last executing test programs:

2m34.376524175s ago: executing program 0 (id=300):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32, @ANYBLOB="40002d800a00000002020202020200000a00000002020202020200000002020202020200000a0001000101010101010000e8a96ae1176dea97299f02c8a1ec22eb627815c12ea8f40a51f7c5d83847bb0d6a493a5c2f367aa34f989e5ec562bb88c6da95372800"/117], 0x5c}}, 0x0)

2m34.306340375s ago: executing program 0 (id=302):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c80), 0xffffffffffffffff)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_procfs(r3, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r2}})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x34, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x4}]}, 0x34}}, 0x4804)

2m34.248028787s ago: executing program 0 (id=303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x288, 0xffffffff, 0x98, 0x170, 0x0, 0xffffffff, 0xffffffff, 0x220, 0x220, 0x220, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@ip={@multicast1, @multicast2, 0x0, 0x0, 'vlan0\x00', 'syzkaller1\x00', {}, {}, 0x33}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x3, 0x4}, {0x4, 0x5, 0x4}, {0xffffffffffffffff, 0x6, 0x1}, 0x2b, 0x1000}}}, {{@ip={@private, @remote, 0x0, 0x0, 'batadv_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x20}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8) (async)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x288, 0xffffffff, 0x98, 0x170, 0x0, 0xffffffff, 0xffffffff, 0x220, 0x220, 0x220, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@ip={@multicast1, @multicast2, 0x0, 0x0, 'vlan0\x00', 'syzkaller1\x00', {}, {}, 0x33}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x3, 0x4}, {0x4, 0x5, 0x4}, {0xffffffffffffffff, 0x6, 0x1}, 0x2b, 0x1000}}}, {{@ip={@private, @remote, 0x0, 0x0, 'batadv_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x20}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8)
r1 = socket(0x1d, 0x2, 0x6)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x6a, 0x5, 0x20000000, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000100)=@ringbuf={{0x18, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0x9c}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m34.017060509s ago: executing program 0 (id=307):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
r1 = socket$inet6(0xa, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00'})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10000, 0xac)
openat(r2, &(0x7f0000000180)='./file0\x00', 0x301000, 0x68)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$pid(0x0, 0x0, 0x2007)
lsm_get_self_attr(0x64, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0x0, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000480)={0x0, 0x0, 0x9d, 0x7d, ""/125}, &(0x7f00000002c0)=0x9d, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="240000003d0007010000000000000800027c0000040000000c00018006000600800a00003d46682977bfd14ce13de545e7a5b2abf19e5bedd09da4efce02271e"], 0x24}}, 0xc000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000c855d33d00160000006ea668a09952df5f39ff700a959540cd813213edc5af01b3099058f6812bc106b87b26b7a7b205155c868705a67610b021aac80a419b2cd7a0692c74d85acd64e25573d47082d16807916cec4a4acc429a64a58cbda904"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='qnx6\x00', 0x8003, 0x0)
syz_clone(0x8d0c0c00, &(0x7f00000002c0)="eaa4562c2f3425ee2d2d9747c09f271c0be2bf30e182c55d78f4d4c96fc51d55406a6e99ec72a514dc224ee85e78eddee5d32972d253de42ea45b70d95075c8814ebe72eaa13766c6d2a3fcc277f879c85adfde098d8c960d2fa0100efba7e872260ea220697833a828fe987c40516a36d0ec99ca119bbf78f287ada15", 0x7d, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000240)="e9889c4ef4bdc6f9f02a4fd3de92aacac83cc5")

2m33.062978175s ago: executing program 0 (id=311):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000200)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x10, 0x0, @in6={0xa, 0x4e23, 0x8, @private0, 0x1}}}, 0x90)
ioctl(r0, 0x8b1a, &(0x7f0000000040))
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, &(0x7f0000000100)={[{@usrquota}]})
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
close(r1)
syz_clone(0xa080000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x200000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
close(0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r5, 0x3, 0xc6}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getresuid(&(0x7f00000000c0), &(0x7f0000000040), &(0x7f0000000080)=<r6=>0x0)
setresuid(0x0, r6, 0xffffffffffffffff)
r7 = getuid()
mount$pvfs2(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x1022000, &(0x7f00000002c0)={[{'\xaa\xaa\xaa\xaa\xaa'}, {',%'}, {'\xb5'}, {')'}, {'$'}, {'bridge_slave_0\x00'}, {'{.\\/$\xec{z'}], [{@euid_gt={'euid>', r6}}, {@smackfsroot={'smackfsroot', 0x3d, 'bridge_slave_0\x00'}}, {@pcr={'pcr', 0x3d, 0x2}}, {@fowner_lt={'fowner<', r7}}, {@measure}]})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r8, 0x8b1b, &(0x7f0000000040))

2m32.072372916s ago: executing program 0 (id=315):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b2a, &(0x7f0000000040))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x80000005, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r1, 0x8b2a, &(0x7f0000000040))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001280)={0x6c, r7, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @dev}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r9, @ANYBLOB="010000020c00fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r9, 0x10, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x51}, 0x20040040)
r10 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r10, &(0x7f0000000340)=[{&(0x7f0000000380)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

2m16.423706677s ago: executing program 32 (id=315):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b2a, &(0x7f0000000040))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x80000005, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r1, 0x8b2a, &(0x7f0000000040))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001280)={0x6c, r7, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @dev}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r9, @ANYBLOB="010000020c00fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r9, 0x10, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x51}, 0x20040040)
r10 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r10, &(0x7f0000000340)=[{&(0x7f0000000380)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

2m13.573538594s ago: executing program 2 (id=388):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)=<r2=>0x0)
fcntl$setownex(r1, 0xf, &(0x7f00000001c0)={0x1, r2})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0700000004000000880000002b000000801100004771c8a627ca0c9195a9217f27b44b985017cfcd10b7835171374bc48b4414c45270cb62bf38e08a1692845b81066c987d1b2b4af43c93ac4b581aeff8f45e644b9076d3cd092fb45b5d761de18a9a2aaf526a51bd12300951b5c2c73c32ac559efa3840adad88c112adda8f3f472ade5f0be62b9f96ea3c9285940b8967f645064f722466f8c2369c2c32015999ef", @ANYRES32=r0, @ANYBLOB="fffffffe000000aa0600000000000000000000007e649b840a5ef7f00b42a58ba0dc07707d1ff0ceaee194d027be68ce725666af5239d5684cc4cfe68afe95f2257aedfad6768bd2df5f23e611e698eedfe4b1af969692935a42", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000c7fda0b5a413ff2a53a09800b0460000000028000000000000fe8aff"], 0x50)
chdir(0x0)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r4, 0x80045530, &(0x7f0000000400)=""/28)
sendfile(r4, r4, 0x0, 0x800000009)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x0)
tee(r5, r5, 0x7826, 0x6)
socket$isdn(0x22, 0x2, 0x0)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000d6000000000000"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000408500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='tlb_flush\x00', r8}, 0x10)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r9, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x7, 0x10000, 0x1, 0x0, 0x0, 0x2}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x13012, r9, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)={0x1c, r11, 0xe04d0c9680891391, 0x10, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x240080c3}, 0x20000180)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x14)
setsockopt$rose(r6, 0x104, 0x7, &(0x7f00000000c0)=0x6, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="00000000000000850000001b000000b70000ddcbd9d82d0945f300000000009500"/42], &(0x7f0000000140)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fcntl$getownex(r6, 0x10, &(0x7f0000000300))
r12 = creat(&(0x7f00000002c0)='./file0\x00', 0x60)
open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
write$binfmt_script(r12, &(0x7f0000000200)={'#! ', './file0', [{0x20, 'tlb_flush\x00'}, {}], 0xa, "0c30c727015db54054475919e9d02127439a79"}, 0x2a)

2m13.228140179s ago: executing program 2 (id=393):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002a000aec00000000ffdbdf"], 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
r1 = socket$inet6(0xa, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00'})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10000, 0xac)
openat(r2, &(0x7f0000000180)='./file0\x00', 0x301000, 0x68)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$pid(0x0, 0x0, 0x2007)
lsm_get_self_attr(0x64, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0x0, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000480)={0x0, 0x0, 0x9d, 0x7d, ""/125}, &(0x7f00000002c0)=0x9d, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="240000003d0007010000000000000800027c0000040000000c00018006000600800a00003d46682977bfd14ce13de545e7a5b2abf19e5bedd09da4efce02271e"], 0x24}}, 0xc000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000c855d33d00160000006ea668a09952df5f39ff700a959540cd813213edc5af01b3099058f6812bc106b87b26b7a7b205155c868705a67610b021aac80a419b2cd7a0692c74d85acd64e25573d47082d16807916cec4a4acc429a64a58cbda904"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='qnx6\x00', 0x8003, 0x0)
syz_clone(0x8d0c0c00, &(0x7f00000002c0)="eaa4562c2f3425ee2d2d9747c09f271c0be2bf30e182c55d78f4d4c96fc51d55406a6e99ec72a514dc224ee85e78eddee5d32972d253de42ea45b70d95075c8814ebe72eaa13766c6d2a3fcc277f879c85adfde098d8c960d2fa0100efba7e872260ea220697833a828fe987c40516a36d0ec99ca119bbf78f287ada15", 0x7d, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000240)="e9889c4ef4bdc6f9f02a4fd3de92aacac83cc5")

