448278de519705fa8b56779bc8cc927b308c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dedc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982ebddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bffc30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c20024032e9b3bba7d6ceca38d3e96db049b92fc32ee34fe7b8419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab61213bf50000000000e1000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba3759fa55249b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be5732f29eed98d5b3688d80f7c66f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bb850f8035040ad9e57abe58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc053e64bfcfd057980136d6e9faca03b24fa300ef90bfe4ad364256937796f941c2fead94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808d409b5e36fc7fdd40080361427b6b9c118e5c9a0a1d5ca24886eb8a78796540635ac3530b9025d8bad0533a7f81b2188ec75a5fc9302e3815bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124bad23e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3018c7d48c4b6c2f6910975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df745ae7a4e446ca16d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf378ca2e577e206a758a3d46e45e7949c5b5069103009693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000b84b11308b6636b735b3c654cbc0000000000000019a4e9a9c2cbc906f97fd6eb00b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea02023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6085100d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac4bf5c06c6398c1b28bdd3f4c2353c330d8457cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a99d747d38ef5042053299b8e95decc637a022a49664742606cfdb2a3258498a6a0a82369d70177433e52b851ac396163ca09e6c22ad796a565cf23d87ae9be7235553aa6b8ab74842d3d4ba738b3fa997f079d225335f2af55644478e514aed8ba202805ad458d9ae6ab8d156f11f3cfe7def690f2bbbb463063664625223d23386540e0db96d8eb1755ad49ae817683de97a6dd32d584391302e65594b12bb2e6630217401031c8a1b964ca32f735421bbf64c9f1f9329e5cfda139ea79619e1d00a9a3ab49993362f30d191aa3387101feaa3e326190804eae2114437f8f4b27480900dd6511844a643886588fbdee7f8863a8dfdd75a9e128c6c15166a5f92d3c2d4952e5d07c59bfce0724a02600094c3369be3024edf451ff76a59855fd90353a0de907834bb77a059c56e92eed2f1415b3d8178453c7aecd8fbd161e2ffd66bcf2be175e45184f06bafd1c1c4fd7006a6c90d8afd126f1c51ee0f724ffbbed25a286c95d17c8b4297f8bba8efd565ecb157f0be244fb9657f737354b20e3a5012abb36052eec7a4fe9bc5b5283581b208d90d28d78f1c5422c3bcad67278e8bb88d7e6ccf72dd61319b44aa617d667000000000000a5edbd3e8605225681090853fc66a20e30fb9938e5886ae748236f5e071278763e070b2b75ce0a9e6870033d25dd19733152b01b507d812216e0f7fc89bbe200806f079e9515dd886a781a46ebe3da4c8307885b535109bb1678d08e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r13, r14, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x28, 0x0, @fd, 0x8, 0x0, 0x8})
io_uring_enter(r12, 0x47bc, 0x0, 0x0, 0x0, 0x0)
getsockopt$ax25_int(r3, 0x101, 0xbcb1ba4fe83365c2, 0x0, 0x0)
getsockopt$ax25_int(r9, 0x101, 0xa, &(0x7f00000004c0), &(0x7f0000000500)=0x4)

4m27.146273225s ago: executing program 32 (id=114):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/power/pm_freeze_timeout', 0x1, 0x8)
write$nci(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="7f00805c851edf85a5426dd0c31e8af5d634743403b5e0840097f132e877af1cba90"], 0x2f)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000380)=@ethtool_channels={0x3c, 0x400000, 0x101, 0xda, 0x1000000, 0x0, 0x8, 0x6, 0x401}})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'ip6gretap0\x00', <r4=>0x0})
r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001640), 0x842, 0x0)
pwrite64(r5, 0x0, 0x0, 0xffff)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="41000000000000001c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r4], 0x44}}, 0x0)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
r8 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r8, r7, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
r10 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r10, 0x0, &(0x7f0000000b80)={0x44, &(0x7f00000001c0)=ANY=[@ANYRES16=r10, @ANYRES8=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write(r10, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
read$char_usb(r11, 0x0, 0x0)
r12 = syz_io_uring_setup(0x10d2, &(0x7f0000000540)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f0000000600)=<r13=>0x0, &(0x7f00000005c0)=<r14=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x16, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808980200000000000000334d83239d0c2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebfcaad34732181feb215139f15eafddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a58090000000000000094f22cdf550ef091a78098534f0d973058594000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca3905689a1f3db9c24db65c1e0001581d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86c0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8dd4fc7ea0000af3904ea0f3698cd9492794b8212a350d726bff873339c4cad4ead1348474250eda2c8067ab730c1d82a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c3fc74c00000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860e44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cd32941a815e3f3ceafe3065b9594fdcb24ebb6eddb9e87c9ecec7a42c0000abe1c6ea55887dfa18d0aea1b6eca5a883702b0bf3aefcb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3c0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5b0300000026d3c27e7945b29996e5cefbc9f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac2bc3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa1784d927aca9b8540534c5c49a0300cfbc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984ae4e679107a14bbb24851f6199eaf9a1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a55594616020f72f1c55ee3d325c7496a7c2f10cfeae16ae436751227378f0b1ee78bd33c50206700dd90b96a330f92bff736c83ca53e7f02b734d1a9292337e2be3896f7e7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cde00995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb6961c07b47521973cf0bb6f5530f6216b047b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d420e7b2a9e2f87f7b44949fe14c00000000000f47030c09f62d444b4981db81799776eeb4448278de519705fa8b56779bc8cc927b308c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dedc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982ebddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bffc30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c20024032e9b3bba7d6ceca38d3e96db049b92fc32ee34fe7b8419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab61213bf50000000000e1000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba3759fa55249b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be5732f29eed98d5b3688d80f7c66f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bb850f8035040ad9e57abe58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc053e64bfcfd057980136d6e9faca03b24fa300ef90bfe4ad364256937796f941c2fead94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808d409b5e36fc7fdd40080361427b6b9c118e5c9a0a1d5ca24886eb8a78796540635ac3530b9025d8bad0533a7f81b2188ec75a5fc9302e3815bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124bad23e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3018c7d48c4b6c2f6910975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df745ae7a4e446ca16d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf378ca2e577e206a758a3d46e45e7949c5b5069103009693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000b84b11308b6636b735b3c654cbc0000000000000019a4e9a9c2cbc906f97fd6eb00b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea02023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6085100d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac4bf5c06c6398c1b28bdd3f4c2353c330d8457cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a99d747d38ef5042053299b8e95decc637a022a49664742606cfdb2a3258498a6a0a82369d70177433e52b851ac396163ca09e6c22ad796a565cf23d87ae9be7235553aa6b8ab74842d3d4ba738b3fa997f079d225335f2af55644478e514aed8ba202805ad458d9ae6ab8d156f11f3cfe7def690f2bbbb463063664625223d23386540e0db96d8eb1755ad49ae817683de97a6dd32d584391302e65594b12bb2e6630217401031c8a1b964ca32f735421bbf64c9f1f9329e5cfda139ea79619e1d00a9a3ab49993362f30d191aa3387101feaa3e326190804eae2114437f8f4b27480900dd6511844a643886588fbdee7f8863a8dfdd75a9e128c6c15166a5f92d3c2d4952e5d07c59bfce0724a02600094c3369be3024edf451ff76a59855fd90353a0de907834bb77a059c56e92eed2f1415b3d8178453c7aecd8fbd161e2ffd66bcf2be175e45184f06bafd1c1c4fd7006a6c90d8afd126f1c51ee0f724ffbbed25a286c95d17c8b4297f8bba8efd565ecb157f0be244fb9657f737354b20e3a5012abb36052eec7a4fe9bc5b5283581b208d90d28d78f1c5422c3bcad67278e8bb88d7e6ccf72dd61319b44aa617d667000000000000a5edbd3e8605225681090853fc66a20e30fb9938e5886ae748236f5e071278763e070b2b75ce0a9e6870033d25dd19733152b01b507d812216e0f7fc89bbe200806f079e9515dd886a781a46ebe3da4c8307885b535109bb1678d08e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r13, r14, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x28, 0x0, @fd, 0x8, 0x0, 0x8})
io_uring_enter(r12, 0x47bc, 0x0, 0x0, 0x0, 0x0)
getsockopt$ax25_int(r3, 0x101, 0xbcb1ba4fe83365c2, 0x0, 0x0)
getsockopt$ax25_int(r9, 0x101, 0xa, &(0x7f00000004c0), &(0x7f0000000500)=0x4)

2m54.959633435s ago: executing program 4 (id=413):
r0 = socket$netlink(0x10, 0x3, 0xc)
mq_open(&(0x7f00000003c0)='\xa1sxt\x06\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd\xa1v\x856Zp\xf0\x18>pK\x7fWV;\xc0\x19\xa2\x88<\xd1\xb7\xdd\x10\\\xc2Y\xc3\xd6\xaa\f\xecN\xffo\xfbi\xdd\x18\xe6\xb88\x18\x8f\xf1\xff(U\xa3\xe34%e\xdc\r\xb1\x7f\x1c\x93\xa9y\x90\xfe\xf8\xb1\xfd\xad\x1aM\xb5\x1e\x85\xf4h\xaa q\xc6o\xd016_\a\xe7f\xa9\xe5\xef\xe0\x8a\xaf\xa9\x9aa4\x91\xc30 3\x82k\x9d\x8a\t\xfb\xb0\xaew3di\xba\x94*\xe06\x80!\xdb<n\xc8\x10#\twk\x15@\xd0\xe3\xe3J\x98+lS+\x14\x99\xd4}\x0e\n\x87I\x82\xc1P\x96\xbd\xdc\xff5(\\6\xb6\xdc\x8eR\x85\x01\xd1\xa9^X\x818\xcb\x86\xecuq\x86h\xd16\xd4\xbd\"\x9cHW+EF\xea\xfd\x18E\xd2=\x18\xb4\xc1\x1ck\xf9t\x1b\xde6', 0x6e93ebbbcc088473, 0x100, 0x0)
mq_open(&(0x7f0000000000)='\xa1sxt\x06\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd\xa1v\x856Zp\xf0\x18>pK\x7fWV;\xc0\x19\xa2\x88<\xd1\xb7\xdd\x10\\\xc2Y\xc3\xd6\xaa\f\xecN\xffo\xfbi\xdd\x18\xe6\xb88\x18\x8f\xf1\xff(U\xa3\xe34%e\xdc\r\xb1\x7f\x1c\x93\xa9y\x90\xfe\xf8\xb1\xfd\xad\x1aM\xb5\x1e\x85\xf4h\xaa q\xc6o\xd016_\a\xe7f\xa9\xe5\xef\xe0\x8a\xaf\xa9\x9aa4\x91\xc30 3\x82k\x9d\x8a\t\xfb\xb0\xaew3di\xba\x94*\xe06\x80!\xdb<n\xc8\x10#\twk\x15@\xd0\xe3\xe3J\x98+lS+\x14\x99\xd4}\x0e\n\x87I\x82\xc1P\x96\xbd\xdc\xff5(\\6\xb6\xdc\x8eR\x85\x01\xd1\xa9^X\x818\xcb\x86\xecuq\x86h\xd16\xd4\xbd\"\x9cHW+EF\xea\xfd\x18E\xd2=\x18\xb4\xc1\x1ck\xf9t\x1b\xde6', 0x803, 0x160, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="b0010000000101"], 0x1b0}, 0x1, 0x0, 0x0, 0x4000014}, 0x10)

2m54.483577841s ago: executing program 4 (id=414):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='inet_sk_error_report\x00', r2}, 0x18)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r4=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r4, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

2m52.228001913s ago: executing program 4 (id=420):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffffe7}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000380))
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(r3, 0x10, &(0x7f0000000180))
sendto$inet6(r4, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r5=>0x0})
capset(&(0x7f00000001c0)={0x19980330, r5}, &(0x7f0000000280)={0x7, 0x200, 0x8000, 0x0, 0x7, 0x1})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe)
write$cgroup_int(r6, &(0x7f0000000040)=0x1c9, 0x12)
r7 = io_uring_setup(0x4575, &(0x7f00000006c0)={0x0, 0x988d, 0x4000, 0x2, 0x2d1})
r8 = io_uring_setup(0x7fd0, &(0x7f00000004c0)={0x0, 0x3edc, 0x2, 0x1, 0x2fa, 0x0, r7})
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r8, 0x1e, &(0x7f0000000000)={r8}, 0x1)

2m51.195633854s ago: executing program 4 (id=421):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x800006, 0x8, 0x0, 0x3}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
link(0x0, &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}}], 0x2, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000340)={0x2, 0xfff, 0x9, 0x3, 0x100, 0x80, 0x8000, 0x3}, 0x20)

2m46.467070374s ago: executing program 4 (id=434):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x8000000)

2m44.931349737s ago: executing program 4 (id=438):
syz_usb_connect(0x0, 0x24, &(0x7f00000006c0)=ANY=[@ANYBLOB="120100008e88052086800095d8b601020301090212000100000000090401"], 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
prlimit64(0x0, 0x0, &(0x7f0000000180)={0x0, 0x8}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$I2C_RDWR(r4, 0x707, &(0x7f0000000380)={&(0x7f0000000500)=[{0x5, 0x0, 0x0, 0x0}, {0x4, 0x0, 0x0, 0x0}], 0x2})

2m29.795373623s ago: executing program 33 (id=438):
syz_usb_connect(0x0, 0x24, &(0x7f00000006c0)=ANY=[@ANYBLOB="120100008e88052086800095d8b601020301090212000100000000090401"], 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
prlimit64(0x0, 0x0, &(0x7f0000000180)={0x0, 0x8}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$I2C_RDWR(r4, 0x707, &(0x7f0000000380)={&(0x7f0000000500)=[{0x5, 0x0, 0x0, 0x0}, {0x4, 0x0, 0x0, 0x0}], 0x2})

14.427635593s ago: executing program 6 (id=920):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000080000000800000000000000", @ANYRES16, @ANYRESDEC, @ANYRES16], 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000100), 0x8, 0x80)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'lo\x00'}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180)={0x4, 0xfd, 0x1, 0x6, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x0, 0x96}, 0xe)
sendto$inet6(r2, &(0x7f0000000040)="8b64ea700e13aa4ad063a504f54add198d40c90d337f4cdc75c5d7bc7088c24869bdec8b969a7a2402d47ed1b91c8b8296c273d32d7ca1bc13c400"/68, 0x44, 0x8084, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c)
shutdown(r2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x40, r4, 0x8d61ddcfedb48df, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0xffffffffffffff95, 0x1, 0x6}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x40}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x2, 0x1, 0x0, 0x2, 0xa, 0x0, 0x0, 0xfffffffc, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @rand_addr=0x64010101}}]}, 0x50}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_to_bond\x00'})

11.702020784s ago: executing program 3 (id=927):
socket$isdn(0x22, 0x2, 0x25)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b8871002e0064004dbe", 0xa, 0x0, &(0x7f0000000140)={0x11, 0x8100, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, 0x0, &(0x7f0000000200))
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
r7 = syz_open_procfs(0x0, 0x0)
ioctl$SIOCRSSCAUSE(r7, 0x89e1, &(0x7f0000000240)=0x9)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

10.558063696s ago: executing program 3 (id=929):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x800006, 0x8, 0x0, 0x3}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
link(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}}], 0x2, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000340)={0x2, 0xfff, 0x9, 0x3, 0x100, 0x80, 0x8000, 0x3}, 0x20)

10.14585822s ago: executing program 0 (id=932):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@bridge_getvlan={0x20, 0x72, 0x301, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0xf00, 0x0, 0x20000010}, 0x0)

8.987742811s ago: executing program 3 (id=934):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440))
r2 = socket(0x1d, 0x80000, 0x9)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
ioctl$EVIOCGLED(r4, 0x40284504, &(0x7f0000000000)=""/56)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
recvmmsg$unix(r2, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = dup(0xffffffffffffffff)
r6 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$selinux_access(r6, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x5501)
recvmmsg(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}, 0xf5ff}], 0xf00, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000080)=0x6, 0x4)

8.96006014s ago: executing program 6 (id=935):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x20000000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
epoll_create(0x281)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000640)='asymmetric\x00', &(0x7f00000004c0))
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, r4)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$UHID_CREATE(r5, &(0x7f0000002a00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x7f, 0xfffffffe}}, 0x120)
write$UHID_DESTROY(r5, &(0x7f0000000080), 0x4)
writev(r5, &(0x7f00000001c0)=[{&(0x7f0000000500)="dfa1434f7c88d9058558875d3c5b2d8bfcb162669be95907caaefae569dbdfd596ee5166c13ffbf8cf6ed8fdc62bdadeb4a4c7a4178136107341cdb989e91c482deee66260b9b301880c08445aeb9c3c5c1d0f60b8df6ccba1780293af8f34f15c56d1610f28aebbba8c57a5eca437309fce6ed67366d3edaaf4a62ec44ec8feb49df5c73f25a55b01c41665757a33fe732cabcff1319d6d3b92403898a277d1677670c01bc8f9fe1bae44c57caba0eb495cc2b96957f1a4335d212d30cfdf342c7fbd8355dc15b29207790bb82af66f05e4a72570c9891567ca6ea26ba6dd98ff880f6e1cd9d7", 0xe7}, {&(0x7f0000000680)="1fef362428895a754caecb8211ca3a50eb6d41bb1ed7a8424c07c3677c76f553d01ea40dc315d955801597c80de9d3f722e32bccc636548d68fc13cd44be7a5ee8f2a4a4ba76999b3d1ec899a148ee0edcc8162d395583af5500d2c3fb7cc7e6306122b94419597a6689d058b51a874ccf9d1cd99a2c64911761e181c32aadc9a8116382ded27778aa0d3339101feef0daf309bb284918e98e163360e3dc9bb48f7b6356e69dae0549c7505cf5b4b6654255ce0ab5ca95adb2f883217e9e007354aef098c66bb15bd235777887a29570c875026716686a700e", 0xd9}, {&(0x7f0000000780)="5510e0cfd9f4177a2a4ac222f9a7fc721e6d66b49238273a03c25dd9b3343f2909f3bc2b8e4058067ef8fe2f481121fe418be6c46cb48a192c6b51f5540c8935c6175a2faaaf1a401d1363ceae43dfa28a7ee4e59be78bb06ddc441abdfb28e71a93bfcfe0356034f8a8484f5dca9a83d42d42871b28acaa7d2f7f8ead18631b0016005d26dd72ba0c73a023ba9dcae211a95e3b720faa0bf8496497dec7f7b24b3b898dd9a8af12ed425874c1c8de6b4d2e31df8dc6ed", 0xb7}], 0x3)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000140))
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x4e23, 0x4, 'sh\x00', 0x1, 0x9, 0x2006e}, 0x2c)

7.399594624s ago: executing program 6 (id=937):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x4080, 0x0)
finit_module(r0, &(0x7f0000000040)='.]\x00', 0x3)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
close(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x208000, 0x0)

6.991784746s ago: executing program 2 (id=939):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) (async)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, 0x0) (async)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000000)=0xff)

6.390227082s ago: executing program 3 (id=940):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0x82, &(0x7f0000000d80)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x70, 0x3, 0x1, 0x3, 0x10, 0x24, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xca, 0x4}, [@output_terminal={0x9, 0x24, 0x3, 0x1, 0x101, 0x3, 0x5, 0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x8, 0x2, 0x3, 0x4}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x9, 0xe, 0x0, {0x7, 0x25, 0x1, 0x3, 0xff, 0xc}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x0, 0x9, 0x9, {0x7, 0x25, 0x1, 0x80, 0xf, 0x401}}}}}}}]}}, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0})
futex(0x0, 0x3, 0x801, 0x0, 0x0, 0xfffffffc)
syz_usbip_server_init(0x5)

6.145897513s ago: executing program 2 (id=942):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000180), 0x200802, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000001c0)={<r1=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000200)={r1})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c000000020603000000000000000000ffea000005000100070000000900020073797a300000000014000780"], 0x5c}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
pipe2$9p(0x0, 0x4000)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x1f)
r7 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r7, 0x400455c8, 0x2)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000040)=0xfc)

6.143766938s ago: executing program 6 (id=943):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x4080, 0x0)
finit_module(r0, 0x0, 0x3)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x208000, 0x0)

6.123172513s ago: executing program 0 (id=944):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x800006, 0x8, 0x0, 0x3}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
link(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}}], 0x2, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000340)={0x2, 0xfff, 0x9, 0x3, 0x100, 0x80, 0x8000, 0x3}, 0x20)

4.701334026s ago: executing program 2 (id=945):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, 0x0)

4.697910395s ago: executing program 6 (id=946):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440))
r2 = socket(0x1d, 0x80000, 0x9)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
ioctl$EVIOCGLED(r4, 0x40284504, &(0x7f0000000000)=""/56)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
recvmmsg$unix(r2, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = dup(0xffffffffffffffff)
r6 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$selinux_access(r6, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x5501)
recvmmsg(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}, 0xf5ff}], 0xf00, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000080)=0x6, 0x4)

4.321387774s ago: executing program 2 (id=947):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x200)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000b40)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000b00)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x258, 0x6, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_RULE_USERDATA={0x5b, 0x7, 0x1, 0x0, "a3ac8e28774c5f8826021c8293344b6ccd70f4330513abeb7dbf2b0a4145f5b868feb9ccebd3db03a70649fbf4d4f523af08fd0ba99c7d73d30c4afa5545518afe92eaf91412fcaeb8d18ffbbe53846b98709fd630dc4a"}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_RULE_EXPRESSIONS={0x12c, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}, {0x24, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x5}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x44, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_TPROXY_FAMILY={0x8}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}]}}}, {0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}, {0x3c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x8}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x1}, @NFTA_REJECT_TYPE={0x8}]}}}, {0x4c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0xdd}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x4c}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x15}]}}}]}, @NFTA_RULE_USERDATA={0x9f, 0x7, 0x1, 0x0, "6eed9a02fbfc7517585ed2f30c9d7ebc21e331ebd97863aef9d489243d22e27952feb76596c5fcfec810c54af959abbf2563c680c513f686470f01ef3412521dae6a7bcfd2e19525f814d3674e3b4487dea0f02672c0dc041c95660d6b55d378162f9ee8e41c467495aeeeb4808743f1f5024756828945548841f4f2b707de7b008212ed0a544c7b656832c01f251c49551bd911afa1fc9169ba3c"}, @NFTA_RULE_ID={0x8}]}, @NFT_MSG_NEWTABLE={0x78, 0x0, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_TABLE_USERDATA={0x63, 0x6, "4f196a4736c945678ca13339ccf1275860186a504131f342cea2098e1b984df6cb297280354a32634bc22cf7dbf13c460bcc82154ef9382bc966e4535ce4f730d591ffe69e88711f50c14475bf72f15713ae6917891875ce08c011ada4247e"}]}, @NFT_MSG_NEWFLOWTABLE={0xc8, 0x16, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK={0x94, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'tunl0\x00'}, {0x14, 0x1, 'netpci0\x00'}, {0x14, 0x1, 'ip_vti0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'macvlan1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}]}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0xb4, 0x3, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_CHAIN_COUNTERS={0x70, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7ff}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x2}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x8}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xa}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xfffffffffffc0000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1}]}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_POLICY={0x8}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x20, 0x14, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELSET={0xbc, 0xb, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFTA_SET_EXPRESSIONS={0x14, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}]}, @NFTA_SET_TIMEOUT={0xc}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x5}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x1a}, @NFTA_SET_EXPR={0x44, 0x11, 0x0, 0x1, @numgen={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_NG_TYPE={0x8}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x80000000}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0x101}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}}}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_POLICY={0x8}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x3}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x80000000}, @NFTA_SET_DATA_TYPE={0x8}]}, @NFT_MSG_NEWFLOWTABLE={0x250, 0x16, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x1f4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0xcc, 0x3, 0x0, 0x1, [{0x14, 0x1, 'macvtap0\x00'}, {0x14, 0x1, 'vxcan1\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'syz_tun\x00'}, {0x14, 0x1, 'geneve1\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'veth1_to_team\x00'}, {0x14, 0x1, 'syzkaller0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'virt_wifi0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x401}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xdf9f000}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'tunl0\x00'}, {0x14, 0x1, 'ip6gretap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'sit0\x00'}, {0x14, 0x1, 'veth0_to_hsr\x00'}, {0x14, 0x1, 'veth0_vlan\x00'}, {0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'tunl0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'team_slave_0\x00'}, {0x14}, {0x14, 0x1, 'ip6tnl0\x00'}, {0x14, 0x1, 'ipvlan0\x00'}]}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x174, 0x3, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x10}, @NFTA_COUNTER_PACKETS={0xc}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_POLICY={0x8}, @NFTA_CHAIN_USERDATA={0x101, 0xc, "74b6a624186adbac5ede74b865afa94f7cf948da9bf37191b5a75a47ca2a39e6749d273fc9db6f80390699b4f45a0c0133eeeadf3dbdb50ac1512e7ca283c9145520ef89cace0e25b11480464fcd89f518e687409677256c2055f124f1bfac589d72e4b56f51fbd19bb2d15699d12db679a0bc035937558a800d8720f2132c289a016c8a6b86786b983803cee863f96460409aca8f8e042410ed81d26a97b8a9feabc93435db6ef66fad5712b8c6188df52cc2c84c60b72703354f6f7d82602054ad4f1f8ed71c55e71a12991f8a3a3ccaf0a8375aaa84702a748eeb2609aaab8f06dc1a80eba127ec7c1531cfc903f81547228770518b9dfdeb6e3e8c"}]}, @NFT_MSG_NEWFLOWTABLE={0x148, 0x16, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFTA_FLOWTABLE_HOOK={0xe0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xb803}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'dvmrp1\x00'}, {0x14, 0x1, 'ip6_vti0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'gre0\x00'}, {0x14, 0x1, 'pim6reg\x00'}, {0x14, 0x1, 'veth1_vlan\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_team\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'team_slave_1\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6782c0dc43a7f33}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0xa5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000001)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000b80)={<r4=>0x0, "5d742446da22efbf2f007c40605dc9d7"})
ioctl$BTRFS_IOC_BALANCE_V2(r3, 0xc4009420, &(0x7f0000001b80)={0x22, 0x0, {0x0, @struct={0x82a, 0x6}, r4, 0xffffffffffffffff, 0x9, 0x8000000000000000, 0x0, 0x3, 0x3a, @struct={0x4, 0x5}, 0x7, 0x8, [0x10001, 0xfffffffffffff801, 0x4, 0xd7, 0x9, 0x3]}, {0x401, @struct={0x0, 0x6}, 0x0, 0x56, 0x6, 0x3, 0x1ff, 0x101, 0x0, @struct={0x0, 0x8}, 0x8, 0x9, [0x1, 0x100, 0x7fffffff, 0xcd5a, 0x1, 0x3]}, {0x1, @struct={0x2, 0x3}, 0x0, 0x8, 0xcb8, 0x1, 0x4, 0xfff, 0x0, @struct={0x22aa03c1, 0x8000}, 0x5, 0x7fffffff, [0xfffffffffffffff7, 0x1, 0x8, 0xffffffff, 0x95d, 0x6]}, {0x0, 0x100, 0x1}})
ioctl$BTRFS_IOC_DEFRAG(r2, 0x50009402, 0x0)
syz_emit_vhci(&(0x7f0000001f80)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)
ptrace(0x4207, 0xffffffffffffffff)
ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f0000001fc0)={0x3, "6a2efbb72035fa4beb2b94c84ee491baa7e00369d989b193ed37550a6412cd36", 0x1})
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r2, 0x40047211, &(0x7f0000002000)=0x1)
ioctl$VIDIOC_S_EDID(r0, 0xc0285629, &(0x7f0000002080)={0x0, 0x1, 0xe, '\x00', &(0x7f0000002040)=0x5})
connect$inet(r3, &(0x7f00000020c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
prlimit64(0xffffffffffffffff, 0x8, &(0x7f0000002100)={0xc, 0xf}, &(0x7f0000002140))
setrlimit(0xe, &(0x7f0000002180)={0x80000001, 0x1})
r5 = accept4$packet(0xffffffffffffffff, &(0x7f00000021c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002200)=0x14, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000002240)={{0x1, 0x1, 0x18, <r6=>r3, {0x10001}}, './file0\x00'})
ioctl$RNDADDTOENTCNT(r6, 0x40045201, &(0x7f0000002280)=0x5)
ioctl$TIOCGSID(r6, 0x5429, &(0x7f0000002480))
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000024c0), &(0x7f0000002500)=0xc)
newfstatat(0xffffffffffffff9c, &(0x7f0000002540)='./file0\x00', &(0x7f0000002580), 0x2000)
socket$nl_sock_diag(0x10, 0x3, 0x4)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)

4.111487942s ago: executing program 2 (id=948):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000001880), 0x101100, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x5040100, 0x0, 0x32)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0), 0x1)
sendto$inet6(r1, 0x0, 0x0, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000340)=0xfc)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x10)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000bda000/0x4000)=nil, 0x4000, 0x6, 0x10, 0xffffffffffffffff, 0x10000000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000004c0)={0x2c, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x841}, 0x4894)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000080000000000000200000008000300", @ANYRES32=r6, @ANYBLOB="05b3474fe9000000080026d2117106000500190106000000"], 0x34}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="8a6306000110bcfbb6387ceef25200009d9695745023d7e645b3f8b5e6284b8ebd0bbddcb638d8b846de22af5ab591aed85080d73e829c241fba93dd200b54a5dba2aba45e32ac2230b4ff9e278299f1194e1083161cfb5b36066eb90bc68fe954102f1a5cc3c4ba1ce88b4e541e5549265f37d41abedbe3b3f1284a3dd9091d5c26f462103b7d9f26418e76d49a6f2b5e18ce72be37069e0571bc04bdb3d5dc1077b66d53bf7e947f67bfae8edbc47f88973173531790468361f0423caaa6af0e9881eb06f942218c4721182cba13e48aeae192e0c3f88c0234e7e4a9dbf8cd90ca9bf35cc469edd2770325f827aa7414d26ee7ec93086917c1260fd15f0c12ffa4ef1ee7b171892aa847f1605c04207545440923b27672ac925f0f1d6144976ae903"], 0x28}}, 0x0)

4.068528491s ago: executing program 5 (id=950):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x20000000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
epoll_create(0x281)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000640)='asymmetric\x00', &(0x7f00000004c0))
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$UHID_CREATE(r6, &(0x7f0000002a00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x7f, 0xfffffffe}}, 0x120)
write$UHID_DESTROY(r6, &(0x7f0000000080), 0x4)
writev(r6, &(0x7f00000001c0)=[{&(0x7f0000000500)="dfa1434f7c88d9058558875d3c5b2d8bfcb162669be95907caaefae569dbdfd596ee5166c13ffbf8cf6ed8fdc62bdadeb4a4c7a4178136107341cdb989e91c482deee66260b9b301880c08445aeb9c3c5c1d0f60b8df6ccba1780293af8f34f15c56d1610f28aebbba8c57a5eca437309fce6ed67366d3edaaf4a62ec44ec8feb49df5c73f25a55b01c41665757a33fe732cabcff1319d6d3b92403898a277d1677670c01bc8f9fe1bae44c57caba0eb495cc2b96957f1a4335d212d30cfdf342c7fbd8355dc15b29207790bb82af66f05e4a72570c9891567ca6ea26ba6dd98ff880f6e1cd9d7", 0xe7}, {&(0x7f0000000680)="1fef362428895a754caecb8211ca3a50eb6d41bb1ed7a8424c07c3677c76f553d01ea40dc315d955801597c80de9d3f722e32bccc636548d68fc13cd44be7a5ee8f2a4a4ba76999b3d1ec899a148ee0edcc8162d395583af5500d2c3fb7cc7e6306122b94419597a6689d058b51a874ccf9d1cd99a2c64911761e181c32aadc9a8116382ded27778aa0d3339101feef0daf309bb284918e98e163360e3dc9bb48f7b6356e69dae0549c7505cf5b4b6654255ce0ab5ca95adb2f883217e9e007354aef098c66bb15bd235777887a29570c875026716686a700e", 0xd9}, {&(0x7f0000000780)="5510e0cfd9f4177a2a4ac222f9a7fc721e6d66b49238273a03c25dd9b3343f2909f3bc2b8e4058067ef8fe2f481121fe418be6c46cb48a192c6b51f5540c8935c6175a2faaaf1a401d1363ceae43dfa28a7ee4e59be78bb06ddc441abdfb28e71a93bfcfe0356034f8a8484f5dca9a83d42d42871b28acaa7d2f7f8ead18631b0016005d26dd72ba0c73a023ba9dcae211a95e3b720faa0bf8496497dec7f7b24b3b898dd9a8af12ed425874c1c8de6b4d2e31df8dc6ed", 0xb7}], 0x3)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000140))
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x4e23, 0x4, 'sh\x00', 0x1, 0x9, 0x2006e}, 0x2c)

3.715541434s ago: executing program 6 (id=951):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
unshare(0x64030c00)
pselect6(0x0, 0x0, &(0x7f0000000200)={0x2, 0x400, 0xffffffff, 0x7fff, 0x7, 0x7, 0xffffffffffffffff, 0x2}, &(0x7f0000000340)={0xf, 0x4, 0x1, 0x58, 0xffffffffffffffff, 0x2, 0x9, 0x100}, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x1f)
mount$9p_fd(0x0, 0x0, 0x0, 0x80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f0000000100013070000000000000000fc020000000000000000000000000000fe8000000000000000000000000000100004000000000000000000202c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe"], 0xf0}, 0x1, 0xe}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
sync()
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

3.647611375s ago: executing program 3 (id=952):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000300)=[{0x0}], 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = syz_io_uring_setup(0x890, &(0x7f0000000140)={0x0, 0xaee2, 0x4000, 0x2, 0xbfdffff8}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
preadv(r0, &(0x7f00000000c0), 0x0, 0xd, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x1, 0x1, 0x8000000000000001, 0x6})
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff10000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

2.723407194s ago: executing program 5 (id=953):
r0 = userfaultfd(0x801)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000040)={0x0, 0x7000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
pipe(0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r4, 0x3ba0, &(0x7f0000000380)={0x48, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffedf, 0x0})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f00003b0000/0x1000)=nil, 0x1000}, 0x5})

2.64481055s ago: executing program 2 (id=954):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@bridge_getvlan={0x20, 0x72, 0x301, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0xf00, 0x0, 0x20000010}, 0x0)

2.611886552s ago: executing program 0 (id=955):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000180), 0x200802, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000001c0)={<r1=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000200)={r1})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c000000020603000000000000000000ffea000005000100070000000900020073797a300000000014000780"], 0x5c}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
pipe2$9p(0x0, 0x4000)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x1f)
r7 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r7, 0x400455c8, 0x2)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000040)=0xfc)

1.931786523s ago: executing program 5 (id=956):
r0 = socket$inet(0x2, 0x3, 0x33)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0))
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)

1.93074503s ago: executing program 5 (id=957):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$kcm(0xa, 0x922000000003, 0x11)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='inet_sk_error_report\x00', r2}, 0x18)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r4, 0x40505331, &(0x7f0000000100)={{}, {0xe}, 0xbf00, 0xbf})
syz_io_uring_submit(0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3fe, 0x5, 0x3, 0x9, 0x8, 0x45ff, 0x7ffffffc}, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r6=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r6, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