2m12.545547108s ago: executing program 2 (id=396):
socket$xdp(0x2c, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x180)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000200)={0x6, 0x8, 0x0, 'queue0\x00', 0x80000001}) (async)
mknod(&(0x7f0000000140)='./file0\x00', 0x8001420, 0x0) (async)
mount$nfs4(&(0x7f0000000100)='(+-)\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x1000000, 0x0) (async, rerun: 64)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0000000104010100000000000000000a0000070800054080000001050001"], 0x2c}}, 0x24)
r4 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) (async)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r4) (async)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r4}) (async, rerun: 32)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000600)=""/81}) (rerun: 32)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000580)) (async)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r5, &(0x7f0000007640)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x7}], 0x2, 0x10122, 0x0) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000600), r5) (async)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000140)={0x1, r4}) (async, rerun: 32)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x20000) (rerun: 32)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz1\x00', 0x200002, 0x0)

2m12.056446562s ago: executing program 2 (id=397):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052f859ab5600000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x53, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffe9)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000000240)="b9ff03076804268c989e14f088a8657986dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
unshare(0x62040200)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x50)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x60200, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r3, 0x400448ca, 0x0)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0)
r8 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendfile(0xffffffffffffffff, r8, 0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000340)='system_u:object_r:policy_src_t:s0\x00', 0xffffffffffffffbc, 0x3)

2m9.551010619s ago: executing program 2 (id=412):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x5c}}, 0x0)

2m9.079094405s ago: executing program 2 (id=414):
r0 = socket$inet6(0xa, 0x2, 0x80000001)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x8, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040054)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x10, &(0x7f0000001480)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7000000}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0x21, 0x0, 0x0, 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x50)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}}, 0x40800)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

1m54.03640067s ago: executing program 33 (id=414):
r0 = socket$inet6(0xa, 0x2, 0x80000001)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x8, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040054)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x10, &(0x7f0000001480)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7000000}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0x21, 0x0, 0x0, 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x50)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}}, 0x40800)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

10.806889009s ago: executing program 6 (id=853):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
syz_open_dev$radio(0x0, 0x3, 0x2)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="1703000069000b00000000000000000000000000000000000800010001000000cf4b9be1ba2d418e7f8fd548198944ebfb02255b53330d9a0ba6c63406b52a931a8d4a6088044717ffa9f349a3aa8fa6cee6d356e810bb53eac002d0069031a34f60c37265487184205d5d55a743cf6e8b8dcbba7fc9f8e250c509ae7fcbca0737a809cec61061eb3deb403d9af8e2ed70828dfcadf0b16b975ba94cd1"], 0x20}}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r5=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
flistxattr(r0, &(0x7f0000000200)=""/72, 0x48)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="30000000000000002000000000000000d96e6c8d5e8508"], 0x30}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b33e0f32f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3cd3cedd01fdc59589ea6bacde1e40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7a7216f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe00000000000000000000000000fdba1133066c4a21a7149f32"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0)

10.324019382s ago: executing program 6 (id=856):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000040)={'filter\x00', 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc], 0x0, 0x0}, 0x78)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
r3 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r3, &(0x7f0000000000)={0x1d, r2}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x40044)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
prlimit64(0x0, 0x9, &(0x7f0000000180)={0x4, 0x1}, 0x0)
r5 = gettid()
rt_sigqueueinfo(r5, 0x21, &(0x7f0000001500))
connect$bt_l2cap(r4, &(0x7f0000000100)={0x1f, 0x0, @none}, 0xe)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r6, &(0x7f00000000c0)={0x1f, 0x0, @none, 0x12e7, 0x2}, 0xe)

9.149698617s ago: executing program 6 (id=861):
write$selinux_context(0xffffffffffffffff, &(0x7f0000000000)='system_u:object_r:sound_device_t:s0\x00', 0x24)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf, 0xffffffffffffff6e}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/vlan/vlan0\x00')
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000003c0)="5986", 0x2}, {&(0x7f00000001c0)="cee4933e97e88f8145e28180285fb03c97161ebd9c9d167eca08cb9c94060e1197231170b8b6dd00eb34094ae39cecb1e732f7bc108fd0917cb1eda42190f4d73424e70abddc5e80649f25ad7ede7b97a066805f8cd24c614d20fb91df122657ed79135c5bfea5737950a8f97cea2dbffdae6f661b42fd6a0cf3e25c22f0e43a183f6ac00085df1c5b52ab5bb7a61bbbcdb9339fcb3d13fadf6ce5b43611d9ee0a05036cf72882d108f412", 0xab}, {&(0x7f0000000400)="bb87f89b8e455420747421a534da8bf9e20bca7752e6acb23860f0c96b8b47d738b83d23312dc843dff5bf9414b3c9dbb5fffbd8fa11be95f9e3a6b591953ba1d5cbf249e1e10b66287789325d40e38bf2b76ae09c1d630124460635bf8648c04b86281103b43d3cd85d4783561af4bd519aa8576d1484918e13bed7b9c24e021e09c7ca4d6722ee76e880a76562c8c840434e74977e0854d6d947641a4d3d46efbafbf775c0848863cfe2ff10", 0xad}, {&(0x7f00000004c0)="bb7663afdd41a2f20d94fe911bec4a0a5f1c5a027e0d0585165f2df9bfbd863490dad384dbb7549bcf736680175427e5f545b827a957573eb338e668547157252543d0fb612bffc9beb56311a5d8cd1bb237372b033534f0d7ccf8ef95b4ca6598172c197550a419e3494316746c2205afba8d79fd87f2120d57140309eb478118d4e8a4", 0x84}], 0x4)
ioctl$SNAPSHOT_S2RAM(r1, 0x330b)
read$msr(r0, &(0x7f0000032680)=""/102384, 0x18ff0)
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_buf(r3, 0x6, 0x0, 0x0, &(0x7f0000000080))
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00'})
connect$can_bcm(r2, &(0x7f0000001ff0), 0x10)
sendmsg$can_raw(r2, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee000000000000ee004e2f9663a918fa1efd9b0b"}, 0x38}, 0xee}, 0x0)
creat(0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x310)
r4 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x2)
writev(r4, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {&(0x7f00000007c0)}, {&(0x7f0000000900), 0x4000}], 0xe)
syz_usb_connect(0x0, 0x3b, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ec13b2106d04d308280b0102030109022900010000000009046900000e01000008240201020205050724bffc010709030008240201070301"], 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x105, 0x4800003a, r5, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x71, 0x40000009, r6, 0x0)
open(&(0x7f0000000280)='.\x00', 0x0, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)

8.575594965s ago: executing program 4 (id=863):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x803, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x1100, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="740000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaabb000002000400d8928afb7028000008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r4], 0x74}}, 0x0)

7.652535805s ago: executing program 4 (id=864):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
syz_open_dev$radio(0x0, 0x3, 0x2)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="1703000069000b00000000000000000000000000000000000800010001000000cf4b9be1ba2d418e7f8fd548198944ebfb02255b53330d9a0ba6c63406b52a931a8d4a6088044717ffa9f349a3aa8fa6cee6d356e810bb53eac002d0069031a34f60c37265487184205d5d55a743cf6e8b8dcbba7fc9f8e250c509ae7fcbca0737a809cec61061eb3deb403d9af8e2ed70828dfcadf0b16b975ba94cd1"], 0x20}}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r4 = socket(0x15, 0x2, 0x5fd630ab)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
flistxattr(r0, &(0x7f0000000200)=""/72, 0x48)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
sendmsg$netlink(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="30000000000000002000000000000000d96e6c8d5e8508"], 0x30}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b33e0f32f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3cd3cedd01fdc59589ea6bacde1e40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7a7216f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe00000000000000000000000000fdba1133066c4a21a7149f32"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0)

7.243212449s ago: executing program 4 (id=866):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000004000000040000000200010000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYBLOB], 0x48)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x9, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x17)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000010c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$SIOCSIFHWADDR(r3, 0x89b1, &(0x7f00000000c0)={'vlan1\x00', @multicast})
move_pages(r2, 0x3, &(0x7f0000000100)=[&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000c57000/0x2000)=nil], &(0x7f00000001c0), &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x2)
capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000140)={0xe, 0xfff, 0x0, 0x80})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000480)={'ip6gre0\x00', <r6=>0x0, 0x29, 0x9, 0x7, 0x4, 0x56, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x80, 0x2, 0x2}})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000640)={&(0x7f0000000540)=ANY=[@ANYBLOB="d8000000", @ANYRES16=0x0, @ANYBLOB="ab0c28bd7000fddbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="bc00028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000300000808000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000005000300030000000800040076770000400001002600010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000200000008000600", @ANYRES32=r6, @ANYBLOB], 0xd8}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000000180)=""/11, 0xb}], 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6fe, @void, @value}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan1\x00'})
ioctl(r7, 0x8b1a, &(0x7f0000000040))

6.914412011s ago: executing program 5 (id=867):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x4, 0x0, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r2, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8000fb00)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000140), 0x101980, 0x0)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newqdisc={0x64, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x2}, {0xffff, 0x3}, {0x5}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0x7, 0x5}}, @TCA_RATE={0x6, 0x5, {0xa, 0x7}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x27339696}, @TCA_RATE={0x6, 0x5, {0x2, 0xc3}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x200040d1)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000180)={r6, 0x1, 0x6}, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x7, [@struct={0x5, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x4, 0x1, 0x8000}, {0x4, 0x2, 0x5}]}]}, {0x0, [0x5f, 0x0, 0x0, 0x4f, 0x2e]}}, 0x0, 0x43, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
socket$nl_rdma(0x10, 0x3, 0x14)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

6.407563882s ago: executing program 1 (id=868):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/43, 0x7ffff000}, {&(0x7f0000000480)=""/165, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2aa, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

6.106967857s ago: executing program 5 (id=869):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000200001002bbd7000ffdbdf250220240000000001030000000800010000000009080002"], 0x2c}}, 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r5 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000002c0)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r5, &(0x7f0000000040)={'full', 0x20, 0x100001, 0x20, 0x6}, 0x2f)
write$cgroup_pressure(r5, &(0x7f00000005c0)={'full', 0x20, 0x7, 0x20, 0x1}, 0x2f)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0xa1ff, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r8, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000300)={0x1d, r8, 0x3, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc0000003d0007010000000000000000017c00000400fc809c000180970006008013ea033c0c11848ec041f08650e24072df7567b75b151e2c742e9602b970e60ce2badc117fb20da63663dae62c18de6ecf3164489ef4b92f74ec33a07f9722e3b579eb5f178cf32ccf0293cf9d0bb0bd25bd6fb3a57b2f6b84802c0ec1a450dc9451339a4d258e2b3f22d67f2dff87181eafc2c1067cc6efb4e93a352b1d86855a1dfbd4aa9bf518a3ebd2119c000000000000000000000800028004001280"], 0xbc}, 0x1, 0x0, 0x0, 0x880}, 0x4c000)

6.105517689s ago: executing program 6 (id=870):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0x2, 0x4}, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000000201010400000000000000000a000101040002800c0019"], 0x24}, 0x1, 0x0, 0x0, 0x8800}, 0x80)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xb, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
close(0x3)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x80020001, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x4, 0x0, 0x0, 0x8, 0x0, 0x0, "0400"}, 0x20000, 0x1, {0x0}, 0x400000})
close(r4)
r5 = socket(0x10, 0x80803, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000340)={0x3, 0x7}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000200)='./file0/bus\x00', 0x11)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
acct(&(0x7f0000000300)='./file0/bus\x00')
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x8a200, 0x0)

5.183978642s ago: executing program 5 (id=871):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
syz_open_dev$radio(0x0, 0x3, 0x2)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r3 = socket(0x15, 0x2, 0x5fd630ab)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r5=>0x0})
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
flistxattr(r0, &(0x7f0000000200)=""/72, 0x48)

5.174473174s ago: executing program 3 (id=872):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x803, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x1100, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="740000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaabb000002000400d8928afb7028000008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r4], 0x74}}, 0x0)

5.087794288s ago: executing program 4 (id=873):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001480))
pselect6(0x40, &(0x7f0000000340)={0xd, 0xa3cd, 0x6, 0x7, 0x9, 0x9, 0x5, 0x1}, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, &(0x7f0000000280)={0x1c, &(0x7f0000000600)=ANY=[@ANYBLOB="001780"], 0x0, 0x0})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000040)={<r4=>0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
close_range(r4, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

4.091958926s ago: executing program 3 (id=874):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newtaction={0xfd, 0x30, 0xffff, 0x0, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE64={0x0, 0x8, 0xa9f}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x1}}]}, {0x4}, {0xfffffffffffffe92, 0x3}, {0xc, 0x8, {0x7}}}}]}]}, 0xcc}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
close(r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x4, 0x0, 0x4, 0x7, 0x0, @private1, @loopback, 0x1, 0x8, 0x7f, 0x8}})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000001c0)={0xa, 0x4e22}, 0x1c)
sendto$inet6(r8, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r8, 0x29, 0x36, &(0x7f0000000280)=ANY=[], 0x8)
close_range(r7, 0xffffffffffffffff, 0x0)
r9 = syz_open_pts(0xffffffffffffffff, 0x351000)
ioctl$F2FS_IOC_DEFRAGMENT(r9, 0xc010f508, &(0x7f0000000040)={0x0, 0x3})
sendmsg$nl_route_sched(r1, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)

3.915241493s ago: executing program 5 (id=875):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x40000, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x10000000, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

3.875879465s ago: executing program 1 (id=876):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
syz_open_dev$radio(0x0, 0x3, 0x2)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="1703000069000b00000000000000000000000000000000000800010001000000cf4b9be1ba2d418e7f8fd548198944ebfb02255b53330d9a0ba6c63406b52a931a8d4a6088044717ffa9f349a3aa8fa6cee6d356e810bb53eac002d0069031a34f60c37265487184205d5d55a743cf6e8b8dcbba7fc9f8e250c509ae7fcbca0737a809cec61061eb3deb403d9af8e2ed70828dfcadf0b16b975ba94cd1"], 0x20}}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r4 = socket(0x15, 0x2, 0x5fd630ab)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
flistxattr(r0, &(0x7f0000000200)=""/72, 0x48)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
sendmsg$netlink(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="30000000000000002000000000000000d96e6c8d5e8508"], 0x30}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b33e0f32f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3cd3cedd01fdc59589ea6bacde1e40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7a7216f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe00000000000000000000000000fdba1133066c4a21a7149f32"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0)

3.740263079s ago: executing program 5 (id=877):
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
socket$kcm(0x29, 0x5, 0x0)
ftruncate(r0, 0x82081fc)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14117e, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee6, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001440))
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioperm(0x0, 0x7, 0xffffffff)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r1, 0x0)
truncate(&(0x7f0000000080)='./bus\x00', 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x12e0, 0x1170, 0x1170, 0x1398, 0x0, 0x1170, 0x1398, 0x1398, 0x1398, 0x1398, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [], [], 'ip6tnl0\x00', 'veth0_to_hsr\x00', {}, {}, 0x6}, 0x0, 0x10d8, 0x1120, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x2, 0x0, 0x0, './cgroup.net/syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast2, 'netpci0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1340)
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x4, 0x13, &(0x7f0000001340)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.453371978s ago: executing program 3 (id=878):
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
unshare(0x8020000)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r3, 0x6, 0x15, 0x0, 0x0)
bind$nfc_llcp(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x1, 0x40000331}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x100, &(0x7f0000000100)=0x7, 0x0, 0x4)
ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
write$tcp_mem(r5, &(0x7f0000000000)={0x9, 0x2d, 0xfffffffffffffff9, 0x3a, 0x0, 0x2c}, 0x48)

2.219498542s ago: executing program 5 (id=879):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x1, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x5, 0x4, "abe763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f0000000600)=ANY=[@ANYBLOB="001780"], 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f00000001c0)={0x14, &(0x7f00000002c0)={0x40, 0x21, 0x4a, {0x4a, 0x10, "6e58aac8e01c0926c65f12ae765e91c8822a8b6e8d0ce6c56f50c289738cf22a21db38215cd33021a29c07f0153ea503d299a45f7b12eb33af32d098d21f9fe24ec2cb425c33fdfd"}}, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000640)={0x44, &(0x7f0000000740)={0x20, 0x13, 0xd6, "ae421107b0d7af328479e6b5788030146a031bca1d93c8b6661aeb86dbfe7626d8ca3a3be594981b7975491dbc1a124a1749875ae199faf480a3cecf03e0154b76e9aa9a3332262da8371a0e1af35099ee9440f28e2c9d9ac1baea82f11695d5403717cc7bcb18e41231ed095b91d4d8512ab66e139910bc19c59884fdd62c01bfb41291ee0225446e8509c1a79b8efc0aedfb78844e413c08d53cb7b6cdcd30e7d87da9222c3689f24d4c9402ab1fd4efaa35bcbdf8d5936b59ac17be22d965b205794b60a944af2b673a421816a4da04a7172f8de7"}, &(0x7f0000000240)={0x0, 0xa, 0x1}, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000380)={0x20, 0x80, 0x1c, {0x1, 0x2, 0x80000000, 0x3, 0x2, 0x51, 0x0, 0xf43, 0x5, 0x9, 0xffff, 0x3}}, &(0x7f0000000400)={0x20, 0x85, 0x4, 0xffff}, &(0x7f0000000440)={0x20, 0x83, 0x2}, &(0x7f0000000540)={0x20, 0x87, 0x2, 0x5}, &(0x7f0000000580)={0x20, 0x89, 0x2, 0x1}})
syz_usb_control_io(r0, 0x0, &(0x7f0000000e00)={0x84, &(0x7f0000000700)={0x40, 0x18, 0x4, "bb3fbf14"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000040)={<r1=>0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
close_range(r1, 0xffffffffffffffff, 0x0)