943.721332ms ago: executing program 0 (id=958):
r0 = socket$inet(0x2, 0x80000, 0x100003)
setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f00000000c0)=0x9, 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10) (async)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)

935.663131ms ago: executing program 5 (id=959):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000600)={0x0, 0x6000, &(0x7f0000000700)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c000180060006006558000008000280040011393e8751eddf7aa8"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

934.541646ms ago: executing program 3 (id=960):
ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)

889.593391ms ago: executing program 0 (id=961):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', r2, 0x0, 0x6}, 0x18)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f00000000c0)={0x0, 0x2, 0x5, &(0x7f0000000080)={0x9, "90f541a5e64f61c7b2986eb5e52829e7cb839300"}})
fcntl$setownex(r2, 0xf, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
ioctl$CEC_ADAP_G_PHYS_ADDR(r4, 0x80026101, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(0x0, r5)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYRES16=r6, @ANYBLOB="010025bd7000ffdbdf25170000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b00060000000600160000000000050012000100000071b78c1fd4392cbe27a937170bc877754451131535"], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x80)
r7 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000100)={<r8=>r7})
bind$xdp(r8, &(0x7f0000000040)={0x2d, 0x0, 0x0, 0xc, r8}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x50, r4, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480))
timer_create(0x2, 0x0, &(0x7f0000000480)=<r9=>0x0)
timer_settime(r9, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_delete(r9)
close(r7)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})

355.571227ms ago: executing program 5 (id=962):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000001880), 0x101100, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x5040100, 0x0, 0x32)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0), 0x1)
sendto$inet6(r1, 0x0, 0x0, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000340)=0xfc)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x10)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000bda000/0x4000)=nil, 0x4000, 0x6, 0x10, 0xffffffffffffffff, 0x10000000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000004c0)={0x2c, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x841}, 0x4894)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000080000000000000200000008000300", @ANYRES32=r5, @ANYBLOB="05b3474fe9000000080026d2117106000500190106000000"], 0x34}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="8a6306000110bcfbb6387ceef25200009d9695745023d7e645b3f8b5e6284b8ebd0bbddcb638d8b846de22af5ab591aed85080d73e829c241fba93dd200b54a5dba2aba45e32ac2230b4ff9e278299f1194e1083161cfb5b36066eb90bc68fe954102f1a5cc3c4ba1ce88b4e541e5549265f37d41abedbe3b3f1284a3dd9091d5c26f462103b7d9f26418e76d49a6f2b5e18ce72be37069e0571bc04bdb3d5dc1077b66d53bf7e947f67bfae8edbc47f88973173531790468361f0423caaa6af0e9881eb06f942218c4721182cba13e48aeae192e0c3f88c0234e7e4a9dbf8cd90ca9bf35cc469edd2770325f827aa7414d26ee7ec93086917c1260fd15f0c12ffa4ef1ee7b171892aa847f1605c04207545440923b27672ac925f0f1d6144976ae903"], 0x28}}, 0x0)

0s ago: executing program 0 (id=963):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xa00965, 0x1})
r1 = add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64, @ANYBLOB="44a837b4012b18a47d01872e42ba27df6fcd8ed404f2a8f480f04048ea693cd7ce5da6ec8d384c7d1aad3083b1a43ee2bec297b5047b0819438a106eab643e82c6503b6c27d0b82482568a35253741de9cf3223f17508862d111b3e3fa9c27c90671fffed0199ba8aa1d7608cf23409f2af5b3ef271c8a2ddc249f7c8aeae6c44be15c5401be5f02b5c1dbb05928c61853cb0c41b78e0271b1f74f0fbf410479caeb61ab29560a3c683509a2ae", @ANYRES16, @ANYRESDEC, @ANYRESOCT=r2], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
fsopen(0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x81, 0x6, 0x1, 0xe7}, {0x20, 0xcc, 0x5, 0xa1a}]})
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x3c, 0x0, 0x8, 0x301, 0x0, 0x0, {0x0, 0x0, 0x9}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x16}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7fffffff}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x4080)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, 0x0, 0x0, r1)

kernel console output (not intermixed with test programs):

 listen } for  pid=7760 comm="syz.5.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  216.835581][   T30] audit: type=1400 audit(1752179221.573:456): avc:  denied  { accept } for  pid=7760 comm="syz.5.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  217.101868][ T5875] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  218.193920][   T24] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  218.266828][   T24] ath9k_htc: Failed to initialize the device
[  218.419976][   T24] usb 6-1: ath9k_htc: USB layer deinitialized
[  218.527756][   T30] audit: type=1400 audit(1752179223.423:457): avc:  denied  { name_bind 0x1000000 } for  pid=7801 comm="syz.3.427" path="socket:[15330]" dev="sockfs" ino=15330 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  218.598300][ T5875] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  218.608558][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.621307][ T7802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.630579][ T5875] usb 3-1: Product: syz
[  218.635286][ T5875] usb 3-1: Manufacturer: syz
[  218.643317][ T7802] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.654232][ T5875] usb 3-1: SerialNumber: syz
[  218.686910][ T5875] usb 3-1: config 0 descriptor??
[  218.948291][ T7795] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  218.967325][ T5875] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  218.973096][ T7802] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  218.985696][ T5875] dvb_usb_af9035 3-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  219.763408][ T5868] usb 6-1: USB disconnect, device number 5
[  219.777237][ T5875] usb 3-1: USB disconnect, device number 10
[  221.179702][ T7821] sctp_transport_update_pmtu: 46 callbacks suppressed
[  221.179747][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.198011][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.209174][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.220232][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.234268][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.245445][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.256629][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.267760][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.279812][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.290876][ T7821] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  221.895098][ T7825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.897585][ T7829] tmpfs: Bad value for 'mpol'
[  221.939078][ T7825] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.637153][ T5875] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  222.783503][   T30] audit: type=1400 audit(1752179227.673:458): avc:  denied  { create } for  pid=7844 comm="syz.5.442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  222.812969][ T5875] usb 5-1: Using ep0 maxpacket: 32
[  222.833178][ T5875] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  222.859772][ T7845] delete_channel: no stack
[  222.865977][ T5875] usb 5-1: config 0 has no interface number 0
[  222.885754][ T5875] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  222.908383][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.931776][ T5875] usb 5-1: Product: syz
[  222.935968][ T5875] usb 5-1: Manufacturer: syz
[  222.940749][ T5875] usb 5-1: SerialNumber: syz
[  222.961841][ T5868] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  222.965025][ T5875] usb 5-1: config 0 descriptor??
[  223.006206][ T5875] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  223.030001][ T5875] usb 5-1: selecting invalid altsetting 1
[  223.213054][ T5875] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  223.299738][ T5875] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  223.322048][   T30] audit: type=1400 audit(1752179228.213:459): avc:  denied  { append } for  pid=7833 comm="syz.4.438" name="i2c-1" dev="devtmpfs" ino=2910 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  223.390033][ T5875] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  223.587838][ T5875] usb 5-1: media controller created
[  223.788190][ T5875] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  223.881162][ T7871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.892621][ T7871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.915328][ T7871] netlink: 276 bytes leftover after parsing attributes in process `syz.3.448'.
[  223.929088][ T5868] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  223.940503][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.959979][ T5868] usb 1-1: config 0 descriptor??
[  223.970842][ T5868] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  224.111914][ T5888] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  224.309645][ T5888] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  224.320133][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.330686][ T5888] usb 3-1: Product: syz
[  224.339272][ T5888] usb 3-1: Manufacturer: syz
[  224.349241][ T5888] usb 3-1: SerialNumber: syz
[  224.374994][ T5888] usb 3-1: config 0 descriptor??
[  224.886091][ T5888] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  224.902382][ T7866] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  225.081294][ T5875] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  225.133416][ T5875] zl10353_read_register: readreg error (reg=127, ret==-32)
[  226.267259][ T7896] FAULT_INJECTION: forcing a failure.
[  226.267259][ T7896] name failslab, interval 1, probability 0, space 0, times 0
[  226.280203][ T7896] CPU: 0 UID: 0 PID: 7896 Comm: syz.5.455 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  226.280227][ T7896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.280237][ T7896] Call Trace:
[  226.280243][ T7896]  <TASK>
[  226.280249][ T7896]  dump_stack_lvl+0x16c/0x1f0
[  226.280279][ T7896]  should_fail_ex+0x512/0x640
[  226.280303][ T7896]  should_failslab+0xc2/0x120
[  226.280325][ T7896]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  226.280347][ T7896]  ? __lock_acquire+0x622/0x1c90
[  226.280362][ T7896]  ? skb_clone+0x190/0x3f0
[  226.280385][ T7896]  skb_clone+0x190/0x3f0
[  226.280406][ T7896]  packet_rcv_spkt+0x180/0x640
[  226.280425][ T7896]  ? __pfx_packet_rcv_spkt+0x10/0x10
[  226.280446][ T7896]  __netif_receive_skb_core.constprop.0+0x79b/0x4a00
[  226.280472][ T7896]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  226.280492][ T7896]  ? __skb_flow_dissect+0x11b2/0x7d90
[  226.280512][ T7896]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  226.280541][ T7896]  ? __pfx___skb_flow_dissect+0x10/0x10
[  226.280570][ T7896]  ? __lock_acquire+0x622/0x1c90
[  226.280591][ T7896]  __netif_receive_skb_one_core+0xb0/0x1e0
[  226.280612][ T7896]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  226.280634][ T7896]  ? lock_acquire+0x179/0x350
[  226.280652][ T7896]  ? __phys_addr+0xe8/0x180
[  226.280675][ T7896]  __netif_receive_skb+0x1d/0x160
[  226.280695][ T7896]  netif_receive_skb+0x137/0x7b0
[  226.280715][ T7896]  ? __pfx_netif_receive_skb+0x10/0x10
[  226.280743][ T7896]  tun_rx_batched.isra.0+0x3ee/0x740
[  226.280770][ T7896]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  226.280798][ T7896]  ? tun_get_user+0x1c0d/0x3b80
[  226.280820][ T7896]  ? rcu_is_watching+0x12/0xc0
[  226.280846][ T7896]  tun_get_user+0x28a2/0x3b80
[  226.280879][ T7896]  ? __pfx_tun_get_user+0x10/0x10
[  226.280903][ T7896]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  226.280935][ T7896]  ? find_held_lock+0x2b/0x80
[  226.280957][ T7896]  ? tun_get+0x191/0x370
[  226.280989][ T7896]  tun_chr_write_iter+0xdc/0x210
[  226.281015][ T7896]  vfs_write+0x6c7/0x1150
[  226.281037][ T7896]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  226.281064][ T7896]  ? __pfx_vfs_write+0x10/0x10
[  226.281082][ T7896]  ? find_held_lock+0x2b/0x80
[  226.281128][ T7896]  ksys_write+0x12a/0x250
[  226.281147][ T7896]  ? __pfx_ksys_write+0x10/0x10
[  226.281176][ T7896]  do_syscall_64+0xcd/0x4c0
[  226.281201][ T7896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.281218][ T7896] RIP: 0033:0x7f4afd98d3df
[  226.281233][ T7896] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  226.281249][ T7896] RSP: 002b:00007f4afe7ca000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  226.281265][ T7896] RAX: ffffffffffffffda RBX: 00007f4afdbb5fa0 RCX: 00007f4afd98d3df
[  226.281276][ T7896] RDX: 0000000000000081 RSI: 00002000000008c0 RDI: 00000000000000c8
[  226.281285][ T7896] RBP: 00007f4afe7ca090 R08: 0000000000000000 R09: 0000000000000000
[  226.281295][ T7896] R10: 0000000000000081 R11: 0000000000000293 R12: 0000000000000001
[  226.281305][ T7896] R13: 0000000000000000 R14: 00007f4afdbb5fa0 R15: 00007ffe696d2818
[  226.281329][ T7896]  </TASK>
[  226.646986][   T30] audit: type=1400 audit(1752179231.543:460): avc:  denied  { shutdown } for  pid=7899 comm="syz.3.456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  226.670916][ T5868] gspca_stv06xx: I2C: Read error writing address: -71
[  227.051630][ T5868] usb 1-1: USB disconnect, device number 5
[  227.512684][ T5888] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  228.059967][   T30] audit: type=1400 audit(1752179232.953:461): avc:  denied  { connect } for  pid=7912 comm="syz.3.460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  228.261535][   T30] audit: type=1400 audit(1752179233.113:462): avc:  denied  { read } for  pid=7912 comm="syz.3.460" path="socket:[14314]" dev="sockfs" ino=14314 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  228.951786][   T92] usb 3-1: USB disconnect, device number 11
[  229.176547][   T30] audit: type=1400 audit(1752179234.073:463): avc:  denied  { mount } for  pid=7929 comm="syz.0.464" name="/" dev="configfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  229.201812][   T30] audit: type=1400 audit(1752179234.073:464): avc:  denied  { search } for  pid=7929 comm="syz.0.464" name="/" dev="configfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  229.224252][   T30] audit: type=1400 audit(1752179234.073:465): avc:  denied  { search } for  pid=7929 comm="syz.0.464" name="/" dev="configfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  229.248383][   T30] audit: type=1400 audit(1752179234.073:466): avc:  denied  { read open } for  pid=7929 comm="syz.0.464" path="/" dev="configfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  229.270784][   T30] audit: type=1400 audit(1752179234.073:467): avc:  denied  { search } for  pid=7929 comm="syz.0.464" name="/" dev="configfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  229.351860][   T92] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  229.421813][ T5895] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  229.503513][   T92] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  229.517391][   T92] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  229.529878][   T92] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  229.539765][   T92] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.553178][ T7928] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  229.574399][   T92] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  229.601062][ T7933] tipc: Started in network mode
[  229.614494][ T5895] usb 1-1: Using ep0 maxpacket: 16
[  229.615977][ T7933] tipc: Node identity 92e7cb184146, cluster identity 4711
[  229.622763][ T5895] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  229.627052][ T7933] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  229.662150][ T7933] syzkaller0: entered promiscuous mode
[  229.666116][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  229.667995][ T7933] syzkaller0: entered allmulticast mode
[  229.684882][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  229.684909][ T5895] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  229.710658][ T5895] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  229.729867][ T5895] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  229.739507][ T5895] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  229.750054][ T5895] usb 1-1: Manufacturer: syz
[  229.757053][ T5895] usb 1-1: config 0 descriptor??
[  229.757289][ T7933] tipc: Resetting bearer <eth:syzkaller0>
[  229.776071][ T7932] tipc: Resetting bearer <eth:syzkaller0>
[  229.785922][   T92] usb 3-1: USB disconnect, device number 12
[  229.792564][ T7932] tipc: Disabling bearer <eth:syzkaller0>
[  230.012565][ T5895] rc_core: IR keymap rc-hauppauge not found
[  230.018485][ T5895] Registered IR keymap rc-empty
[  230.023562][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.042195][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.063094][ T5895] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  230.076084][ T5895] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input9
[  230.091122][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.111958][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.131838][ T5938] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  230.139513][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.161971][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.181931][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.201972][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.222913][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.241872][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.262081][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.283126][ T5895] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  230.293292][ T5938] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  230.306730][ T5895] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  230.316793][ T5938] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  230.328081][ T5895] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  230.336570][ T5938] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  230.357825][ T5938] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  230.370988][ T5938] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  230.380428][ T5938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.394537][ T5938] usb 6-1: config 0 descriptor??
[  230.448426][ T5868] usb 1-1: USB disconnect, device number 6
[  230.822136][ T5938] plantronics 0003:047F:FFFF.0005: ignoring exceeding usage max
[  230.838406][ T5938] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  231.126084][ T5895] usb 6-1: USB disconnect, device number 6
[  231.186999][   T30] audit: type=1400 audit(1752179236.013:468): avc:  denied  { create } for  pid=7935 comm="syz.5.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  231.232243][ T5938] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  231.261025][ T7950] 9pnet_fd: Insufficient options for proto=fd
[  231.272849][ T7950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.281796][ T7950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.790554][ T5938] usb 1-1: string descriptor 0 read error: -22
[  231.797040][ T5938] usb 1-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  231.806327][ T5938] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.816544][ T5938] usb 1-1: config 0 descriptor??
[  231.824514][ T5938] usbtest 1-1:0.0: FX2 device
[  231.829321][ T5938] usbtest 1-1:0.0: low-speed {control intr-in intr-out} tests (+alt)
[  232.084028][ T7928] orangefs_mount: mount request failed with -4
[  232.322001][ T5868] usb 1-1: USB disconnect, device number 7
[  233.045219][   T30] audit: type=1400 audit(1752179237.853:469): avc:  denied  { read } for  pid=7957 comm="syz.2.470" name="usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  233.261675][ T7963] sctp_transport_update_pmtu: 102 callbacks suppressed
[  233.268856][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.280129][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.291286][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.302648][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.316685][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.333819][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.345149][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.356454][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.367914][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.379222][ T7963] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  233.454520][   T30] audit: type=1400 audit(1752179237.863:470): avc:  denied  { open } for  pid=7957 comm="syz.2.470" path="/dev/usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  233.808611][   T30] audit: type=1400 audit(1752179238.703:471): avc:  denied  { write } for  pid=7965 comm="syz.5.473" path="socket:[16456]" dev="sockfs" ino=16456 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  234.311907][ T5938] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  235.322471][ T5938] usb 1-1: too many configurations: 151, using maximum allowed: 8
[  235.359127][ T5938] usb 1-1: New USB device found, idVendor=9869, idProduct=1d22, bcdDevice=75.02
[  235.377926][ T5938] usb 1-1: New USB device strings: Mfr=251, Product=96, SerialNumber=130
[  235.388636][ T5938] usb 1-1: Product: syz
[  235.393519][ T5938] usb 1-1: Manufacturer: syz
[  235.398624][ T5938] usb 1-1: SerialNumber: syz
[  235.405502][ T5938] usb 1-1: config 0 descriptor??
[  235.757394][ T5938] usb 1-1: USB disconnect, device number 8
[  235.811794][ T5895] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  235.962071][ T5895] usb 3-1: Using ep0 maxpacket: 32
[  235.975626][ T5895] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  235.994249][ T5895] usb 3-1: config 0 has no interface number 0
[  236.007335][ T5895] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  236.018944][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.027158][ T5895] usb 3-1: Product: syz
[  236.031372][ T5895] usb 3-1: Manufacturer: syz
[  236.036239][ T5895] usb 3-1: SerialNumber: syz
[  236.036298][ T5868] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  236.044036][ T5895] usb 3-1: config 0 descriptor??
[  236.059482][ T5895] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  236.068560][ T5895] usb 3-1: selecting invalid altsetting 1
[  236.074716][ T5895] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  236.085771][ T5895] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  236.096469][ T5895] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  236.105048][ T5895] usb 3-1: media controller created
[  236.124147][ T5895] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  236.305179][ T7995] lo speed is unknown, defaulting to 1000
[  236.492462][ T5868] usb 6-1: Using ep0 maxpacket: 32
[  236.506014][ T5895] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  236.559819][ T5895] zl10353_read_register: readreg error (reg=127, ret==-71)
[  236.626820][ T5895] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  236.976904][ T5868] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.987952][ T5868] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.002052][ T5868] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  237.009845][ T5895] usb 3-1: USB disconnect, device number 13
[  237.016099][ T5868] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.029227][ T5868] usb 6-1: config 0 descriptor??
[  237.036964][ T5868] hub 6-1:0.0: USB hub found
[  237.236020][ T5868] hub 6-1:0.0: 2 ports detected
[  237.645240][ T7984] netlink: 24 bytes leftover after parsing attributes in process `syz.5.479'.
[  237.675025][ T5868] usb 6-1: USB disconnect, device number 7
[  238.083514][ T8018] netlink: 'syz.0.487': attribute type 14 has an invalid length.
[  239.395350][   T30] audit: type=1400 audit(1752179244.293:472): avc:  denied  { bind } for  pid=8027 comm="syz.2.491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  239.452343][   T30] audit: type=1400 audit(1752179244.323:473): avc:  denied  { listen } for  pid=8027 comm="syz.2.491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  239.610585][ T8033] blktrace: Concurrent blktraces are not allowed on loop0
[  239.946744][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  239.959505][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  239.968572][ T5151] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  239.977640][ T5151] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  239.986931][ T5151] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  240.109216][ T8034] lo speed is unknown, defaulting to 1000
[  240.478636][ T8049] sctp_transport_update_pmtu: 102 callbacks suppressed
[  240.478662][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.497207][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.509174][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.521169][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.536057][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.547535][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.559822][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.571376][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.582733][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.594026][ T8049] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  240.881955][ T5895] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  241.221778][ T5895] usb 3-1: Using ep0 maxpacket: 32
[  241.595871][ T5895] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  242.014050][ T5895] usb 3-1: config 0 has no interface number 0
[  242.042205][ T5151] Bluetooth: hci0: command tx timeout
[  242.052678][ T5895] usb 3-1: config 0 interface 184 has no altsetting 0
[  242.096853][ T5895] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  242.141914][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.161440][ T5895] usb 3-1: Product: syz
[  242.173725][ T5895] usb 3-1: Manufacturer: syz
[  242.181755][ T5895] usb 3-1: SerialNumber: syz
[  242.216406][ T5895] usb 3-1: config 0 descriptor??
[  242.296858][ T5895] smsc75xx v1.0.0
[  242.648324][ T8034] chnl_net:caif_netlink_parms(): no params data found
[  242.891001][ T8070] trusted_key: encrypted_key: key user:syz not found
[  243.057237][ T5895] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  243.271848][ T5895] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  243.294730][ T8034] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.317071][ T8034] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.328370][ T8034] bridge_slave_0: entered allmulticast mode
[  243.451673][ T8034] bridge_slave_0: entered promiscuous mode
[  243.542542][ T8034] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.671414][ T8034] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.762770][ T8034] bridge_slave_1: entered allmulticast mode
[  243.766685][   T30] audit: type=1400 audit(1752179248.663:474): avc:  denied  { write } for  pid=8074 comm="syz.5.501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  243.770151][ T8034] bridge_slave_1: entered promiscuous mode
[  244.121961][ T5151] Bluetooth: hci0: command tx timeout
[  244.171735][ T5895] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  244.929379][ T5895] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  245.065184][ T5895] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  245.278155][ T8034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.283629][ T5895] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  245.316611][ T8034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.372015][ T5895] usb 3-1: USB disconnect, device number 14
[  246.202387][ T5151] Bluetooth: hci0: command tx timeout
[  246.271485][ T5895] libceph: connect (1)[c::]:6789 error -101
[  246.278105][ T5895] libceph: mon0 (1)[c::]:6789 connect error
[  246.412979][ T8034] team0: Port device team_slave_0 added
[  246.419429][ T8099] warning: `syz.3.506' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  246.447099][ T8101] netlink: 4 bytes leftover after parsing attributes in process `syz.5.508'.