1.884844766s ago: executing program 1 (id=880):
r0 = socket$isdn_base(0x22, 0x3, 0x0)
bind$isdn_base(r0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

1.883745657s ago: executing program 4 (id=881):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x3, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000100), 0x1001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

1.379973415s ago: executing program 6 (id=882):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x3, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000100), 0x1001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

1.355483543s ago: executing program 4 (id=883):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x58, 0x0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x24, 0x51, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "174f1e863b"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}]]}, 0x58}}, 0x0)
r5 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
lseek(r4, 0x101, 0x2)
syz_usb_control_io(r5, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r5, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000c40)={0x84, &(0x7f0000000480)=ANY=[@ANYBLOB="601606"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r5, 0x0, &(0x7f0000000b40)={0x44, &(0x7f0000000440)={0x40, 0x1, 0x2, "b7e0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r5, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000380)={0x20, 0xf, 0x2, "64aa"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r5, 0x0, &(0x7f0000000fc0)={0x84, &(0x7f0000000a40)={0x20, 0x16, 0x2, "e83f"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
syz_emit_ethernet(0x7e, &(0x7f0000000280)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x40, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa1d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}, [@srh, @dstopts]}}}}}}}, 0x0)
setresuid(r6, r6, 0x0)
setreuid(r6, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x114, 0x30, 0xb, 0x0, 0x0, {}, [{0x100, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_gact={0xd0, 0x4, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1bd7, 0xffffffffffffffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8000, 0x81a, 0x5, 0x6a7, 0xf}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x4e7, 0xffffffffffffffff}}]}, {0x73, 0x6, "551e6c5a98d850b5a21a575d5a09a5eb56569b830a4619f597dea51b2509bd7cb34fd3b45fa2ea0eab8d570b69be76dd5cdb7857c7e944e004d75772bf78c38007c851ff8e6d0b1c99c680b3e9ec9641f070f5324494568bc27484f32571180bd822f71fca068d0b46b6c7c5af9263"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x114}}, 0x0)

1.251948485s ago: executing program 6 (id=884):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x62c00, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0xfffffffa)
r2 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r3 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r2)
writev(r3, &(0x7f0000000340)=[{&(0x7f0000000180)="5fb3bdbe681a17ca618162", 0xb}], 0x1)
r4 = syz_open_pts(r1, 0x20000)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_open_dev$loop(&(0x7f00000000c0), 0x477, 0x0)
ioctl$IOC_PR_PREEMPT_ABORT(r7, 0x401870cc, 0x0)
sendmsg$nl_generic(r6, 0x0, 0x40008d0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r8 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
sendmsg$sock(r8, &(0x7f0000000080)={&(0x7f00000002c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-arm64-ce\x00'}, 0xb4, 0x0}, 0x20008000)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[], 0x37)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r9, &(0x7f0000000080), 0x0}, 0x20)
read$msr(0xffffffffffffffff, &(0x7f0000019400)=""/102389, 0x18ff5)
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
write$input_event(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x2710}, 0x11, 0x1, 0x8000}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000140)={0x5, 0x4, 0x9fc9})
ioctl$TCFLSH(r4, 0x540b, 0x2)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)

1.22123272s ago: executing program 1 (id=885):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
syz_open_dev$radio(0x0, 0x3, 0x2)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="1703000069000b00000000000000000000000000000000000800010001000000cf4b9be1ba2d418e7f8fd548198944ebfb02255b53330d9a0ba6c63406b52a931a8d4a6088044717ffa9f349a3aa8fa6cee6d356e810bb53eac002d0069031a34f60c37265487184205d5d55a743cf6e8b8dcbba7fc9f8e250c509ae7fcbca0737a809cec61061eb3deb403d9af8e2ed70828dfcadf0b16b975ba94cd1"], 0x20}}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r3 = socket(0x15, 0x2, 0x5fd630ab)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r5=>0x0})
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
flistxattr(r0, &(0x7f0000000200)=""/72, 0x48)

1.124896727s ago: executing program 3 (id=886):
creat(&(0x7f0000000100)='./file0\x00', 0x0) (async)
syz_emit_ethernet(0x9a, &(0x7f0000000280)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x64, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x2, "6b92a13774ec4d0e9c7a8e7d7d3de18707fbab6e3dffd37a67ee45cc2f77f830", "8a1f80139a799182d6725599e25082f8", {"9c0819b1de901baa65999d34cec64ee8", "d2233a28ba87c0dd91c3baa08773528e"}}}}}}}}, 0x0) (async, rerun: 32)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) (rerun: 32)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0'])

699.640172ms ago: executing program 3 (id=887):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="0407ff"], 0x102)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(&(0x7f0000000300), 0x40, 0x1e7780)

674.405945ms ago: executing program 1 (id=888):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
read$FUSE(r1, &(0x7f0000003240)={0x2020}, 0x2020) (fail_nth: 5)

299.947887ms ago: executing program 3 (id=889):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
open(&(0x7f0000000280)='.\x00', 0x141180, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)
socket(0x200000000000011, 0x2, 0x80000000)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000b5403340861a22753635df0203010902120001000000000904"], 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000001000010026bd70000340000000000000", @ANYRES32=r2, @ANYBLOB="0000000045920500040016801400140074756e6c3000"/32], 0x38}, 0x1, 0x0, 0x0, 0x8041}, 0x62004080)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000006c0), r4)
sendmsg$NLBL_UNLABEL_C_STATICADD(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000002c0)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000ffdbdf2502"], 0x74}, 0x1, 0x0, 0x0, 0x4000014}, 0x20000010)
syz_usb_control_io(r1, 0x0, &(0x7f0000000040)={0x84, &(0x7f0000000240)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1e5458d7017b00000000000000028000000700000000000000", @ANYRES32, @ANYBLOB="00f1b655ac080000000000000030024fc11abcac430000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48)
syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x9, 0x0, 0x20, 0x7ffc0002}]})
r6 = memfd_create(&(0x7f0000000300)='-B\xd5NI\xc5j\x9a\b\x00\x00\x00\b\x84\xa2{\x00\v\x18\x004\xa6Ey\xdb\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xc83\x12\xd7\xdb\x93\xcc]x\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x81\x01\xe5\x98\r\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
dup(r6)
fanotify_init(0x1, 0x1)
syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10)

0s ago: executing program 1 (id=890):
bind(0xffffffffffffffff, &(0x7f0000000300)=@xdp={0x2c, 0x2, 0x0, 0x8}, 0x80)
utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)={0x7, 0x1})
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004100)=[{{0x0, 0x0, &(0x7f0000001b00), 0x0, 0x0, 0x0, 0x2004c894}}], 0x1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r1, 0xc0045103, &(0x7f0000000040))
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x16, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
ioctl$mixer_OSS_GETVERSION(r4, 0x80086303, &(0x7f0000000000))
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="06000000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="08000800000000000800020001000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40000)
creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r5, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x8fff5], 0x0, 0x0, 0x1f, 0x1}}, 0x3c)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_clone3(&(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f0000000000)=""/4105, 0x1009, 0x0, 0x0}, 0x56)

kernel console output (not intermixed with test programs):