[  246.467020][ T8091] bridge_slave_0: left allmulticast mode
[  246.472827][ T8091] bridge_slave_0: left promiscuous mode
[  246.476020][ T8101] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  246.478591][ T8091] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.514215][ T8091] bridge_slave_1: left allmulticast mode
[  246.546953][ T8091] bridge_slave_1: left promiscuous mode
[  246.546999][ T8093] netlink: 'syz.3.506': attribute type 10 has an invalid length.
[  246.565394][ T5938] libceph: connect (1)[c::]:6789 error -101
[  246.571617][ T5938] libceph: mon0 (1)[c::]:6789 connect error
[  246.581849][ T8091] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.631477][ T8091] bond0: (slave bond_slave_0): Releasing backup interface
[  246.660107][ T8102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.677260][   T30] audit: type=1326 audit(1752179251.573:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.509" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6522f8e929 code=0x0
[  246.724694][ T8102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.724791][ T8091] bond0: (slave bond_slave_1): Releasing backup interface
[  246.826884][ T8091] team0: Port device team_slave_0 removed
[  246.841124][ T8091] team0: Port device team_slave_1 removed
[  246.848681][ T8091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.863806][ T8091] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.875921][ T8091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.909978][ T8091] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.937061][ T8034] team0: Port device team_slave_1 added
[  247.102498][   T24] IPVS: starting estimator thread 0...
[  247.194811][ T8120] IPVS: using max 35 ests per chain, 84000 per kthread
[  247.344856][ T5895] libceph: connect (1)[c::]:6789 error -101
[  247.350979][ T5895] libceph: mon0 (1)[c::]:6789 connect error
[  247.389436][ T8093] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  247.713895][ T8034] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.721099][ T8034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.753067][ T8034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.789811][ T8034] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.796839][ T8034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.822993][   T10] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  247.832404][ T8034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  247.936451][ T8034] hsr_slave_0: entered promiscuous mode
[  247.945128][ T8034] hsr_slave_1: entered promiscuous mode
[  247.951019][ T8034] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  247.958700][ T8034] Cannot create hsr debugfs directory
[  247.964368][ T5938] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  247.991782][   T10] usb 1-1: Using ep0 maxpacket: 16
[  248.005019][   T10] usb 1-1: New USB device found, idVendor=10b9, idProduct=8000, bcdDevice=c0.fa
[  248.014143][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.032355][   T10] usb 1-1: Product: syz
[  248.036569][   T10] usb 1-1: Manufacturer: syz
[  248.046479][   T10] usb 1-1: SerialNumber: syz
[  248.059507][   T10] usb 1-1: config 0 descriptor??
[  248.135288][ T5938] usb 6-1: Using ep0 maxpacket: 8
[  248.148036][ T5938] usb 6-1: unable to get BOS descriptor or descriptor too short
[  248.162888][ T5938] usb 6-1: config 7 has an invalid interface number: 204 but max is 0
[  248.171099][ T5938] usb 6-1: config 7 has no interface number 0
[  248.200710][ T5938] usb 6-1: too many endpoints for config 7 interface 204 altsetting 80: 241, using maximum allowed: 30
[  248.236977][ T5938] usb 6-1: config 7 interface 204 altsetting 80 has 0 endpoint descriptors, different from the interface descriptor's value: 241
[  248.252049][ T5938] usb 6-1: config 7 interface 204 has no altsetting 0
[  248.267046][ T5938] usb 6-1: string descriptor 0 read error: -22
[  248.273514][ T5938] usb 6-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=82.fe
[  248.283108][ T5151] Bluetooth: hci0: command tx timeout
[  248.306451][ T5938] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.442570][ T8152] netlink: 16 bytes leftover after parsing attributes in process `syz.2.514'.
[  248.454660][   T92] libceph: connect (1)[c::]:6789 error -101
[  248.645530][ T5938] hub 6-1:7.204: bad descriptor, ignoring hub
[  248.659052][   T92] libceph: mon0 (1)[c::]:6789 connect error
[  248.672002][ T5938] hub 6-1:7.204: probe with driver hub failed with error -5
[  248.680497][   T30] audit: type=1400 audit(1752179253.553:476): avc:  denied  { mount } for  pid=8127 comm="syz.0.512" name="/" dev="pstore" ino=3174 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  248.681655][ T5938] asix 6-1:7.204 (unnamed net_device) (uninitialized): invalid hw address, using random
[  248.754330][   T30] audit: type=1400 audit(1752179253.623:477): avc:  denied  { bind } for  pid=8127 comm="syz.0.512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  248.790510][   T10] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  248.820056][   T10] dvb_usb_af9015 1-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  248.865229][   T10] usb 1-1: USB disconnect, device number 9
[  248.886658][ T8034] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  248.918983][ T8034] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  248.945435][ T8034] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  248.966848][ T8034] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  249.124820][ T5938] asix 6-1:7.204 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  249.145427][ T5938] asix 6-1:7.204 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  249.191965][ T8095] ceph: No mds server is up or the cluster is laggy
[  249.249402][ T8034] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.319700][ T8034] 8021q: adding VLAN 0 to HW filter on device team0
[  249.347023][ T5938] asix 6-1:7.204 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  249.391566][ T1330] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.398734][ T1330] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.414954][ T5938] asix 6-1:7.204 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  249.470096][ T1330] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.477333][ T1330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.548393][ T5868] libceph: connect (1)[c::]:6789 error -101
[  249.555076][ T5868] libceph: mon0 (1)[c::]:6789 connect error
[  249.664805][ T5938] asix 6-1:7.204 eth5: register 'asix' at usb-dummy_hcd.5-1, ASIX AX88178 USB 2.0 Ethernet, 92:e9:c8:ac:f9:02
[  250.222756][ T5938] usb 6-1: reset high-speed USB device number 8 using dummy_hcd
[  251.462250][ T5895] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  252.162510][ T5895] usb 3-1: Using ep0 maxpacket: 16
[  252.172051][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.726575][ T5938] usb 6-1: USB disconnect, device number 8
[  252.732966][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.744731][ T5938] asix 6-1:7.204 eth5: unregister 'asix' usb-dummy_hcd.5-1, ASIX AX88178 USB 2.0 Ethernet
[  252.755163][ T5895] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  252.891787][ T5895] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  252.970349][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.992535][ T5895] usb 3-1: config 0 descriptor??
[  253.047224][ T8034] 8021q: adding VLAN 0 to HW filter on device batadv0
[  253.115216][   T30] audit: type=1400 audit(1752179258.003:478): avc:  denied  { name_bind } for  pid=8210 comm="syz.5.524" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  253.135638][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.354651][   T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  253.623512][   T10] usb 1-1: Using ep0 maxpacket: 16
[  253.713049][   T10] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  253.856223][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  253.868483][   T30] audit: type=1400 audit(1752179258.713:479): avc:  denied  { module_request } for  pid=8034 comm="syz-executor" kmod="netdevsim6" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  253.997557][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  254.117897][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  254.142502][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.178299][   T10] usb 1-1: Product: syz
[  254.192020][   T10] usb 1-1: Manufacturer: syz
[  254.215336][   T30] audit: type=1326 audit(1752179259.113:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8222 comm="syz.3.526" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd5a8f8e929 code=0x0
[  254.219416][ T8231] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  254.247288][   T10] usb 1-1: SerialNumber: syz
[  254.274257][ T8233] IPVS: stopping backup sync thread 8231 ...
[  254.322096][ T5895] usbhid 3-1:0.0: can't add hid device: -71
[  254.329638][ T5895] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  254.387547][ T5895] usb 3-1: USB disconnect, device number 15
[  254.458271][ T8034] veth0_vlan: entered promiscuous mode
[  254.619351][ T8034] veth1_vlan: entered promiscuous mode
[  254.836748][   T10] usb 1-1: 0:2 : does not exist
[  254.898908][ T8034] veth0_macvtap: entered promiscuous mode
[  254.919320][ T8034] veth1_macvtap: entered promiscuous mode
[  254.938737][ T8034] batman_adv: batadv0: Interface activated: batadv_slave_0
[  254.959444][ T8034] batman_adv: batadv0: Interface activated: batadv_slave_1
[  254.979802][ T8034] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.222791][ T8034] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.240281][ T8034] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.282494][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  255.289078][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  255.314831][ T8034] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.157591][ T6349] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.207887][ T6349] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.322089][   T10] usb 1-1: USB disconnect, device number 10
[  256.441640][ T8007] udevd[8007]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  256.476243][ T5944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.654444][   T30] audit: type=1400 audit(1752179261.553:481): avc:  denied  { read } for  pid=8256 comm="syz.2.532" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  257.029123][ T8262] FAULT_INJECTION: forcing a failure.
[  257.029123][ T8262] name failslab, interval 1, probability 0, space 0, times 0
[  257.041974][ T8262] CPU: 0 UID: 0 PID: 8262 Comm: syz.2.532 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  257.042002][ T8262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  257.042011][ T8262] Call Trace:
[  257.042016][ T8262]  <TASK>
[  257.042023][ T8262]  dump_stack_lvl+0x16c/0x1f0
[  257.042051][ T8262]  should_fail_ex+0x512/0x640
[  257.042073][ T8262]  ? fs_reclaim_acquire+0xae/0x150
[  257.042093][ T8262]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  257.042117][ T8262]  should_failslab+0xc2/0x120
[  257.042141][ T8262]  __kmalloc_noprof+0xd2/0x510
[  257.042168][ T8262]  tomoyo_realpath_from_path+0xc2/0x6e0
[  257.042193][ T8262]  ? tomoyo_profile+0x47/0x60
[  257.042221][ T8262]  tomoyo_path_number_perm+0x245/0x580
[  257.042240][ T8262]  ? tomoyo_path_number_perm+0x237/0x580
[  257.042263][ T8262]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  257.042284][ T8262]  ? find_held_lock+0x2b/0x80
[  257.042328][ T8262]  ? find_held_lock+0x2b/0x80
[  257.042348][ T8262]  ? hook_file_ioctl_common+0x145/0x410
[  257.042369][ T8262]  ? __fget_files+0x20e/0x3c0
[  257.042397][ T8262]  security_file_ioctl+0x9b/0x240
[  257.042421][ T8262]  __x64_sys_ioctl+0xb7/0x210
[  257.042442][ T8262]  do_syscall_64+0xcd/0x4c0
[  257.042467][ T8262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.042484][ T8262] RIP: 0033:0x7fc7b418e929
[  257.042498][ T8262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.042513][ T8262] RSP: 002b:00007fc7b5045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  257.042529][ T8262] RAX: ffffffffffffffda RBX: 00007fc7b43b6160 RCX: 00007fc7b418e929
[  257.042538][ T8262] RDX: ffffffffffffffb6 RSI: 0000000000004c80 RDI: 0000000000000004
[  257.042547][ T8262] RBP: 00007fc7b5045090 R08: 0000000000000000 R09: 0000000000000000
[  257.042555][ T8262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.042564][ T8262] R13: 0000000000000000 R14: 00007fc7b43b6160 R15: 00007ffd006f7598
[  257.042584][ T8262]  </TASK>
[  257.042603][ T8262] ERROR: Out of memory at tomoyo_realpath_from_path.
[  257.291747][ T5944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.318497][   T30] audit: type=1400 audit(1752179261.593:482): avc:  denied  { open } for  pid=8256 comm="syz.2.532" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  257.346916][   T30] audit: type=1400 audit(1752179262.143:483): avc:  denied  { ioctl } for  pid=8256 comm="syz.2.532" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  257.483485][   T30] audit: type=1326 audit(1752179262.373:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8264 comm="syz.5.533" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x0
[  257.580462][ T8269] netlink: 4 bytes leftover after parsing attributes in process `syz.5.533'.
[  257.680432][   T30] audit: type=1400 audit(1752179262.573:485): avc:  denied  { ioctl } for  pid=8267 comm="syz.3.534" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  257.818456][ T8277] bond0: (slave wlan1): Releasing backup interface
[  259.351758][   T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  259.573134][   T10] usb 3-1: config 0 has an invalid interface number: 23 but max is 0
[  259.599538][   T10] usb 3-1: config 0 has no interface number 0
[  259.677732][   T10] usb 3-1: New USB device found, idVendor=03f0, idProduct=0307, bcdDevice= 0.01
[  259.708265][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.828617][   T10] usb 3-1: Product: syz
[  259.913146][   T10] usb 3-1: Manufacturer: syz
[  259.974604][   T10] usb 3-1: SerialNumber: syz
[  260.174841][   T10] usb 3-1: config 0 descriptor??
[  260.316876][   T10] ums-usbat 3-1:0.23: USB Mass Storage device detected
[  260.573386][ T5938] kernel write not supported for file /amidi2 (pid: 5938 comm: kworker/0:5)
[  260.742362][   T10] usb 3-1: USB disconnect, device number 16
[  261.163496][ T8289] Process accounting resumed
[  261.219509][   T30] audit: type=1400 audit(1752179266.113:486): avc:  denied  { write } for  pid=8343 comm="syz.5.548" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  262.670639][   T30] audit: type=1400 audit(1752179267.563:487): avc:  denied  { create } for  pid=8361 comm="syz.2.553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  262.886331][   T30] audit: type=1400 audit(1752179267.593:488): avc:  denied  { getopt } for  pid=8361 comm="syz.2.553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  263.716246][ T8363] lo speed is unknown, defaulting to 1000
[  264.700061][ T8378] fuse: Bad value for 'fd'
[  264.706230][ T8378] getblk(): invalid block size 0 requested
[  264.717148][   T30] audit: type=1400 audit(1752179269.593:489): avc:  denied  { ioctl } for  pid=8375 comm="syz.3.555" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  264.747392][ T8378] logical block size: 512
[  264.762372][ T8378] CPU: 0 UID: 0 PID: 8378 Comm: syz.3.555 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  264.762390][ T8378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.762398][ T8378] Call Trace:
[  264.762402][ T8378]  <TASK>
[  264.762407][ T8378]  dump_stack_lvl+0x16c/0x1f0
[  264.762427][ T8378]  __getblk_slow+0x54b/0x5f0
[  264.762439][ T8378]  ? find_held_lock+0x2b/0x80
[  264.762454][ T8378]  ? __pfx___might_resched+0x10/0x10
[  264.762473][ T8378]  bdev_getblk+0xd4/0xe0
[  264.762484][ T8378]  __bread_gfp+0x86/0x3c0
[  264.762495][ T8378]  ntfs_bread+0xd9/0x210
[  264.762510][ T8378]  ntfs_fill_super+0x676/0x4260
[  264.762532][ T8378]  ? snprintf+0xc7/0x100
[  264.762545][ T8378]  ? __pfx_snprintf+0x10/0x10
[  264.762558][ T8378]  ? __pfx_ntfs_fill_super+0x10/0x10
[  264.762571][ T8378]  ? do_raw_spin_lock+0x12c/0x2b0
[  264.762582][ T8378]  ? find_held_lock+0x2b/0x80
[  264.762597][ T8378]  ? sb_set_blocksize+0x188/0x1d0
[  264.762610][ T8378]  ? setup_bdev_super+0x369/0x730
[  264.762624][ T8378]  get_tree_bdev_flags+0x38c/0x620
[  264.762636][ T8378]  ? __pfx_ntfs_fill_super+0x10/0x10
[  264.762649][ T8378]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  264.762665][ T8378]  ? bpf_lsm_capable+0x9/0x10
[  264.762676][ T8378]  ? security_capable+0x7e/0x260
[  264.762688][ T8378]  vfs_get_tree+0x8e/0x340
[  264.762699][ T8378]  path_mount+0x1414/0x2020
[  264.762715][ T8378]  ? kmem_cache_free+0x2d1/0x4d0
[  264.762728][ T8378]  ? __pfx_path_mount+0x10/0x10
[  264.762744][ T8378]  ? putname+0x154/0x1a0
[  264.762762][ T8378]  __x64_sys_mount+0x28d/0x310
[  264.762777][ T8378]  ? __pfx___x64_sys_mount+0x10/0x10
[  264.762807][ T8378]  do_syscall_64+0xcd/0x4c0
[  264.762824][ T8378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.762837][ T8378] RIP: 0033:0x7fd5a8f8e929
[  264.762846][ T8378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.762858][ T8378] RSP: 002b:00007fd5a9d9b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  264.762869][ T8378] RAX: ffffffffffffffda RBX: 00007fd5a91b5fa0 RCX: 00007fd5a8f8e929
[  264.762877][ T8378] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000200000000140
[  264.762884][ T8378] RBP: 00007fd5a9010b39 R08: 0000000000000000 R09: 0000000000000000
[  264.762890][ T8378] R10: 0000000002208004 R11: 0000000000000246 R12: 0000000000000000
[  264.762896][ T8378] R13: 0000000000000000 R14: 00007fd5a91b5fa0 R15: 00007ffe87e58678
[  264.762909][ T8378]  </TASK>
[  264.763061][ T8378] ntfs3(nullb0): failed to read volume at offset 0x0
[  265.097464][ T8336] Process accounting resumed
[  265.792249][ T8387] sctp_transport_update_pmtu: 46 callbacks suppressed
[  265.792290][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.810601][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.837308][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.849293][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.865474][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.876995][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.888701][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.900192][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.912040][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  265.923562][ T8387] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  266.615533][   T30] audit: type=1400 audit(1752179271.503:490): avc:  denied  { append } for  pid=8389 comm="syz.6.560" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  267.665965][   T30] audit: type=1400 audit(1752179271.503:491): avc:  denied  { create } for  pid=8389 comm="syz.6.560" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  267.685390][   T30] audit: type=1400 audit(1752179271.503:492): avc:  denied  { write } for  pid=8389 comm="syz.6.560" path="socket:[17864]" dev="sockfs" ino=17864 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  268.631947][   T10] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  269.177288][   T10] usb 1-1: Using ep0 maxpacket: 16
[  269.189147][   T10] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  269.202773][   T10] usb 1-1: config 0 has no interface number 0
[  269.219480][   T10] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  269.229414][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.075324][   T10] usb 1-1: Product: syz
[  270.083687][   T10] usb 1-1: Manufacturer: syz
[  270.088299][   T10] usb 1-1: SerialNumber: syz
[  270.147529][   T10] usb 1-1: config 0 descriptor??
[  270.252341][   T10] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  270.587668][ T8426] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  270.611543][ T5888] IPVS: starting estimator thread 0...
[  270.721801][ T8431] IPVS: using max 77 ests per chain, 184800 per kthread
[  270.904404][ T8441] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  270.908431][ T8436] befs: (nbd6): No write support. Marking filesystem read-only
[  270.924149][   T30] audit: type=1326 audit(1752179275.823:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8439 comm="syz.3.573" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd5a8f8e929 code=0x0
[  270.963574][ T8436] syz.6.571: attempt to access beyond end of device
[  270.963574][ T8436] nbd6: rw=0, sector=0, nr_sectors = 2 limit=0
[  270.966084][ T8442] IPVS: stopping backup sync thread 8441 ...
[  271.032284][ T5938] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  271.069071][ T8445] comedi comedi3: comedi_test: 2529 microvolt, 8550 microsecond waveform attached
[  271.212858][   T30] audit: type=1400 audit(1752179276.113:494): avc:  denied  { lock } for  pid=8404 comm="syz.0.563" path="/dev/video7" dev="devtmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  271.241149][   T10] gspca_spca1528: reg_w err -71
[  271.261830][   T10] spca1528 1-1:0.1: probe with driver spca1528 failed with error -71
[  271.281592][   T10] usb 1-1: USB disconnect, device number 11
[  271.421081][ T8448] netlink: 'syz.5.575': attribute type 1 has an invalid length.
[  271.430287][ T8448] netlink: 20 bytes leftover after parsing attributes in process `syz.5.575'.
[  271.441752][ T5888] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  271.749925][   T30] audit: type=1400 audit(1752179276.483:495): avc:  denied  { read } for  pid=8449 comm="syz.5.576" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  271.806429][   T30] audit: type=1400 audit(1752179276.483:496): avc:  denied  { open } for  pid=8449 comm="syz.5.576" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  272.064591][   T30] audit: type=1400 audit(1752179276.493:497): avc:  denied  { watch } for  pid=8449 comm="syz.5.576" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  272.111741][   T30] audit: type=1400 audit(1752179276.493:498): avc:  denied  { watch_sb } for  pid=8449 comm="syz.5.576" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  274.191423][ T8478] sctp_transport_update_pmtu: 104 callbacks suppressed
[  274.191449][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.209650][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.220829][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.232059][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.245843][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.256925][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.268072][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.279232][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.290246][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  274.301268][ T8478] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  275.003693][ T8481] sp0: Synchronizing with TNC
[  275.327418][ T8490] overlayfs: missing 'lowerdir'
[  275.343030][   T30] audit: type=1400 audit(1752179280.223:499): avc:  denied  { unmount } for  pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  276.335325][ T8505] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  277.227814][ T8496] IPVS: stopping backup sync thread 8505 ...
[  277.281484][ T5938] IPVS: starting estimator thread 0...
[  277.381928][ T8509] IPVS: using max 76 ests per chain, 182400 per kthread
[  277.402586][ T8513] syzkaller0: entered promiscuous mode
[  277.408087][ T8513] syzkaller0: entered allmulticast mode