' already present!
[  183.217226][ T7623] Cannot create hsr debugfs directory
[  183.309603][ T5896] usb 2-1: Using ep0 maxpacket: 16
[  183.316363][ T5896] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.327612][ T5896] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.358227][ T7623] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  183.371642][ T7623] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  183.387539][ T7623] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  183.398860][ T7623] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  183.405834][ T5896] usb 2-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  183.439788][ T5896] usb 2-1: config 0 interface 0 has no altsetting 0
[  183.446558][ T5896] usb 2-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  183.455736][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.490018][ T5896] usb 2-1: config 0 descriptor??
[  183.526856][ T7623] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.534132][ T7623] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.542471][ T7623] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.549557][ T7623] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.664602][ T7623] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.704083][ T7623] 8021q: adding VLAN 0 to HW filter on device team0
[  183.758512][  T724] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.775459][   T29] audit: type=1326 audit(1738321238.901:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7631 comm="syz.4.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  183.833442][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.840577][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.904096][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  183.911467][ T7640] tipc: Started in network mode
[  183.921084][ T7641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.930329][ T7640] tipc: Node identity 72d8101dfae6, cluster identity 4711
[  183.933871][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  183.939264][ T7640] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  183.954374][ T7641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.967839][ T5896] input: HID 0458:5010 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5010.0005/input/input13
[  183.987420][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  183.997676][ T7643] syzkaller0: entered promiscuous mode
[  184.007833][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  184.011785][ T7643] syzkaller0: entered allmulticast mode
[  184.028694][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  184.045572][ T7643] tipc: Resetting bearer <eth:syzkaller0>
[  184.046900][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  184.080411][ T5896] kye 0003:0458:5010.0005: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.1-1/input0
[  184.099380][ T5868] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  184.128281][ T7623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.139678][ T5868] usb 6-1: USB disconnect, device number 3
[  184.191029][ T5896] usb 2-1: USB disconnect, device number 16
[  184.216035][ T7640] netlink: 'syz.4.484': attribute type 4 has an invalid length.
[  184.239641][  T971] lo speed is unknown, defaulting to 1000
[  184.253832][ T7640] netlink: 'syz.4.484': attribute type 4 has an invalid length.
[  184.265240][  T971] lo speed is unknown, defaulting to 1000
[  184.283935][ T7640] tipc: Resetting bearer <eth:syzkaller0>
[  184.343249][ T5822] usb 4-1: USB disconnect, device number 13
[  184.691412][ T5833] Bluetooth: hci6: command tx timeout
[  184.990472][ T5896] tipc: Node number set to 2285768733
[  185.074022][ T7664] netlink: 64 bytes leftover after parsing attributes in process `syz.5.489'.
[  185.367050][   T29] audit: type=1400 audit(1738321240.491:441): avc:  denied  { create } for  pid=7661 comm="syz.1.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  185.649625][ T5896] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  185.839696][ T5896] usb 4-1: Using ep0 maxpacket: 32
[  185.854089][ T5896] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.864285][ T5896] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  185.903496][ T5896] usb 4-1: config 0 interface 0 has no altsetting 0
[  185.910214][ T5896] usb 4-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  185.919256][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.928813][ T5896] usb 4-1: config 0 descriptor??
[  186.146086][ T7666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.159231][ T7666] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.197971][ T5896] usbhid 4-1:0.0: can't add hid device: -71
[  186.206859][ T5896] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  186.223248][ T5896] usb 4-1: USB disconnect, device number 14
[  186.583239][ T7640] tipc: Disabling bearer <eth:syzkaller0>
[  186.772582][ T5833] Bluetooth: hci6: command tx timeout
[  186.778111][   T29] audit: type=1400 audit(1738321241.901:442): avc:  denied  { write } for  pid=7676 comm="syz.5.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  186.784461][ T7678] trusted_key: encrypted_key: insufficient parameters specified
[  186.800112][ T7623] veth0_vlan: entered promiscuous mode
[  186.820479][   T29] audit: type=1400 audit(1738321241.901:443): avc:  denied  { setopt } for  pid=7676 comm="syz.5.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  186.875989][ T7623] veth1_vlan: entered promiscuous mode
[  187.031330][ T7623] veth0_macvtap: entered promiscuous mode
[  187.037119][   T29] audit: type=1400 audit(1738321241.901:444): avc:  denied  { connect } for  pid=7676 comm="syz.5.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  187.062891][ T7682] net_ratelimit: 10 callbacks suppressed
[  187.062902][ T7682] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  187.081924][ T7623] veth1_macvtap: entered promiscuous mode
[  187.113411][   T29] audit: type=1400 audit(1738321241.901:445): avc:  denied  { bind } for  pid=7676 comm="syz.5.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  187.136641][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.338756][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.388149][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.472746][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.539122][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.614950][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.650989][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.678265][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.715441][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.745271][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.770355][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.799545][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.860720][ T7623] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.906921][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.935097][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.017634][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.058093][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.077096][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.106027][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.159569][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.175243][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.185260][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.205111][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.217509][ T7623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.269034][ T7623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.328099][ T7623] batman_adv: batadv0: Interface activated: batadv_slave_1
[  188.371147][ T7623] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.394528][   T29] audit: type=1400 audit(1738321243.521:446): avc:  denied  { bind } for  pid=7693 comm="syz.5.497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  188.421457][ T7623] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.430654][ T7623] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.440207][ T7623] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.869274][ T5833] Bluetooth: hci6: command tx timeout
[  189.220171][ T7694] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.341438][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.350114][   T29] audit: type=1326 audit(1738321244.481:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7689 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216418cda9 code=0x7fc00000
[  189.373273][ T6015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.373294][ T6015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.400834][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.558180][ T7712] FAULT_INJECTION: forcing a failure.
[  189.558180][ T7712] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.571686][ T7712] CPU: 0 UID: 0 PID: 7712 Comm: syz.1.502 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  189.571708][ T7712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  189.571717][ T7712] Call Trace:
[  189.571723][ T7712]  <TASK>
[  189.571729][ T7712]  dump_stack_lvl+0x16c/0x1f0
[  189.571751][ T7712]  should_fail_ex+0x50a/0x650
[  189.571779][ T7712]  _copy_from_user+0x2e/0xd0
[  189.571804][ T7712]  do_ipv6_setsockopt+0x956/0x4520
[  189.571821][ T7712]  ? __pfx_lock_release+0x10/0x10
[  189.571849][ T7712]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  189.571878][ T7712]  ? lockdep_hardirqs_on+0x7c/0x110
[  189.571904][ T7712]  ? __schedule+0x3c6a/0x5890
[  189.571940][ T7712]  ? __pfx___schedule+0x10/0x10
[  189.571963][ T7712]  ? lockdep_hardirqs_on+0x7c/0x110
[  189.571995][ T7712]  ? irqentry_exit+0x3b/0x90
[  189.572008][ T7712]  ? lockdep_hardirqs_on+0x7c/0x110
[  189.572034][ T7712]  ? ipv6_setsockopt+0xcb/0x170
[  189.572047][ T7712]  ipv6_setsockopt+0xcb/0x170
[  189.572063][ T7712]  tcp_setsockopt+0xa4/0x100
[  189.572089][ T7712]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  189.572113][ T7712]  do_sock_setsockopt+0x222/0x480
[  189.572136][ T7712]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  189.572160][ T7712]  ? lock_acquire+0x2f/0xb0
[  189.572193][ T7712]  __sys_setsockopt+0x1a0/0x230
[  189.572216][ T7712]  __x64_sys_setsockopt+0xbd/0x160
[  189.572233][ T7712]  ? do_syscall_64+0x91/0x250
[  189.572249][ T7712]  ? lockdep_hardirqs_on+0x7c/0x110
[  189.572274][ T7712]  do_syscall_64+0xcd/0x250
[  189.572292][ T7712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.572314][ T7712] RIP: 0033:0x7f6c8578cda9
[  189.572328][ T7712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.572344][ T7712] RSP: 002b:00007f6c86504038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  189.572359][ T7712] RAX: ffffffffffffffda RBX: 00007f6c859a6080 RCX: 00007f6c8578cda9
[  189.572370][ T7712] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000009
[  189.572380][ T7712] RBP: 00007f6c86504090 R08: 0000000000000020 R09: 0000000000000000
[  189.572389][ T7712] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  189.572399][ T7712] R13: 0000000000000000 R14: 00007f6c859a6080 R15: 00007ffe06e2fd88
[  189.572420][ T7712]  </TASK>
[  189.580983][ T7694] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.262237][ T7694] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.380498][ T7730] FAULT_INJECTION: forcing a failure.
[  190.380498][ T7730] name failslab, interval 1, probability 0, space 0, times 0
[  190.396112][ T7730] CPU: 0 UID: 0 PID: 7730 Comm: syz.1.505 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  190.396138][ T7730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  190.396147][ T7730] Call Trace:
[  190.396153][ T7730]  <TASK>
[  190.396160][ T7730]  dump_stack_lvl+0x16c/0x1f0
[  190.396183][ T7730]  should_fail_ex+0x50a/0x650
[  190.396206][ T7730]  ? fs_reclaim_acquire+0xae/0x150
[  190.396232][ T7730]  ? tomoyo_encode2+0x100/0x3e0
[  190.396253][ T7730]  should_failslab+0xc2/0x120
[  190.396272][ T7730]  __kmalloc_noprof+0xcb/0x510
[  190.396294][ T7730]  tomoyo_encode2+0x100/0x3e0
[  190.396318][ T7730]  tomoyo_encode+0x29/0x50
[  190.396339][ T7730]  tomoyo_mount_acl+0x314/0x880
[  190.396358][ T7730]  ? hlock_class+0x4e/0x130
[  190.396375][ T7730]  ? __lock_acquire+0x15a9/0x3c40
[  190.396402][ T7730]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  190.396427][ T7730]  ? __pfx___lock_acquire+0x10/0x10
[  190.396449][ T7730]  ? stack_trace_save+0x95/0xd0
[  190.396468][ T7730]  ? __pfx_lock_release+0x10/0x10
[  190.396503][ T7730]  ? trace_lock_acquire+0x14e/0x1f0
[  190.396522][ T7730]  ? tomoyo_mount_permission+0x149/0x420
[  190.396543][ T7730]  ? lock_acquire+0x2f/0xb0
[  190.396563][ T7730]  ? tomoyo_mount_permission+0x149/0x420
[  190.396586][ T7730]  tomoyo_mount_permission+0x16e/0x420
[  190.396613][ T7730]  ? tomoyo_mount_permission+0x149/0x420
[  190.396635][ T7730]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  190.396666][ T7730]  ? get_current_fs_domain+0x184/0x1f0
[  190.396695][ T7730]  security_sb_mount+0x9b/0x260
[  190.396716][ T7730]  path_mount+0x129/0x1f10
[  190.396736][ T7730]  ? kmem_cache_free+0x2e2/0x4d0
[  190.396750][ T7730]  ? __pfx_path_mount+0x10/0x10
[  190.396771][ T7730]  ? putname+0x13c/0x180
[  190.396792][ T7730]  __x64_sys_mount+0x28f/0x310
[  190.396810][ T7730]  ? __pfx___x64_sys_mount+0x10/0x10
[  190.396834][ T7730]  do_syscall_64+0xcd/0x250
[  190.396854][ T7730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.396877][ T7730] RIP: 0033:0x7f6c8578cda9
[  190.396890][ T7730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.396906][ T7730] RSP: 002b:00007f6c86504038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  190.396922][ T7730] RAX: ffffffffffffffda RBX: 00007f6c859a6080 RCX: 00007f6c8578cda9
[  190.396932][ T7730] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  190.396942][ T7730] RBP: 00007f6c86504090 R08: 0000000020000080 R09: 0000000000000000
[  190.396952][ T7730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  190.396961][ T7730] R13: 0000000000000000 R14: 00007f6c859a6080 R15: 00007ffe06e2fd88
[  190.396984][ T7730]  </TASK>
[  190.512117][ T7694] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.722770][   T29] audit: type=1400 audit(1738321245.821:448): avc:  denied  { write } for  pid=5174 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  190.876491][   T29] audit: type=1400 audit(1738321245.821:449): avc:  denied  { remove_name } for  pid=5174 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  190.919661][ T5833] Bluetooth: hci6: command tx timeout
[  190.991574][   T29] audit: type=1400 audit(1738321245.821:450): avc:  denied  { add_name } for  pid=5174 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  191.086775][ T7694] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.187187][ T7694] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.256954][ T7694] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.283113][ T7694] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.285661][ T7743] syz.6.510: attempt to access beyond end of device
[  191.285661][ T7743] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  191.718016][ T7748] lo speed is unknown, defaulting to 1000
[  191.844597][ T5868] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  192.009602][ T5868] usb 4-1: Using ep0 maxpacket: 16
[  192.016095][ T5868] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  192.024904][ T5868] usb 4-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  192.039905][ T5868] usb 4-1: config 0 has no interface number 0
[  192.051298][ T5868] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  192.060855][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.068828][ T5868] usb 4-1: Product: syz
[  192.077081][ T5868] usb 4-1: Manufacturer: syz
[  192.212874][ T5868] usb 4-1: SerialNumber: syz
[  192.404179][ T5868] usb 4-1: config 0 descriptor??
[  192.619332][ T5868] usb 4-1: Found UVC 0.00 device syz (046d:08d3)
[  192.628350][ T5868] usb 4-1: No valid video chain found.
[  192.646834][ T5868] usb 4-1: USB disconnect, device number 15
[  193.429009][   T29] audit: type=1400 audit(1738321248.551:451): avc:  denied  { mounton } for  pid=7758 comm="syz.1.515" path="/115/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  193.568559][   T29] audit: type=1400 audit(1738321248.561:452): avc:  denied  { read write } for  pid=7758 comm="syz.1.515" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  193.592406][   T29] audit: type=1400 audit(1738321248.561:453): avc:  denied  { open } for  pid=7758 comm="syz.1.515" path="/115/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  194.091689][ T5833] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  194.092819][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  194.119641][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  194.126217][   T29] audit: type=1800 audit(1738321249.171:454): pid=7765 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.516" name="bus" dev="tmpfs" ino=39 res=0 errno=0
[  194.176793][   T46] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  194.226508][   T29] audit: type=1400 audit(1738321249.341:455): avc:  denied  { unmount } for  pid=5817 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  194.430109][   T46] usb 5-1: Using ep0 maxpacket: 16
[  194.503288][   T46] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  194.548178][   T46] usb 5-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  194.734174][   T46] usb 5-1: config 0 has no interface number 0
[  194.799247][   T46] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  194.818652][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.839682][   T46] usb 5-1: Product: syz
[  194.962625][   T46] usb 5-1: Manufacturer: syz
[  195.137071][   T46] usb 5-1: SerialNumber: syz
[  195.153784][   T46] usb 5-1: config 0 descriptor??
[  195.333988][ T7779] netlink: 8 bytes leftover after parsing attributes in process `syz.6.520'.
[  195.342838][ T7779] openvswitch: netlink: Flow actions attr not present in new flow.
[  195.433669][ T7780] netlink: 20 bytes leftover after parsing attributes in process `syz.1.517'.
[  195.442642][ T7780] netlink: 20 bytes leftover after parsing attributes in process `syz.1.517'.
[  195.799875][   T46] usb 5-1: Found UVC 0.00 device syz (046d:08d3)
[  195.806258][   T46] usb 5-1: No valid video chain found.
[  195.859181][   T46] usb 5-1: USB disconnect, device number 18
[  196.550062][   T25] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  196.558197][ T7781] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  196.809599][   T25] usb 4-1: Using ep0 maxpacket: 32
[  196.814932][ T7781] usb 6-1: Using ep0 maxpacket: 32
[  196.844029][   T25] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  197.140740][ T7781] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  197.158967][ T7781] usb 6-1: config 0 has no interface number 0
[  197.165329][   T25] usb 4-1: config 0 has no interface number 0
[  197.176048][ T7781] usb 6-1: config 0 interface 184 has no altsetting 0
[  197.189816][   T25] usb 4-1: config 0 interface 184 has no altsetting 0
[  197.206257][   T25] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  197.219375][ T7781] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  197.243363][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.251724][ T7781] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.267890][ T7809] netlink: 20 bytes leftover after parsing attributes in process `syz.1.530'.
[  197.277221][   T25] usb 4-1: Product: syz
[  197.284693][ T7781] usb 6-1: Product: syz
[  197.288869][ T7781] usb 6-1: Manufacturer: syz
[  197.299629][   T25] usb 4-1: Manufacturer: syz
[  197.304248][   T25] usb 4-1: SerialNumber: syz
[  197.316866][ T7781] usb 6-1: SerialNumber: syz
[  197.330282][ T7781] usb 6-1: config 0 descriptor??
[  197.340884][ T7781] smsc75xx v1.0.0
[  197.344926][   T25] usb 4-1: config 0 descriptor??
[  197.351672][   T25] smsc75xx v1.0.0
[  197.399621][ T5868] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  197.559595][ T5868] usb 5-1: Using ep0 maxpacket: 16
[  197.592483][ T5868] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  197.613624][ T5868] usb 5-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  197.648048][ T5868] usb 5-1: config 0 has no interface number 0