[  277.419522][   T30] audit: type=1400 audit(1752179282.323:500): avc:  denied  { connect } for  pid=8511 comm="syz.2.593" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  278.610993][ T5895] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  278.877509][ T5895] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  278.897878][ T5895] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  278.918132][ T5895] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  278.933258][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  278.969950][ T5895] usb 1-1: SerialNumber: syz
[  279.517581][ T8536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  279.547065][ T8536] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.729459][ T8539] sctp_transport_update_pmtu: 45 callbacks suppressed
[  279.736923][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.749209][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.761313][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.773986][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.789852][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.802250][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.814576][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.827302][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.839677][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  279.851792][ T8539] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  280.182428][ T8521] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.191974][ T8521] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.208479][ T5895] usb 1-1: 0:2 : does not exist
[  280.221944][ T5895] usb 1-1: unit 255 not found!
[  280.292339][ T5895] usb 1-1: USB disconnect, device number 12
[  280.773220][   T30] audit: type=1400 audit(1752179285.673:501): avc:  denied  { unmount } for  pid=5825 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  281.691826][ T5895] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  281.849825][ T5895] usb 1-1: Using ep0 maxpacket: 32
[  281.911628][ T5895] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  281.924135][ T5895] usb 1-1: config 0 has no interface number 0
[  281.933220][ T5895] usb 1-1: config 0 interface 184 has no altsetting 0
[  281.948941][ T5895] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  281.973948][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.983929][ T5895] usb 1-1: Product: syz
[  281.988202][ T5895] usb 1-1: Manufacturer: syz
[  281.996450][ T5895] usb 1-1: SerialNumber: syz
[  282.037507][ T5895] usb 1-1: config 0 descriptor??
[  282.112171][ T5895] smsc75xx v1.0.0
[  282.783655][ T8569] capability: warning: `syz.0.603' uses deprecated v2 capabilities in a way that may be insecure
[  283.008311][   T30] audit: type=1400 audit(1752179287.903:502): avc:  denied  { shutdown } for  pid=8570 comm="syz.2.607" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  283.040107][ T8574] FAULT_INJECTION: forcing a failure.
[  283.040107][ T8574] name failslab, interval 1, probability 0, space 0, times 0
[  283.054281][ T8574] CPU: 1 UID: 0 PID: 8574 Comm: syz.2.607 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  283.054306][ T8574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.054316][ T8574] Call Trace:
[  283.054321][ T8574]  <TASK>
[  283.054327][ T8574]  dump_stack_lvl+0x16c/0x1f0
[  283.054356][ T8574]  should_fail_ex+0x512/0x640
[  283.054378][ T8574]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  283.054404][ T8574]  should_failslab+0xc2/0x120
[  283.054429][ T8574]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  283.054451][ T8574]  ? getname_kernel+0x52/0x370
[  283.054480][ T8574]  getname_kernel+0x52/0x370
[  283.054507][ T8574]  kern_path+0x1d/0x50
[  283.054527][ T8574]  lookup_bdev+0xd8/0x280
[  283.054548][ T8574]  ? __pfx_lookup_bdev+0x10/0x10
[  283.054563][ T8574]  ? resume_store+0x1b8/0x460
[  283.054584][ T8574]  ? __asan_memcpy+0x3c/0x60
[  283.054606][ T8574]  resume_store+0x1d6/0x460
[  283.054626][ T8574]  ? __pfx_resume_store+0x10/0x10
[  283.054645][ T8574]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  283.054674][ T8574]  ? find_held_lock+0x2b/0x80
[  283.054700][ T8574]  ? __pfx_resume_store+0x10/0x10
[  283.054718][ T8574]  kobj_attr_store+0x55/0x80
[  283.054750][ T8574]  ? __pfx_kobj_attr_store+0x10/0x10
[  283.054773][ T8574]  sysfs_kf_write+0xef/0x150
[  283.054797][ T8574]  kernfs_fop_write_iter+0x354/0x510
[  283.054815][ T8574]  ? __pfx_sysfs_kf_write+0x10/0x10
[  283.054839][ T8574]  vfs_write+0x6c7/0x1150
[  283.054861][ T8574]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  283.054882][ T8574]  ? __pfx___mutex_lock+0x10/0x10
[  283.054905][ T8574]  ? __pfx_vfs_write+0x10/0x10
[  283.054944][ T8574]  ksys_write+0x12a/0x250
[  283.054965][ T8574]  ? __pfx_ksys_write+0x10/0x10
[  283.054993][ T8574]  do_syscall_64+0xcd/0x4c0
[  283.055019][ T8574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.055037][ T8574] RIP: 0033:0x7fc7b418e929
[  283.055051][ T8574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.055068][ T8574] RSP: 002b:00007fc7b5066038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  283.055085][ T8574] RAX: ffffffffffffffda RBX: 00007fc7b43b6080 RCX: 00007fc7b418e929
[  283.055096][ T8574] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 000000000000000a
[  283.055106][ T8574] RBP: 00007fc7b5066090 R08: 0000000000000000 R09: 0000000000000000
[  283.055116][ T8574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.055126][ T8574] R13: 0000000000000000 R14: 00007fc7b43b6080 R15: 00007ffd006f7598
[  283.055150][ T8574]  </TASK>
[  283.283979][ T5895] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  283.316570][ T5895] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  283.340333][   T30] audit: type=1400 audit(1752179288.233:503): avc:  denied  { getopt } for  pid=8576 comm="syz.6.608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  283.590502][ T8582] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  283.684212][   T30] audit: type=1400 audit(1752179288.483:504): avc:  denied  { ioctl } for  pid=8576 comm="syz.6.608" path="socket:[18179]" dev="sockfs" ino=18179 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  285.038027][   T30] audit: type=1400 audit(1752179289.933:505): avc:  denied  { listen } for  pid=8588 comm="syz.2.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  285.039502][ T8589] overlayfs: overlapping lowerdir path
[  285.059074][   T30] audit: type=1400 audit(1752179289.933:506): avc:  denied  { connect } for  pid=8588 comm="syz.2.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  285.100459][   T30] audit: type=1400 audit(1752179289.993:507): avc:  denied  { map } for  pid=8588 comm="syz.2.613" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  285.545526][ T5895] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  285.568019][ T5895] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to write PMT_CTL: -71
[  285.580209][ T5895] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  285.581431][ T8603] Bluetooth: MGMT ver 1.23
[  285.596564][ T5895] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  285.615089][ T5895] usb 1-1: USB disconnect, device number 13
[  285.695546][ T8606] FAULT_INJECTION: forcing a failure.
[  285.695546][ T8606] name failslab, interval 1, probability 0, space 0, times 0
[  285.733156][ T8606] CPU: 1 UID: 0 PID: 8606 Comm: syz.0.615 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  285.733185][ T8606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  285.733196][ T8606] Call Trace:
[  285.733202][ T8606]  <TASK>
[  285.733208][ T8606]  dump_stack_lvl+0x16c/0x1f0
[  285.733238][ T8606]  should_fail_ex+0x512/0x640
[  285.733260][ T8606]  ? fs_reclaim_acquire+0xae/0x150
[  285.733279][ T8606]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  285.733302][ T8606]  should_failslab+0xc2/0x120
[  285.733324][ T8606]  __kmalloc_noprof+0xd2/0x510
[  285.733342][ T8606]  tomoyo_realpath_from_path+0xc2/0x6e0
[  285.733358][ T8606]  ? tomoyo_profile+0x47/0x60
[  285.733375][ T8606]  tomoyo_path_number_perm+0x245/0x580
[  285.733388][ T8606]  ? tomoyo_path_number_perm+0x237/0x580
[  285.733404][ T8606]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  285.733417][ T8606]  ? find_held_lock+0x2b/0x80
[  285.733455][ T8606]  ? find_held_lock+0x2b/0x80
[  285.733475][ T8606]  ? hook_file_ioctl_common+0x145/0x410
[  285.733497][ T8606]  ? __fget_files+0x20e/0x3c0
[  285.733522][ T8606]  security_file_ioctl+0x9b/0x240
[  285.733540][ T8606]  __x64_sys_ioctl+0xb7/0x210
[  285.733553][ T8606]  do_syscall_64+0xcd/0x4c0
[  285.733569][ T8606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.733579][ T8606] RIP: 0033:0x7f6522f8e929
[  285.733589][ T8606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.733599][ T8606] RSP: 002b:00007f6523d95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  285.733610][ T8606] RAX: ffffffffffffffda RBX: 00007f65231b5fa0 RCX: 00007f6522f8e929
[  285.733616][ T8606] RDX: 0000200000000140 RSI: 00000000c0485619 RDI: 0000000000000003
[  285.733622][ T8606] RBP: 00007f6523d95090 R08: 0000000000000000 R09: 0000000000000000
[  285.733628][ T8606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.733634][ T8606] R13: 0000000000000000 R14: 00007f65231b5fa0 R15: 00007ffd56dc7d68
[  285.733647][ T8606]  </TASK>
[  285.735431][ T8606] ERROR: Out of memory at tomoyo_realpath_from_path.
[  286.186245][ T8615] Unsupported ieee802154 address type: 0
[  286.963968][   T30] audit: type=1400 audit(1752179291.083:508): avc:  denied  { bind } for  pid=8611 comm="syz.5.618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  287.293809][ T8616] netlink: 'syz.6.617': attribute type 1 has an invalid length.
[  287.301540][ T8616] netlink: 228 bytes leftover after parsing attributes in process `syz.6.617'.
[  287.461898][   T24] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  287.571955][ T5868] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  287.639742][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.703158][ T8627] xt_l2tp: v2 doesn't support IP mode
[  287.718942][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.749537][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  287.767017][ T5868] usb 3-1: Using ep0 maxpacket: 16
[  287.900378][ T5868] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  287.910613][   T24] usb 1-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00
[  287.925007][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.926737][ T5868] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  288.020040][ T8633] syz.3.623: attempt to access beyond end of device
[  288.020040][ T8633] nbd3: rw=0, sector=2, nr_sectors = 1 limit=0
[  288.033087][ T8633] hfs: can't find a HFS filesystem on dev nbd3
[  288.392332][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.401051][   T24] usb 1-1: config 0 descriptor??
[  288.416794][ T5868] usb 3-1: Product: syz
[  288.437076][ T5868] usb 3-1: Manufacturer: syz
[  288.442212][ T5868] usb 3-1: SerialNumber: syz
[  288.467330][ T5868] usb 3-1: config 0 descriptor??
[  288.489773][ T5868] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  288.499510][ T5868] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  288.616913][ T8619] netlink: 'syz.0.619': attribute type 15 has an invalid length.
[  288.661939][ T8619] netlink: 71 bytes leftover after parsing attributes in process `syz.0.619'.
[  288.827446][ T8643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.836397][ T8643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.072229][ T8619] No control pipe specified
[  289.081597][   T30] audit: type=1400 audit(1752179293.973:509): avc:  denied  { name_connect } for  pid=8618 comm="syz.0.619" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  289.190995][ T8651] process 'syz.6.628' launched '/dev/fd/7' with NULL argv: empty string added
[  289.264265][   T30] audit: type=1400 audit(1752179294.083:510): avc:  denied  { execute } for  pid=8644 comm="syz.6.628" dev="hugetlbfs" ino=18343 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  289.335071][ T8650] netlink: 100 bytes leftover after parsing attributes in process `syz.5.629'.
[  289.405205][ T5151] Bluetooth: hci2: unexpected event for opcode 0x1804
[  289.578845][ T5868] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  289.610026][   T30] audit: type=1400 audit(1752179294.103:511): avc:  denied  { execute_no_trans } for  pid=8644 comm="syz.6.628" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="hugetlbfs" ino=18343 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  289.653194][   T30] audit: type=1400 audit(1752179294.203:512): avc:  denied  { read } for  pid=8618 comm="syz.0.619" lport=53614 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  289.674769][   T24] usbhid 1-1:0.0: can't add hid device: -71
[  289.683956][   T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  289.697599][   T24] usb 1-1: USB disconnect, device number 14
[  289.975378][ T8660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.986443][ T8660] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.789485][ T5868] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  291.078862][   T30] audit: type=1400 audit(1752179295.973:513): avc:  denied  { connect } for  pid=8670 comm="syz.5.637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  291.507319][ T5868] em28xx 3-1:0.0: board has no eeprom
[  291.571855][ T5868] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  291.579722][ T5868] em28xx 3-1:0.0: dvb set to bulk mode.
[  291.599726][ T5888] em28xx 3-1:0.0: Binding DVB extension
[  291.756923][ T5888] em28xx 3-1:0.0: Registering input extension
[  292.428998][ T8692] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  292.706716][   T30] audit: type=1400 audit(1752179297.593:514): avc:  denied  { write } for  pid=8694 comm="syz.3.644" path="socket:[19543]" dev="sockfs" ino=19543 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  292.790371][   T30] audit: type=1400 audit(1752179297.603:515): avc:  denied  { open } for  pid=8697 comm="syz.0.643" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=20518 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  292.819775][   T30] audit: type=1400 audit(1752179297.713:516): avc:  denied  { accept } for  pid=8694 comm="syz.3.644" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  292.895706][   T30] audit: type=1400 audit(1752179297.763:517): avc:  denied  { read } for  pid=8694 comm="syz.3.644" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  292.957089][ T5868] usb 3-1: USB disconnect, device number 18
[  292.973324][ T5868] em28xx 3-1:0.0: Disconnecting em28xx
[  292.989577][ T5868] em28xx 3-1:0.0: Closing input extension
[  293.013091][ T5868] em28xx 3-1:0.0: Freeing device
[  293.034758][   T30] audit: type=1400 audit(1752179297.933:518): avc:  denied  { execmem } for  pid=8711 comm="syz.3.647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  293.556785][ T5151] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  293.573204][ T5151] Bluetooth: hci2: Injecting HCI hardware error event
[  293.582139][ T5832] Bluetooth: hci2: hardware error 0x00
[  294.672972][ T8746] lo speed is unknown, defaulting to 1000
[  295.710272][ T5832] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  296.324398][ T8757] netlink: 32 bytes leftover after parsing attributes in process `syz.3.656'.
[  296.778835][ T6860] Bluetooth: (null): Invalid header checksum
[  296.791990][ T6860] Bluetooth: (null): Invalid header checksum
[  296.798087][ T6860] Bluetooth: (null): Invalid header checksum
[  296.871280][ T6860] Bluetooth: (null): Invalid header checksum
[  296.930139][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  296.930149][   T30] audit: type=1400 audit(1752179301.823:521): avc:  denied  { write } for  pid=8758 comm="syz.0.657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  297.026060][   T30] audit: type=1400 audit(1752179301.923:522): avc:  denied  { setopt } for  pid=8758 comm="syz.0.657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  297.326111][   T30] audit: type=1400 audit(1752179302.213:523): avc:  denied  { bind } for  pid=8766 comm="syz.5.660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  297.716966][ T8772] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  297.729021][ T8772] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  297.827847][ T8772] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  297.840774][ T8772] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  297.891125][ T8772] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  297.900238][ T8772] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  298.212116][ T5895] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  298.409827][   T30] audit: type=1400 audit(1752179303.303:524): avc:  denied  { getopt } for  pid=8768 comm="syz.6.661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  298.435065][ T5895] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.455136][ T5895] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  298.464387][ T5895] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.472761][ T5895] usb 6-1: Product: syz
[  298.477074][ T5895] usb 6-1: Manufacturer: syz
[  298.481861][ T5895] usb 6-1: SerialNumber: syz
[  298.487852][ T5895] usb 6-1: config 0 descriptor??
[  298.494632][ T5895] usb 6-1: ucan: probing device on interface #0
[  298.522432][ T5895] usb 6-1: ucan: invalid EP count (0)
[  298.528051][ T5895] usb 6-1: ucan: probe failed; try to update the device firmware
[  298.967428][ T5895] usb 6-1: USB disconnect, device number 9
[  298.980968][   T30] audit: type=1400 audit(1752179303.873:525): avc:  denied  { write } for  pid=8787 comm="syz.0.666" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  299.721812][ T5832] Bluetooth: hci1: command 0x0419 tx timeout
[  299.810599][ T5832] Bluetooth: hci4: command 0x0419 tx timeout
[  299.881875][ T5832] Bluetooth: hci5: command 0x0c1a tx timeout
[  299.888098][ T5151] Bluetooth: hci0: command 0x0405 tx timeout
[  301.317634][   T30] audit: type=1400 audit(1752179562.216:526): avc:  denied  { create } for  pid=8806 comm="syz.2.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  301.964214][ T5151] Bluetooth: hci0: command 0x0405 tx timeout
[  302.236367][ T8824] Cannot find add_set index 0 as target
[  302.245159][   T30] audit: type=1400 audit(1752179563.136:527): avc:  denied  { read } for  pid=8820 comm="syz.0.674" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  302.645199][ T8832] sctp_transport_update_pmtu: 47 callbacks suppressed
[  302.645278][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.663868][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.674922][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.686397][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.700479][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.712063][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.723563][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.734875][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.746143][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  302.757600][ T8832] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  304.042036][ T5151] Bluetooth: hci0: command 0x0405 tx timeout
[  304.275079][ T8851] netlink: 32 bytes leftover after parsing attributes in process `syz.2.682'.
[  305.835407][ T8868] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'.
[  305.844860][ T8871] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'.
[  305.925947][   T30] audit: type=1400 audit(1752179566.736:528): avc:  denied  { write } for  pid=8867 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  305.957262][   T30] audit: type=1400 audit(1752179566.736:529): avc:  denied  { nlmsg_write } for  pid=8867 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  305.986975][ T8871] netlink: 'syz.2.688': attribute type 2 has an invalid length.
[  306.045499][ T8872] netlink: 16 bytes leftover after parsing attributes in process `syz.2.688'.
[  306.060013][ T8868] netlink: 'syz.2.688': attribute type 2 has an invalid length.
[  306.118444][ T8872] netlink: 24 bytes leftover after parsing attributes in process `syz.2.688'.
[  306.131099][ T8875] ieee802154 phy0 wpan0: encryption failed: -22
[  306.151029][ T8875] syz.0.690 (8875) used obsolete PPPIOCDETACH ioctl
[  306.167580][   T30] audit: type=1400 audit(1752179567.026:530): avc:  denied  { write } for  pid=8874 comm="syz.0.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  306.193360][ T8868] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.264379][ T8872] bridge2: the hash_elasticity option has been deprecated and is always 16
[  306.361925][ T5868] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  306.362441][ T8868] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  308.461884][   T30] audit: type=1400 audit(1752179567.056:531): avc:  denied  { validate_trans } for  pid=8874 comm="syz.0.690" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  308.516487][   T30] audit: type=1400 audit(1752179567.056:532): avc:  denied  { listen } for  pid=8874 comm="syz.0.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  308.559640][ T8884] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[  308.566302][ T8884] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  308.616721][   T30] audit: type=1400 audit(1752179567.136:533): avc:  denied  { open } for  pid=8879 comm="syz.0.691" path="/dev/ptyq4" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  308.745533][ T8884] vhci_hcd vhci_hcd.0: Device attached
[  308.751992][ T5868] usb 3-1: Using ep0 maxpacket: 16
[  308.760084][ T5868] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  308.768381][ T5868] usb 3-1: config 0 has no interface number 0
[  308.774559][ T8885] vhci_hcd: connection closed
[  308.779938][ T5868] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  308.798520][ T6028] vhci_hcd: stop threads
[  308.803219][ T6028] vhci_hcd: release socket
[  308.810096][ T6028] vhci_hcd: disconnect device
[  308.816438][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.841285][ T5868] usb 3-1: Product: syz
[  308.912036][ T5868] usb 3-1: Manufacturer: syz
[  309.235533][ T8895] sp0: Synchronizing with TNC
[  309.240218][ T8896] netlink: 24 bytes leftover after parsing attributes in process `syz.2.693'.
[  309.286154][ T5868] usb 3-1: SerialNumber: syz
[  309.683331][ T5868] usb 3-1: config 0 descriptor??
[  309.691846][ T5868] usb 3-1: can't set config #0, error -71
[  309.761372][ T5868] usb 3-1: USB disconnect, device number 19
[  311.117242][ T8922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.143978][ T8922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.425373][ T8925] sp0: Synchronizing with TNC
[  311.621308][   T30] audit: type=1400 audit(1752179572.506:534): avc:  denied  { write } for  pid=8921 comm="syz.3.702" path="socket:[20911]" dev="sockfs" ino=20911 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  312.211851][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  312.287398][ T8941] sctp_transport_update_pmtu: 45 callbacks suppressed
[  312.287413][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.310705][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.329285][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.340230][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.376600][   T10] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  312.390656][   T10] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  312.408673][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.440540][   T10] usb 1-1: config 220 has no interface number 2
[  312.456194][   T10] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  312.469709][   T10] usb 1-1: config 220 interface 0 has no altsetting 0