[  198.067915][ T5868] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  198.085919][ T5868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.095400][ T5868] usb 5-1: Product: syz
[  198.101027][ T5868] usb 5-1: Manufacturer: syz
[  198.106695][ T5868] usb 5-1: SerialNumber: syz
[  198.113366][ T5868] usb 5-1: config 0 descriptor??
[  198.321104][ T7781] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  198.519762][ T7781] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  198.706677][ T7781] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  198.722434][ T7781] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  198.732667][ T7781] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  198.744661][ T7781] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  198.756617][ T7781] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  198.830407][ T5868] usb 5-1: Found UVC 0.00 device syz (046d:08d3)
[  198.833886][ T7781] usb 6-1: USB disconnect, device number 4
[  198.837216][ T5868] usb 5-1: No valid video chain found.
[  198.955215][ T7826] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  199.169967][   T25] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  200.373363][   T25] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  200.705814][ T5868] usb 5-1: USB disconnect, device number 19
[  200.709571][   T25] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  200.761871][   T25] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  200.794969][   T25] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  200.928019][   T25] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  201.056759][   T25] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  201.186218][ T7839] netlink: 8 bytes leftover after parsing attributes in process `syz.5.536'.
[  201.195082][ T7839] openvswitch: netlink: Flow actions attr not present in new flow.
[  201.371991][   T25] usb 4-1: USB disconnect, device number 16
[  201.430596][    T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  201.740870][    T8] usb 7-1: device descriptor read/64, error -71
[  201.775420][ T7845] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7845 comm=syz.1.541
[  201.820726][   T29] audit: type=1400 audit(1738321256.941:456): avc:  denied  { read } for  pid=7844 comm="syz.1.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  201.887483][ T7846] syz.3.539: attempt to access beyond end of device
[  201.887483][ T7846] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  202.394664][   T29] audit: type=1400 audit(1738321257.521:457): avc:  denied  { write } for  pid=7855 comm="syz.1.545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  202.700202][   T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  202.760011][ T5868] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  202.999769][   T25] usb 2-1: Using ep0 maxpacket: 8
[  203.090790][ T5868] usb 5-1: Using ep0 maxpacket: 32
[  203.091884][   T25] usb 2-1: config index 0 descriptor too short (expected 62738, got 18)
[  203.091907][   T25] usb 2-1: config 5 has an invalid interface number: 72 but max is -1
[  203.091927][   T25] usb 2-1: config 5 has 1 interface, different from the descriptor's value: 0
[  203.091946][   T25] usb 2-1: config 5 has no interface number 0
[  203.091966][   T25] usb 2-1: too many endpoints for config 5 interface 72 altsetting 250: 254, using maximum allowed: 30
[  203.091991][   T25] usb 2-1: config 5 interface 72 altsetting 250 has 0 endpoint descriptors, different from the interface descriptor's value: 254
[  203.092015][   T25] usb 2-1: config 5 interface 72 has no altsetting 0
[  203.093002][ T5868] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  203.093023][ T5868] usb 5-1: config 0 has no interface number 0
[  203.093131][ T5868] usb 5-1: config 0 interface 184 has no altsetting 0
[  203.093612][   T25] usb 2-1: New USB device found, idVendor=1b3d, idProduct=01cd, bcdDevice= 8.00
[  203.093635][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.093653][   T25] usb 2-1: Product: syz
[  203.093668][   T25] usb 2-1: Manufacturer: syz
[  203.093680][   T25] usb 2-1: SerialNumber: syz
[  203.097605][ T5868] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  203.097630][ T5868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.097643][ T5868] usb 5-1: Product: syz
[  203.097652][ T5868] usb 5-1: Manufacturer: syz
[  203.097659][ T5868] usb 5-1: SerialNumber: syz
[  203.098872][ T5868] usb 5-1: config 0 descriptor??
[  203.101913][ T5868] smsc75xx v1.0.0
[  203.154971][ T7858] lo speed is unknown, defaulting to 1000
[  203.478631][   T25] ftdi_sio 2-1:5.72: FTDI USB Serial Device converter detected
[  203.510730][   T25] usb 2-1: Detected FT4232H
[  203.528556][   T25] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  203.557505][   T25] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  203.570377][   T25] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  203.586116][   T25] usb 2-1: USB disconnect, device number 17
[  203.620994][   T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  203.646033][   T25] ftdi_sio 2-1:5.72: device disconnected
[  203.679853][    T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  203.850912][ T5867] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  203.869674][    T8] usb 6-1: Using ep0 maxpacket: 16
[  203.876042][    T8] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  203.887680][    T8] usb 6-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  204.336928][ T5868] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  204.348171][   T29] audit: type=1800 audit(1738321259.411:458): pid=7881 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.550" name="bus" dev="tmpfs" ino=72 res=0 errno=0
[  204.370371][    T8] usb 6-1: config 0 has no interface number 0
[  204.376526][ T5868] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  204.386883][ T5868] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  204.403862][ T5868] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  204.414965][ T5868] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  204.425698][ T5868] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  204.435444][    T8] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  204.447359][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.500651][ T5867] usb 4-1: Using ep0 maxpacket: 32
[  204.514099][ T7886] netlink: 20 bytes leftover after parsing attributes in process `syz.4.551'.
[  204.523193][ T7886] netlink: 20 bytes leftover after parsing attributes in process `syz.4.551'.
[  204.560794][ T5868] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  204.569565][    T8] usb 6-1: Product: syz
[  204.573734][    T8] usb 6-1: Manufacturer: syz
[  204.578323][    T8] usb 6-1: SerialNumber: syz
[  204.586234][ T5868] usb 5-1: USB disconnect, device number 20
[  204.597251][    T8] usb 6-1: config 0 descriptor??
[  204.890878][ T5867] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  204.969813][ T5867] usb 4-1: config 0 has no interface number 0
[  205.198777][ T5867] usb 4-1: config 0 interface 184 has no altsetting 0
[  205.223593][ T5867] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  205.235482][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.254598][ T5867] usb 4-1: Product: syz
[  205.260122][ T5867] usb 4-1: Manufacturer: syz
[  205.267822][ T5867] usb 4-1: SerialNumber: syz
[  205.295682][ T5867] usb 4-1: config 0 descriptor??
[  205.306672][ T5867] smsc75xx v1.0.0
[  205.524229][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.553'.
[  205.533149][ T7897] openvswitch: netlink: Flow actions attr not present in new flow.
[  205.701192][    T8] usb 6-1: Found UVC 0.00 device syz (046d:08d3)
[  205.708616][    T8] usb 6-1: No valid video chain found.
[  205.750090][    T8] usb 6-1: USB disconnect, device number 5
[  206.393488][ T7910] qnx6: unable to read the first superblock
[  206.452877][   T29] audit: type=1326 audit(1738321261.581:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7892 comm="syz.6.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c82d8cda9 code=0x7fc00000
[  206.539630][ T5822] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  206.829614][ T5822] usb 5-1: Using ep0 maxpacket: 32
[  206.837421][ T5822] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.866254][ T5822] usb 5-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  207.437829][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  207.459738][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.464810][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  207.494557][ T5822] usb 5-1: Product: syz
[  207.498624][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  207.515210][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  207.525048][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  207.526258][ T5822] usb 5-1: Manufacturer: syz
[  207.535459][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  207.535573][ T5867] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  207.639969][ T5822] usb 5-1: SerialNumber: syz
[  207.724829][ T5867] usb 4-1: USB disconnect, device number 17
[  207.727291][ T5822] usb 5-1: config 0 descriptor??
[  207.771702][ T5822] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out.
[  208.740334][ T5867] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  209.966003][   T29] audit: type=1800 audit(1738321265.091:460): pid=7942 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.565" name="bus" dev="tmpfs" ino=673 res=0 errno=0
[  210.019857][ T5867] usb 6-1: Using ep0 maxpacket: 32
[  210.034655][ T5867] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  210.568291][ T5867] usb 6-1: config 0 has no interface number 0
[  210.568516][ T5822] usb 5-1: USB disconnect, device number 21
[  210.575042][ T5867] usb 6-1: config 0 interface 184 has no altsetting 0
[  210.589395][ T5867] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  210.600638][ T5867] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.608677][ T5867] usb 6-1: Product: syz
[  210.628652][ T5867] usb 6-1: Manufacturer: syz