[  312.478163][   T10] usb 1-1: config 220 interface 76 has no altsetting 0
[  312.485250][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.497363][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.507891][   T10] usb 1-1: config 220 interface 1 has no altsetting 0
[  312.516866][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.564433][   T10] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  312.577639][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.582212][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.596102][   T10] usb 1-1: Product: syz
[  312.643727][   T10] usb 1-1: Manufacturer: syz
[  312.645385][ T8941] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  312.661763][   T10] usb 1-1: SerialNumber: syz
[  313.116754][ T8949] sp0: Synchronizing with TNC
[  313.358850][ T8947] netlink: 24 bytes leftover after parsing attributes in process `syz.6.709'.
[  313.676763][ T8959] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  313.687207][   T10] usb 1-1: selecting invalid altsetting 0
[  313.695536][ T8960] netlink: 20 bytes leftover after parsing attributes in process `syz.5.713'.
[  313.722839][   T10] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  313.742655][   T10] usb 1-1: No valid video chain found.
[  313.766914][   T10] usb 1-1: selecting invalid altsetting 0
[  313.787950][   T10] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  313.816874][   T10] usb 1-1: USB disconnect, device number 15
[  313.845365][ T8965] netlink: 'syz.0.716': attribute type 21 has an invalid length.
[  313.951891][ T8965] netlink: 'syz.0.716': attribute type 2 has an invalid length.
[  313.965680][ T8965] netlink: 132 bytes leftover after parsing attributes in process `syz.0.716'.
[  315.564311][ T5832] Bluetooth: hci6: command 0xfc11 tx timeout
[  315.573737][ T5151] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  316.451907][ T8990] netlink: 16 bytes leftover after parsing attributes in process `syz.5.714'.
[  316.492941][ T5868] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  316.513992][   T30] audit: type=1400 audit(1752179577.346:535): avc:  denied  { read } for  pid=8961 comm="syz.5.714" path="socket:[20120]" dev="sockfs" ino=20120 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  316.628172][   T30] audit: type=1326 audit(1752179577.486:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.651933][   T30] audit: type=1326 audit(1752179577.486:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.675226][   T30] audit: type=1326 audit(1752179577.486:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.701606][   T30] audit: type=1326 audit(1752179577.486:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.701930][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  316.726632][   T30] audit: type=1326 audit(1752179577.486:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.736229][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  316.761582][ T5868] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  316.806747][   T30] audit: type=1326 audit(1752179577.486:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.831882][   T30] audit: type=1326 audit(1752179577.486:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.855495][   T30] audit: type=1326 audit(1752179577.486:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.879114][   T30] audit: type=1326 audit(1752179577.486:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4afd98e929 code=0x7fc00000
[  316.943132][ T5868] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  316.996290][ T5868] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  317.026509][ T5868] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.056202][ T5868] usb 7-1: config 0 descriptor??
[  317.066388][ T5868] hub 7-1:0.0: USB hub found
[  317.400270][ T5868] hub 7-1:0.0: 2 ports detected
[  318.097762][ T5868] usb 7-1: USB disconnect, device number 3
[  318.638245][ T9009] sctp_transport_update_pmtu: 162 callbacks suppressed
[  318.638259][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.659896][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.670438][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.680981][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.692132][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.702730][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.712993][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.723351][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.733614][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  318.743915][ T9009] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  319.052320][ T9015] FAULT_INJECTION: forcing a failure.
[  319.052320][ T9015] name failslab, interval 1, probability 0, space 0, times 0
[  319.064971][ T9015] CPU: 0 UID: 0 PID: 9015 Comm: syz.6.730 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  319.064995][ T9015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.065005][ T9015] Call Trace:
[  319.065011][ T9015]  <TASK>
[  319.065019][ T9015]  dump_stack_lvl+0x16c/0x1f0
[  319.065048][ T9015]  should_fail_ex+0x512/0x640
[  319.065070][ T9015]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  319.065095][ T9015]  should_failslab+0xc2/0x120
[  319.065120][ T9015]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  319.065141][ T9015]  ? d_instantiate+0x77/0x90
[  319.065157][ T9015]  ? alloc_empty_file+0x55/0x1e0
[  319.065178][ T9015]  alloc_empty_file+0x55/0x1e0
[  319.065195][ T9015]  alloc_file_pseudo+0x13a/0x230
[  319.065213][ T9015]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  319.065237][ T9015]  __anon_inode_getfile+0xe8/0x280
[  319.065265][ T9015]  iommufd_test+0x7b9/0x6140
[  319.065292][ T9015]  ? __pfx_iommufd_test+0x10/0x10
[  319.065313][ T9015]  ? find_held_lock+0x2b/0x80
[  319.065334][ T9015]  ? __might_fault+0xe3/0x190
[  319.065356][ T9015]  ? __might_fault+0xe3/0x190
[  319.065375][ T9015]  ? __might_fault+0x13b/0x190
[  319.065406][ T9015]  iommufd_fops_ioctl+0x33f/0x4e0
[  319.065430][ T9015]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  319.065456][ T9015]  ? hook_file_ioctl_common+0x145/0x410
[  319.065480][ T9015]  ? selinux_file_ioctl+0x180/0x270
[  319.065502][ T9015]  ? selinux_file_ioctl+0xb4/0x270
[  319.065530][ T9015]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  319.065555][ T9015]  __x64_sys_ioctl+0x18b/0x210
[  319.065578][ T9015]  do_syscall_64+0xcd/0x4c0
[  319.065604][ T9015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.065622][ T9015] RIP: 0033:0x7f30ea18e929
[  319.065636][ T9015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.065653][ T9015] RSP: 002b:00007f30eb03b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  319.065669][ T9015] RAX: ffffffffffffffda RBX: 00007f30ea3b6160 RCX: 00007f30ea18e929
[  319.065681][ T9015] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 000000000000000c
[  319.065691][ T9015] RBP: 00007f30eb03b090 R08: 0000000000000000 R09: 0000000000000000
[  319.065701][ T9015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.065710][ T9015] R13: 0000000000000000 R14: 00007f30ea3b6160 R15: 00007fff6b194568
[  319.065733][ T9015]  </TASK>
[  319.782777][ T9028] 8021q: adding VLAN 0 to HW filter on device batadv1
[  319.798288][ T9028] team0: Port device batadv1 added
[  323.812332][   T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  324.506797][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  324.541791][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  324.541955][ T5895] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  324.569891][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  324.611786][   T24] usb 6-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00
[  324.661506][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.751930][ T5895] usb 3-1: Using ep0 maxpacket: 16
[  324.764529][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  324.805370][   T24] usb 6-1: config 0 descriptor??
[  324.821625][ T5895] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  324.835275][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.844023][ T5895] usb 3-1: Product: syz
[  325.308421][ T5895] usb 3-1: Manufacturer: syz
[  325.321420][ T5895] usb 3-1: SerialNumber: syz
[  325.329655][ T5895] usb 3-1: config 0 descriptor??
[  325.340715][ T5895] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  325.397887][ T9054] netlink: 'syz.5.742': attribute type 15 has an invalid length.
[  325.407260][ T9054] netlink: 71 bytes leftover after parsing attributes in process `syz.5.742'.
[  325.627602][ T9054] No control pipe specified
[  325.635541][ T5895] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  325.946939][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  325.965870][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  326.077387][   T24] usb 6-1: USB disconnect, device number 10
[  326.083619][ T9078] sp0: Synchronizing with TNC
[  326.208794][ T9079] netlink: 24 bytes leftover after parsing attributes in process `syz.0.749'.
[  326.865513][ T5895] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  327.696428][ T9059] netlink: 28 bytes leftover after parsing attributes in process `syz.2.743'.
[  327.736309][ T5895] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  327.751768][ T5895] em28xx 3-1:0.0: board has no eeprom
[  328.139772][ T5895] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  328.195480][ T5895] em28xx 3-1:0.0: dvb set to bulk mode.
[  328.325030][   T10] em28xx 3-1:0.0: Binding DVB extension
[  328.478949][ T5895] usb 3-1: USB disconnect, device number 20
[  328.644093][ T5895] em28xx 3-1:0.0: Disconnecting em28xx
[  328.701209][   T10] em28xx 3-1:0.0: Registering input extension
[  328.728119][ T5895] em28xx 3-1:0.0: Closing input extension
[  328.773349][ T5895] em28xx 3-1:0.0: Freeing device
[  328.822697][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  328.822713][   T30] audit: type=1400 audit(1752179589.726:578): avc:  denied  { remount } for  pid=9112 comm="syz.3.759" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  328.887545][ T9116] xt_connbytes: Forcing CT accounting to be enabled
[  328.947093][ T9116] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  329.250596][ T5895] Process accounting resumed
[  329.969062][ T9143] sp0: Synchronizing with TNC
[  330.107281][ T9143] netlink: 24 bytes leftover after parsing attributes in process `syz.5.769'.
[  330.153641][ T9143] netlink: 8 bytes leftover after parsing attributes in process `syz.5.769'.
[  330.991894][ T9141] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  331.003798][ T9141] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  331.010021][ T9141] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  331.089363][ T9154] lo speed is unknown, defaulting to 1000
[  331.095751][ T9154] lo speed is unknown, defaulting to 1000
[  331.105353][ T9154] lo speed is unknown, defaulting to 1000
[  331.170745][ T9154] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  331.457474][ T9154] lo speed is unknown, defaulting to 1000
[  331.464994][ T9154] lo speed is unknown, defaulting to 1000
[  331.471424][ T9154] lo speed is unknown, defaulting to 1000
[  331.477903][ T9154] lo speed is unknown, defaulting to 1000
[  331.484384][ T9154] lo speed is unknown, defaulting to 1000
[  331.490826][ T9154] lo speed is unknown, defaulting to 1000
[  331.541168][ T9141] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  333.004928][ T5151] Bluetooth: hci1: command 0x0419 tx timeout
[  333.561776][ T5151] Bluetooth: hci0: command 0x0405 tx timeout
[  333.567830][ T5151] Bluetooth: hci5: command 0x0c1a tx timeout
[  333.573844][ T5839] Bluetooth: hci4: command 0x0419 tx timeout
[  335.363638][ T5938] Process accounting resumed
[  335.399619][ T9200] tipc: Started in network mode
[  335.452018][ T9200] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  335.475650][ T9200] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  335.682065][   T10] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  335.791128][ T9210] netlink: 32 bytes leftover after parsing attributes in process `syz.0.787'.
[  336.375891][ T9211] sctp_transport_update_pmtu: 45 callbacks suppressed
[  336.375938][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.404671][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.416149][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.427759][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.443041][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.454646][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.466072][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.477416][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.488930][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.500307][ T9211] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  336.639861][   T24] lo speed is unknown, defaulting to 1000
[  336.871762][   T10] usb 6-1: Using ep0 maxpacket: 32
[  336.947781][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.035930][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.045771][   T10] usb 6-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  337.058564][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.069903][   T10] usb 6-1: config 0 descriptor??
[  337.173145][ T9216] FAULT_INJECTION: forcing a failure.
[  337.173145][ T9216] name failslab, interval 1, probability 0, space 0, times 0
[  337.185877][ T9216] CPU: 0 UID: 0 PID: 9216 Comm: syz.2.791 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  337.185899][ T9216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  337.185909][ T9216] Call Trace:
[  337.185915][ T9216]  <TASK>
[  337.185922][ T9216]  dump_stack_lvl+0x16c/0x1f0
[  337.185942][ T9216]  should_fail_ex+0x512/0x640
[  337.185956][ T9216]  ? __kmalloc_noprof+0xbf/0x510
[  337.185974][ T9216]  ? nla_strdup+0xc6/0x150
[  337.185988][ T9216]  should_failslab+0xc2/0x120
[  337.186004][ T9216]  __kmalloc_noprof+0xd2/0x510
[  337.186020][ T9216]  nla_strdup+0xc6/0x150
[  337.186036][ T9216]  nf_tables_newflowtable+0x741/0x2360
[  337.186055][ T9216]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[  337.186070][ T9216]  ? __pfx___nla_validate_parse+0x10/0x10
[  337.186092][ T9216]  ? __nla_parse+0x40/0x60
[  337.186103][ T9216]  nfnetlink_rcv_batch+0x18ed/0x2330
[  337.186123][ T9216]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  337.186144][ T9216]  ? avc_has_perm_noaudit+0x149/0x3b0
[  337.186170][ T9216]  ? __nla_parse+0x40/0x60
[  337.186180][ T9216]  nfnetlink_rcv+0x3c1/0x430
[  337.186192][ T9216]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  337.186208][ T9216]  netlink_unicast+0x53a/0x7f0
[  337.186220][ T9216]  ? __pfx_netlink_unicast+0x10/0x10
[  337.186234][ T9216]  netlink_sendmsg+0x8d1/0xdd0
[  337.186246][ T9216]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.186262][ T9216]  ____sys_sendmsg+0xa95/0xc70
[  337.186273][ T9216]  ? copy_msghdr_from_user+0x10a/0x160
[  337.186287][ T9216]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.186304][ T9216]  ___sys_sendmsg+0x134/0x1d0
[  337.186318][ T9216]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.186331][ T9216]  ? __lock_acquire+0x622/0x1c90
[  337.186359][ T9216]  __sys_sendmsg+0x16d/0x220
[  337.186373][ T9216]  ? __pfx___sys_sendmsg+0x10/0x10
[  337.186405][ T9216]  do_syscall_64+0xcd/0x4c0
[  337.186421][ T9216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.186433][ T9216] RIP: 0033:0x7fc7b418e929
[  337.186442][ T9216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.186452][ T9216] RSP: 002b:00007fc7b5087038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.186463][ T9216] RAX: ffffffffffffffda RBX: 00007fc7b43b5fa0 RCX: 00007fc7b418e929
[  337.186469][ T9216] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  337.186475][ T9216] RBP: 00007fc7b5087090 R08: 0000000000000000 R09: 0000000000000000
[  337.186481][ T9216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.186487][ T9216] R13: 0000000000000000 R14: 00007fc7b43b5fa0 R15: 00007ffd006f7598
[  337.186500][ T9216]  </TASK>
[  337.695475][ T5938] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  338.671138][   T10] aquacomputer_d5next 0003:0C70:F0B6.0006: unknown main item tag 0x0
[  338.688153][   T10] aquacomputer_d5next 0003:0C70:F0B6.0006: unknown main item tag 0x0
[  338.698816][   T10] aquacomputer_d5next 0003:0C70:F0B6.0006: unknown main item tag 0x0
[  338.713105][ T5938] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.800783][ T5938] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  338.804579][   T10] aquacomputer_d5next 0003:0C70:F0B6.0006: hidraw0: USB HID vff.fc Device [HID 0c70:f0b6] on usb-dummy_hcd.5-1/input0
[  338.826406][ T5938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.838201][ T5938] usb 1-1: config 0 descriptor??
[  338.849507][ T5938] pwc: Askey VC010 type 2 USB webcam detected.
[  338.911942][ T5888] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  338.918092][   T10] usb 6-1: USB disconnect, device number 11
[  339.192455][ T5938] pwc: send_video_command error -71
[  339.221705][ T5938] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  339.241277][ T5938] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  339.252390][ T5938] usb 1-1: USB disconnect, device number 16
[  339.414064][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  339.425939][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  339.435820][ T5888] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  339.449053][ T5888] usb 3-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00
[  339.458382][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.476442][ T5888] usb 3-1: config 0 descriptor??
[  339.854699][ T9230] netlink: 'syz.2.795': attribute type 15 has an invalid length.
[  339.889517][ T9230] netlink: 71 bytes leftover after parsing attributes in process `syz.2.795'.
[  339.931735][ T5938] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  340.061772][ T5938] usb 1-1: device descriptor read/64, error -71
[  340.183891][ T9257] trusted_key: encrypted_key: key user:syz not found
[  340.291403][ T9230] No control pipe specified
[  340.609080][ T5151] Bluetooth: hci1: unexpected event for opcode 0x1804
[  340.619003][ T5888] usbhid 3-1:0.0: can't add hid device: -71
[  340.627197][ T5888] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  340.646417][ T5888] usb 3-1: USB disconnect, device number 21
[  341.366159][ T5888] IPVS: starting estimator thread 0...
[  341.409310][ T9266] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  341.451753][   T30] audit: type=1400 audit(1752179602.346:579): avc:  denied  { write } for  pid=9265 comm="syz.5.805" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  341.462074][ T9264] IPVS: using max 44 ests per chain, 105600 per kthread
[  341.702846][ T9271] xt_TCPMSS: Only works on TCP SYN packets
[  342.576074][   T30] audit: type=1326 audit(1752179603.426:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9278 comm="syz.6.811" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f30ea18e929 code=0x0
[  342.609081][ T9282] IPVS: stopping backup sync thread 9290 ...
[  342.619057][ T9290] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  343.133337][ T9295] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  343.142801][ T9295] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  343.174086][ T9295] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  343.182060][ T9295] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  343.353112][ T9295] netlink: 84 bytes leftover after parsing attributes in process `syz.3.812'.
[  343.455285][ T9306] trusted_key: encrypted_key: key user:syz not found
[  344.177107][ T9295] bridge0: entered promiscuous mode
[  344.773455][ T5151] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  344.783403][ T5151] Bluetooth: hci1: Injecting HCI hardware error event
[  344.800022][ T5832] Bluetooth: hci1: hardware error 0x00
[  344.811949][ T9295] macsec1: entered promiscuous mode
[  344.821449][ T9295] bridge0: port 1(macsec1) entered blocking state
[  344.828875][ T9295] bridge0: port 1(macsec1) entered disabled state
[  344.836808][ T9295] macsec1: entered allmulticast mode
[  344.842372][ T9295] bridge0: entered allmulticast mode
[  344.960769][ T9295] macsec1: left allmulticast mode
[  344.968551][ T9295] bridge0: left allmulticast mode
[  344.981700][ T9295] bridge0: left promiscuous mode
[  345.016865][ T9307] netlink: 24 bytes leftover after parsing attributes in process `syz.2.817'.
[  345.057578][ T9308] sp0: Synchronizing with TNC
[  345.131749][ T5938] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  345.215998][ T9307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.817'.
[  345.318221][ T5938] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  345.335191][ T5938] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  345.347717][ T5938] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  345.363372][   T30] audit: type=1400 audit(1752179606.266:581): avc:  denied  { ioctl } for  pid=9322 comm="syz.6.821" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  345.365700][ T5938] usb 1-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00
[  345.441761][ T5938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.456658][ T5938] usb 1-1: config 0 descriptor??
[  345.855809][ T9320] netlink: 'syz.0.820': attribute type 15 has an invalid length.
[  345.863793][ T9320] netlink: 71 bytes leftover after parsing attributes in process `syz.0.820'.
[  345.865233][ T9331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  345.910659][ T9331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.946765][ T9331] netlink: 'syz.3.824': attribute type 15 has an invalid length.
[  345.956599][ T9331] netlink: 71 bytes leftover after parsing attributes in process `syz.3.824'.
[  346.074689][ T9331] No control pipe specified
[  346.127219][ T9320] No control pipe specified
[  346.210951][ T5938] usbhid 1-1:0.0: can't add hid device: -71
[  346.221389][ T5938] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  346.242298][ T9342] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  346.265458][   T30] audit: type=1326 audit(1752179607.166:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9336 comm="syz.2.826" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7b418e929 code=0x0
[  346.271427][ T5938] usb 1-1: USB disconnect, device number 19
[  346.459870][ T9337] IPVS: stopping backup sync thread 9342 ...
[  346.544643][ T9344] sp0: Synchronizing with TNC
[  346.748608][ T9344] netlink: 24 bytes leftover after parsing attributes in process `syz.6.827'.
[  346.763102][ T9344] netlink: 8 bytes leftover after parsing attributes in process `syz.6.827'.
[  346.911735][ T5832] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  347.043657][ T9352] trusted_key: encrypted_key: key user:syz not found
[  347.969990][ T9368] lo speed is unknown, defaulting to 1000
[  347.989209][ T9368] lo speed is unknown, defaulting to 1000
[  348.863918][ T9381] netlink: 'syz.2.836': attribute type 10 has an invalid length.
[  348.871952][   T30] audit: type=1400 audit(1752179609.766:583): avc:  denied  { create } for  pid=9373 comm="syz.2.836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  349.018660][ T9378] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  349.025618][ T9378] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  349.032296][ T9378] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  349.864642][   T30] audit: type=1400 audit(1752179610.756:584): avc:  denied  { ioctl } for  pid=9393 comm="syz.2.841" path="socket:[22889]" dev="sockfs" ino=22889 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  350.363488][ T9403] trusted_key: encrypted_key: key user:syz not found
[  351.041877][ T5151] Bluetooth: hci4: command 0x0419 tx timeout
[  351.085605][ T5151] Bluetooth: hci5: command 0x0c1a tx timeout
[  351.091722][ T5832] Bluetooth: hci0: command 0x0405 tx timeout
[  353.151961][ T9433] netlink: 'syz.3.851': attribute type 10 has an invalid length.
[  353.290611][ T9436] sctp_transport_update_pmtu: 47 callbacks suppressed
[  353.290625][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.322508][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.387661][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.401522][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.416490][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.441086][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.451775][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.464337][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.496679][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.512844][ T9436] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  353.903743][ T9447] trusted_key: encrypted_key: key user:syz not found
[  354.759562][ T9456] sp0: Synchronizing with TNC
[  354.808350][ T9456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.860'.
[  355.322192][   T30] audit: type=1400 audit(1752179616.136:585): avc:  denied  { read } for  pid=9458 comm="syz.0.862" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  356.255521][   T30] audit: type=1400 audit(1752179616.136:586): avc:  denied  { open } for  pid=9458 comm="syz.0.862" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  356.827430][   T30] audit: type=1400 audit(1752179617.716:587): avc:  denied  { execute_no_trans } for  pid=9481 comm="syz.2.868" path="/187/file0" dev="tmpfs" ino=997 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  357.231001][ T9495] FAULT_INJECTION: forcing a failure.
[  357.231001][ T9495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.244133][ T9495] CPU: 1 UID: 0 PID: 9495 Comm: syz.0.870 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  357.244150][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  357.244156][ T9495] Call Trace:
[  357.244159][ T9495]  <TASK>
[  357.244163][ T9495]  dump_stack_lvl+0x16c/0x1f0
[  357.244183][ T9495]  should_fail_ex+0x512/0x640
[  357.244198][ T9495]  _copy_from_user+0x2e/0xd0
[  357.244214][ T9495]  memdup_user+0x6b/0xe0
[  357.244228][ T9495]  strndup_user+0x78/0xe0
[  357.244242][ T9495]  __x64_sys_mount+0x180/0x310
[  357.244258][ T9495]  ? __pfx___x64_sys_mount+0x10/0x10
[  357.244279][ T9495]  do_syscall_64+0xcd/0x4c0
[  357.244295][ T9495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.244306][ T9495] RIP: 0033:0x7f6522f8e929
[  357.244315][ T9495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.244325][ T9495] RSP: 002b:00007f6523d53038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  357.244335][ T9495] RAX: ffffffffffffffda RBX: 00007f65231b6160 RCX: 00007f6522f8e929
[  357.244341][ T9495] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 00002000000000c0
[  357.244347][ T9495] RBP: 00007f6523d53090 R08: 0000000000000000 R09: 0000000000000000
[  357.244353][ T9495] R10: 0000000000004080 R11: 0000000000000246 R12: 0000000000000001
[  357.244359][ T9495] R13: 0000000000000000 R14: 00007f65231b6160 R15: 00007ffd56dc7d68
[  357.244371][ T9495]  </TASK>
[  360.682758][   T30] audit: type=1400 audit(1752179621.236:588): avc:  denied  { ioctl } for  pid=9531 comm="syz.0.880" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  363.531738][ T5868] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  363.798131][ T5868] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  363.821178][ T9570] trusted_key: encrypted_key: key user:syz not found
[  363.840889][ T5868] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  363.919567][ T5868] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  363.968192][ T5868] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.056665][ T9562] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  364.079866][ T5868] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  364.299077][ T9562] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[  364.305630][ T9562] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  364.323884][ T9562] vhci_hcd vhci_hcd.0: Device attached
[  365.006062][   T30] audit: type=1400 audit(1752179625.906:589): avc:  denied  { ioctl } for  pid=9558 comm="syz.6.886" path="mnt:[4026532814]" dev="nsfs" ino=4026532814 ioctlcmd=0x940c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  365.036166][ T5868] usb 45-1: new high-speed USB device number 2 using vhci_hcd
[  365.084578][ T9586] sctp_transport_update_pmtu: 105 callbacks suppressed
[  365.084592][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.101973][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.112493][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.123130][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.133379][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.143653][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.153907][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.174416][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.184783][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.195179][ T9586] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  365.353729][ T9574] vhci_hcd: connection reset by peer
[  365.364180][ T1330] vhci_hcd: stop threads
[  365.368478][ T1330] vhci_hcd: release socket
[  365.397884][ T1330] vhci_hcd: disconnect device
[  365.424131][ T5895] usb 7-1: USB disconnect, device number 4
[  365.724497][ T9594] netlink: 'syz.2.893': attribute type 9 has an invalid length.
[  365.747461][   T30] audit: type=1400 audit(1752179626.536:590): avc:  denied  { getopt } for  pid=9590 comm="syz.2.893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  366.688306][ T9605] netlink: 4 bytes leftover after parsing attributes in process `syz.5.894'.
[  366.700625][   T30] audit: type=1400 audit(1752179627.586:591): avc:  denied  { shutdown } for  pid=9599 comm="syz.5.894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  368.333875][ T9620] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  368.350105][ T9620] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  368.437405][ T9631] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  368.465656][ T9620] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  368.503383][   T30] audit: type=1326 audit(1752179629.376:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9627 comm="syz.0.901" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6522f8e929 code=0x0
[  368.620455][ T9628] IPVS: stopping backup sync thread 9631 ...
[  368.987255][ T9637] trusted_key: encrypted_key: key user:syz not found
[  370.120937][ T9645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.166180][ T9645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.263036][ T9645] IPVS: stopping master sync thread 9650 ...
[  370.264809][ T9650] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  370.375383][ T5151] Bluetooth: hci5: command 0x0c1a tx timeout
[  370.380953][ T5832] Bluetooth: hci4: command 0x0419 tx timeout
[  370.381657][ T5868] vhci_hcd: vhci_device speed not set
[  370.593099][ T5832] Bluetooth: hci0: command 0x0405 tx timeout
[  372.677560][ T9682] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  372.871525][ T9690] netlink: 12 bytes leftover after parsing attributes in process `syz.2.919'.
[  372.894940][ T9692] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  373.232585][ T9695] lo speed is unknown, defaulting to 1000
[  373.246332][ T9695] lo speed is unknown, defaulting to 1000
[  374.508581][ T9711] netlink: 12 bytes leftover after parsing attributes in process `syz.2.924'.
[  374.953427][ T9716] sctp_transport_update_pmtu: 48 callbacks suppressed
[  374.953449][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  374.971568][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  374.982727][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  374.996489][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  375.007558][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  375.018603][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  375.029703][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  375.040802][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  375.051922][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  375.063056][ T9716] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  376.660811][ T9719] delete_channel: no stack
[  377.251769][   T24] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  377.501422][   T24] usb 3-1: Using ep0 maxpacket: 32
[  377.531823][   T24] usb 3-1: config 0 has an invalid interface number: 146 but max is 0
[  377.570046][   T24] usb 3-1: config 0 has no interface number 0
[  377.592577][   T24] usb 3-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  377.636039][   T24] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  377.778379][   T24] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  377.847786][   T24] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  377.867875][   T24] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  377.879702][   T24] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  377.889792][   T24] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  377.899907][   T24] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 29440, setting to 1024
[  377.911742][   T24] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  377.921893][   T24] usb 3-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  378.212554][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  378.236149][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  378.249423][   T24] usb 3-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  378.259553][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.271678][   T24] usb 3-1: Product: syz
[  378.278068][   T24] usb 3-1: Manufacturer: syz
[  378.286024][   T24] usb 3-1: SerialNumber: syz
[  378.423090][   T24] usb 3-1: config 0 descriptor??
[  378.474485][ T9731] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  378.481847][ T9731] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  378.603300][   T24] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  378.703722][ T9731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.931'.
[  378.712531][ T9731] netlink: 4 bytes leftover after parsing attributes in process `syz.2.931'.
[  378.864408][   T24] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  378.866987][ T9748] netlink: 12 bytes leftover after parsing attributes in process `syz.5.936'.
[  378.873364][ T9731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.931'.
[  378.904881][ T9731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.931'.
[  378.928544][   T24] scsi host1: microtekX6
[  378.951145][   T24] usb 3-1: USB disconnect, device number 22
[  378.963315][   T95] microtek usb (rev 0.4.3): error -19 submitting URB
[  379.276468][   T95] microtek usb (rev 0.4.3): error -19 submitting URB
[  379.497243][   T95] microtek usb (rev 0.4.3): error -19 submitting URB
[  381.162606][ T9770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.337473][ T9770] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  381.444738][ T9781] netlink: 32 bytes leftover after parsing attributes in process `syz.2.942'.
[  381.834728][ T9770] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  381.841268][ T9770] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  381.881364][ T9770] vhci_hcd vhci_hcd.0: Device attached
[  382.592722][ T9778] vhci_hcd: connection closed
[  382.602428][ T6860] vhci_hcd: stop threads
[  382.611731][ T6860] vhci_hcd: release socket
[  382.616460][ T6860] vhci_hcd: disconnect device
[  383.308875][ T9801] sp0: Synchronizing with TNC
[  383.442293][ T9801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.948'.
[  384.987340][ T9823] netlink: 32 bytes leftover after parsing attributes in process `syz.0.955'.
[  386.426874][ T9832] netlink: 8 bytes leftover after parsing attributes in process `syz.5.959'.
[  386.456227][ T9832] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  387.090401][ T9842] sp0: Synchronizing with TNC
[  387.138644][ T9842] netlink: 8 bytes leftover after parsing attributes in process `syz.5.962'.
[  387.905287][   T31] INFO: task kworker/0:3:5875 blocked for more than 143 seconds.
[  387.918477][   T31]       Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0
[  387.929765][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  387.938970][   T31] task:kworker/0:3     state:D stack:22824 pid:5875  tgid:5875  ppid:2      task_flags:0x4208060 flags:0x00004000
[  387.974601][   T31] Workqueue: usb_hub_wq hub_event
[  387.980074][   T31] Call Trace:
[  387.986627][   T31]  <TASK>
[  388.005716][   T31]  __schedule+0x116a/0x5de0
[  388.040183][   T31]  ? __pfx___schedule+0x10/0x10
[  388.071071][   T31]  ? find_held_lock+0x2b/0x80
[  388.089823][   T31]  ? schedule+0x2d7/0x3a0
[  388.094307][   T31]  schedule+0xe7/0x3a0
[  388.098718][   T31]  schedule_timeout+0x257/0x290
[  388.106015][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  388.112139][   T31]  ? mark_held_locks+0x49/0x80
[  388.117106][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  388.127541][   T31]  __wait_for_common+0x2fc/0x4e0
[  388.143807][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  388.149746][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  388.164390][   T31]  ? __pfx_device_del+0x10/0x10
[  388.169404][   T31]  ? kobject_put+0xab/0x5a0
[  388.174601][   T31]  i2c_del_adapter+0x546/0x6f0
[  388.179584][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  388.187961][   T31]  ? kfree+0x2b4/0x4d0
[  388.192773][   T31]  ? media_device_cleanup+0x53/0x80
[  388.198068][   T31]  ? dvb_usbv2_exit.isra.0+0x3c6/0x9f0
[  388.206536][   T31]  dvb_usbv2_exit.isra.0+0x45b/0x9f0
[  388.212494][   T31]  dvb_usbv2_probe+0x1f61/0x3e50
[  388.217654][   T31]  ? __pfx_dvb_usbv2_probe+0x10/0x10
[  388.226137][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  388.231501][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  388.247437][   T31]  ? __pm_runtime_set_status+0x13c/0xa80
[  388.262802][   T31]  usb_probe_interface+0x303/0x9c0
[  388.280499][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  388.292867][   T31]  really_probe+0x23e/0xa90
[  388.297489][   T31]  __driver_probe_device+0x1de/0x440
[  388.303006][   T31]  driver_probe_device+0x4c/0x1b0
[  388.308058][   T31]  __device_attach_driver+0x1df/0x310
[  388.313468][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  388.319417][   T31]  bus_for_each_drv+0x156/0x1e0
[  388.324405][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  388.329787][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  388.335005][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  388.340811][   T31]  __device_attach+0x1e4/0x4b0
[  388.345730][   T31]  ? __pfx___device_attach+0x10/0x10
[  388.351024][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  388.356243][   T31]  bus_probe_device+0x17f/0x1c0
[  388.361078][   T31]  device_add+0x1148/0x1a70
[  388.369321][   T31]  ? __pfx_device_add+0x10/0x10
[  388.374381][   T31]  usb_set_configuration+0x1187/0x1e20
[  388.379848][   T31]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  388.385946][   T31]  usb_generic_driver_probe+0xb1/0x110
[  388.391393][   T31]  usb_probe_device+0xef/0x3e0
[  388.396210][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  388.401574][   T31]  really_probe+0x23e/0xa90
[  388.406130][   T31]  __driver_probe_device+0x1de/0x440
[  388.411436][   T31]  ? usb_driver_applicable+0x1c7/0x220
[  388.416946][   T31]  driver_probe_device+0x4c/0x1b0
[  388.422015][   T31]  __device_attach_driver+0x1df/0x310
[  388.427400][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  388.433351][   T31]  bus_for_each_drv+0x156/0x1e0
[  388.438207][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  388.443700][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  388.448889][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  388.454855][   T31]  __device_attach+0x1e4/0x4b0
[  388.459649][   T31]  ? __pfx___device_attach+0x10/0x10
[  388.464950][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  388.470133][   T31]  bus_probe_device+0x17f/0x1c0
[  388.475053][   T31]  device_add+0x1148/0x1a70
[  388.479560][   T31]  ? __pfx_device_add+0x10/0x10
[  388.484632][   T31]  ? add_device_randomness+0xb7/0xf0
[  388.489992][   T31]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  388.495907][   T31]  usb_new_device+0xd07/0x1a20
[  388.500673][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[  388.505696][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  388.510891][   T31]  ? mark_held_locks+0x49/0x80
[  388.515684][   T31]  hub_event+0x2eb7/0x4fa0
[  388.520115][   T31]  ? __pfx_hub_event+0x10/0x10
[  388.525451][   T31]  ? vdso_join_timens+0x220/0x250
[  388.530526][   T31]  ? rcu_is_watching+0x12/0xc0
[  388.535724][   T31]  process_one_work+0x9cf/0x1b70
[  388.540841][   T31]  ? __pfx_hcd_resume_work+0x10/0x10
[  388.546133][   T31]  ? __pfx_process_one_work+0x10/0x10
[  388.551498][   T31]  ? assign_work+0x1a0/0x250
[  388.556123][   T31]  worker_thread+0x6c8/0xf10
[  388.560703][   T31]  ? __kthread_parkme+0x19e/0x250
[  388.565871][   T31]  ? __pfx_worker_thread+0x10/0x10
[  388.570987][   T31]  kthread+0x3c5/0x780
[  388.575093][   T31]  ? __pfx_kthread+0x10/0x10
[  388.579676][   T31]  ? rcu_is_watching+0x12/0xc0
[  388.584552][   T31]  ? __pfx_kthread+0x10/0x10
[  388.589139][   T31]  ret_from_fork+0x5d7/0x6f0
[  388.593775][   T31]  ? __pfx_kthread+0x10/0x10
[  388.598387][   T31]  ret_from_fork_asm+0x1a/0x30
[  388.603213][   T31]  </TASK>
[  388.606263][   T31] 
[  388.606263][   T31] Showing all locks held in the system:
[  388.614006][   T31] 1 lock held by khungtaskd/31:
[  388.619111][   T31]  #0: ffffffff8e5c4e80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  388.629025][   T31] 2 locks held by getty/5597:
[  388.633717][   T31]  #0: ffff888032a2f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  388.643498][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  388.653609][   T31] 4 locks held by udevd/5834:
[  388.658274][   T31]  #0: ffff8880345ca790 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0
[  388.667159][   T31]  #1: ffff888057c8a488 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  388.676606][   T31]  #2: ffff888057f421e8 (kn->active#26){.+.+}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  388.686134][   T31]  #3: ffff8880236d4198 (&dev->mutex){....}-{4:4}, at: product_show+0x26/0xa0
[  388.695081][   T31] 5 locks held by kworker/0:3/5875:
[  388.700278][   T31]  #0: ffff888143ef7948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  388.711115][   T31]  #1: ffffc90003367d10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  388.722405][   T31]  #2: ffff88814473c198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fa0
[  388.731373][   T31]  #3: ffff8880236d4198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  388.740613][   T31]  #4: ffff88807c51c160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  388.749871][   T31] 
[  388.752297][   T31] =============================================
[  388.752297][   T31] 
[  388.760704][   T31] NMI backtrace for cpu 0
[  388.760718][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  388.760739][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  388.760749][   T31] Call Trace:
[  388.760754][   T31]  <TASK>
[  388.760762][   T31]  dump_stack_lvl+0x116/0x1f0
[  388.760789][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  388.760809][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  388.760834][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  388.760854][   T31]  watchdog+0xf70/0x12c0
[  388.760878][   T31]  ? __pfx_watchdog+0x10/0x10
[  388.760896][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  388.760920][   T31]  ? __kthread_parkme+0x19e/0x250
[  388.760945][   T31]  ? __pfx_watchdog+0x10/0x10
[  388.760964][   T31]  kthread+0x3c5/0x780
[  388.760980][   T31]  ? __pfx_kthread+0x10/0x10
[  388.760998][   T31]  ? rcu_is_watching+0x12/0xc0
[  388.761020][   T31]  ? __pfx_kthread+0x10/0x10
[  388.761037][   T31]  ret_from_fork+0x5d7/0x6f0
[  388.761061][   T31]  ? __pfx_kthread+0x10/0x10
[  388.761078][   T31]  ret_from_fork_asm+0x1a/0x30
[  388.761108][   T31]  </TASK>
[  388.761114][   T31] Sending NMI from CPU 0 to CPUs 1:
[  388.879032][    C1] NMI backtrace for cpu 1
[  388.879046][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  388.879063][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  388.879071][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  388.879093][    C1] Code: fb 6b 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 03 e9 21 00 fb f4 <e9> 7c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  388.879106][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[  388.879117][    C1] RAX: 0000000001d20455 RBX: 0000000000000001 RCX: ffffffff8b882c79
[  388.879126][    C1] RDX: 0000000000000000 RSI: ffffffff8de3251e RDI: ffffffff8c158f60
[  388.879134][    C1] RBP: ffffed1003c5c488 R08: 0000000000000001 R09: ffffed10170a6645
[  388.879143][    C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001
[  388.879151][    C1] R13: ffff88801e2e2440 R14: ffffffff90a97f50 R15: 0000000000000000
[  388.879160][    C1] FS:  0000000000000000(0000) GS:ffff888124816000(0000) knlGS:0000000000000000
[  388.879174][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  388.879183][    C1] CR2: 0000200000032000 CR3: 0000000033275000 CR4: 00000000003526f0
[  388.879192][    C1] Call Trace:
[  388.879197][    C1]  <TASK>
[  388.879202][    C1]  default_idle+0x13/0x20
[  388.879220][    C1]  default_idle_call+0x6d/0xb0
[  388.879232][    C1]  do_idle+0x391/0x510
[  388.879250][    C1]  ? __pfx_do_idle+0x10/0x10
[  388.879266][    C1]  ? trace_sched_exit_tp+0x31/0x130
[  388.879285][    C1]  cpu_startup_entry+0x4f/0x60
[  388.879300][    C1]  start_secondary+0x21d/0x2b0
[  388.879318][    C1]  ? __pfx_start_secondary+0x10/0x10
[  388.879336][    C1]  common_startup_64+0x13e/0x148
[  388.879354][    C1]  </TASK>
[  388.880059][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  389.058823][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  389.070608][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  389.080649][   T31] Call Trace:
[  389.083911][   T31]  <TASK>
[  389.086827][   T31]  dump_stack_lvl+0x3d/0x1f0
[  389.091409][   T31]  panic+0x71c/0x800
[  389.095295][   T31]  ? __pfx___irq_work_queue_local+0x10/0x10
[  389.101205][   T31]  ? __pfx_panic+0x10/0x10
[  389.105649][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  389.111010][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  389.116978][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  389.122344][   T31]  ? watchdog+0xdda/0x12c0
[  389.126749][   T31]  ? watchdog+0xdcd/0x12c0
[  389.131151][   T31]  watchdog+0xdeb/0x12c0
[  389.135385][   T31]  ? __pfx_watchdog+0x10/0x10
[  389.140044][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  389.145233][   T31]  ? __kthread_parkme+0x19e/0x250
[  389.150245][   T31]  ? __pfx_watchdog+0x10/0x10
[  389.154906][   T31]  kthread+0x3c5/0x780
[  389.158955][   T31]  ? __pfx_kthread+0x10/0x10
[  389.163533][   T31]  ? rcu_is_watching+0x12/0xc0
[  389.168283][   T31]  ? __pfx_kthread+0x10/0x10
[  389.172855][   T31]  ret_from_fork+0x5d7/0x6f0
[  389.177434][   T31]  ? __pfx_kthread+0x10/0x10
[  389.182006][   T31]  ret_from_fork_asm+0x1a/0x30
[  389.186781][   T31]  </TASK>
[  389.189976][   T31] Kernel Offset: disabled
[  389.194288][   T31] Rebooting in 86400 seconds..