[  210.644715][ T5867] usb 6-1: SerialNumber: syz
[  210.672877][ T5867] usb 6-1: config 0 descriptor??
[  210.713941][ T5867] smsc75xx v1.0.0
[  211.373290][ T5867] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  211.393232][ T5867] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  211.418931][ T5867] usb 6-1: USB disconnect, device number 6
[  211.509664][ T5896] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  211.601620][   T29] audit: type=1400 audit(1738321266.711:461): avc:  denied  { write } for  pid=7955 comm="syz.5.571" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  211.719854][ T5896] usb 5-1: Using ep0 maxpacket: 16
[  211.747933][ T5896] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  211.747959][ T5896] usb 5-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  211.747978][ T5896] usb 5-1: config 0 has no interface number 0
[  211.751633][ T5896] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  211.751658][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.751675][ T5896] usb 5-1: Product: syz
[  211.751690][ T5896] usb 5-1: Manufacturer: syz
[  211.751703][ T5896] usb 5-1: SerialNumber: syz
[  211.753223][ T5896] usb 5-1: config 0 descriptor??
[  211.881353][ T7963] 9pnet_fd: Insufficient options for proto=fd
[  211.888778][   T29] audit: type=1400 audit(1738321267.011:462): avc:  denied  { read } for  pid=7961 comm="syz.5.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  211.949856][ T5822] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  211.967923][ T5896] usb 5-1: Found UVC 0.00 device syz (046d:08d3)
[  211.967944][ T5896] usb 5-1: No valid video chain found.
[  211.970947][ T5896] usb 5-1: USB disconnect, device number 22
[  212.130524][ T5822] usb 4-1: Using ep0 maxpacket: 16
[  212.132482][ T5822] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  212.132515][ T5822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  212.132540][ T5822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  212.132560][ T5822] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  212.132582][ T5822] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  212.133423][ T5822] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  212.133445][ T5822] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  212.133464][ T5822] usb 4-1: Manufacturer: syz
[  212.161205][ T5822] usb 4-1: config 0 descriptor??
[  212.748085][ T5822] rc_core: IR keymap rc-hauppauge not found
[  212.774513][ T5822] Registered IR keymap rc-empty
[  212.800768][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  212.826135][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  212.866930][ T5822] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  212.894607][ T5822] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input14
[  212.913302][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  212.922566][   T25] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  212.938842][   T29] audit: type=1400 audit(1738321268.071:463): avc:  denied  { checkpoint_restore } for  pid=7972 comm="syz.1.577" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  212.979906][ T5896] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  213.015984][ T7976] FAULT_INJECTION: forcing a failure.
[  213.015984][ T7976] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.029471][ T7976] CPU: 0 UID: 0 PID: 7976 Comm: syz.1.577 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  213.029494][ T7976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  213.029503][ T7976] Call Trace:
[  213.029509][ T7976]  <TASK>
[  213.029515][ T7976]  dump_stack_lvl+0x16c/0x1f0
[  213.029534][ T7976]  should_fail_ex+0x50a/0x650
[  213.029559][ T7976]  _copy_to_user+0x32/0xd0
[  213.029592][ T7976]  simple_read_from_buffer+0xd0/0x160
[  213.029619][ T7976]  proc_fail_nth_read+0x198/0x270
[  213.029642][ T7976]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.029665][ T7976]  ? rw_verify_area+0xcf/0x680
[  213.029686][ T7976]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.029706][ T7976]  vfs_read+0x1df/0xbf0
[  213.029728][ T7976]  ? __fget_files+0x1fc/0x3a0
[  213.029741][ T7976]  ? __pfx___mutex_lock+0x10/0x10
[  213.029754][ T7976]  ? __pfx_vfs_read+0x10/0x10
[  213.029776][ T7976]  ? __fget_files+0x206/0x3a0
[  213.029792][ T7976]  ksys_read+0x12b/0x250
[  213.029810][ T7976]  ? __pfx_ksys_read+0x10/0x10
[  213.029835][ T7976]  do_syscall_64+0xcd/0x250
[  213.029851][ T7976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.029869][ T7976] RIP: 0033:0x7f6c8578b7bc
[  213.029879][ T7976] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  213.029891][ T7976] RSP: 002b:00007f6c835f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  213.029904][ T7976] RAX: ffffffffffffffda RBX: 00007f6c859a6160 RCX: 00007f6c8578b7bc
[  213.029912][ T7976] RDX: 000000000000000f RSI: 00007f6c835f60a0 RDI: 0000000000000006
[  213.029919][ T7976] RBP: 00007f6c835f6090 R08: 0000000000000000 R09: 0000000000000000
[  213.029927][ T7976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.029934][ T7976] R13: 0000000000000000 R14: 00007f6c859a6160 R15: 00007ffe06e2fd88
[  213.029951][ T7976]  </TASK>
[  213.292538][ T5896] usb 7-1: Using ep0 maxpacket: 32
[  213.298931][ T5896] usb 7-1: config 0 has an invalid interface number: 184 but max is 0
[  213.307298][ T5896] usb 7-1: config 0 has no interface number 0
[  213.318898][ T5896] usb 7-1: config 0 interface 184 has no altsetting 0
[  213.340589][ T5896] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  213.349810][ T5896] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.357789][ T5896] usb 7-1: Product: syz
[  213.361972][ T5896] usb 7-1: Manufacturer: syz
[  213.366561][ T5896] usb 7-1: SerialNumber: syz
[  213.379283][ T5896] usb 7-1: config 0 descriptor??
[  213.398660][ T5896] smsc75xx v1.0.0
[  213.493460][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.520389][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.539574][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.562974][ T7979] netlink: 16 bytes leftover after parsing attributes in process `syz.1.578'.
[  213.569612][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.581235][   T25] usb 5-1: unable to get BOS descriptor or descriptor too short
[  213.589325][   T25] usb 5-1: not running at top speed; connect to a high speed hub
[  213.598142][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.608497][   T25] usb 5-1: config 1 interface 0 altsetting 11 endpoint 0x82 has invalid maxpacket 1023, setting to 64
[  213.619628][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.626786][   T25] usb 5-1: config 1 interface 0 altsetting 11 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  213.640035][   T25] usb 5-1: config 1 interface 0 has no altsetting 0
[  213.648700][   T25] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  213.657805][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.668203][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.675641][   T25] usb 5-1: Product: syz
[  213.680173][   T25] usb 5-1: Manufacturer: ٔꩩ桭昧撔㘖꾕詌琨뮧⣛笊┬儞ᓹ恜넹礦↼蚶뢟胡න뻦紿䎐茴ע빸禼ꑼ韻壮萝൱쀞󓌮
[  213.696031][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.704581][   T25] usb 5-1: SerialNumber: syz
[  213.717503][ T7968] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  213.735140][ T5822] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  213.770970][ T5822] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  213.930342][ T5822] mceusb 4-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  213.947162][   T25] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  213.956545][ T5822] usb 4-1: USB disconnect, device number 18
[  213.973038][   T25] usb 5-1: USB disconnect, device number 23
[  213.981564][ T7983] FAULT_INJECTION: forcing a failure.
[  213.981564][ T7983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.996998][ T7983] CPU: 1 UID: 0 PID: 7983 Comm: syz.1.579 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  213.997021][ T7983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  213.997030][ T7983] Call Trace:
[  213.997035][ T7983]  <TASK>
[  213.997042][ T7983]  dump_stack_lvl+0x16c/0x1f0
[  213.997062][ T7983]  should_fail_ex+0x50a/0x650
[  213.997087][ T7983]  _copy_from_user+0x2e/0xd0
[  213.997109][ T7983]  quota_setquota+0x26b/0x5f0
[  213.997123][ T7983]  ? __pfx_quota_setquota+0x10/0x10
[  213.997141][ T7983]  ? avc_has_perm+0x11b/0x1c0
[  213.997177][ T7983]  ? selinux_quotactl+0x171/0x300
[  213.997197][ T7983]  do_quotactl+0xb00/0x13d0
[  213.997217][ T7983]  ? __pfx_do_quotactl+0x10/0x10
[  213.997231][ T7983]  ? rwsem_read_trylock+0x12d/0x250
[  213.997245][ T7983]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  213.997258][ T7983]  ? __pfx_lock_release+0x10/0x10
[  213.997269][ T7983]  ? __x64_sys_quotactl_fd+0x2d8/0x520
[  213.997280][ T7983]  ? lock_acquire+0x2f/0xb0
[  213.997297][ T7983]  ? __x64_sys_quotactl_fd+0x2d8/0x520
[  213.997320][ T7983]  ? down_read+0xc9/0x330
[  213.997336][ T7983]  ? __pfx_down_read+0x10/0x10
[  213.997351][ T7983]  ? mnt_get_write_access+0x20c/0x300
[  213.997374][ T7983]  __x64_sys_quotactl_fd+0x2f4/0x520
[  213.997387][ T7983]  do_syscall_64+0xcd/0x250
[  213.997399][ T7983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.997411][ T7983] RIP: 0033:0x7f6c8578cda9
[  213.997419][ T7983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.997428][ T7983] RSP: 002b:00007f6c86504038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bb
[  213.997442][ T7983] RAX: ffffffffffffffda RBX: 00007f6c859a6080 RCX: 00007f6c8578cda9
[  213.997453][ T7983] RDX: 0000000000000000 RSI: ffffffff80000800 RDI: 0000000000000006
[  213.997462][ T7983] RBP: 00007f6c86504090 R08: 0000000000000000 R09: 0000000000000000
[  213.997471][ T7983] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001
[  213.997479][ T7983] R13: 0000000000000000 R14: 00007f6c859a6080 R15: 00007ffe06e2fd88
[  213.997500][ T7983]  </TASK>
[  214.343626][   T29] audit: type=1400 audit(1738321269.471:464): avc:  denied  { bind } for  pid=7985 comm="syz.3.580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  214.367362][   T29] audit: type=1400 audit(1738321269.471:465): avc:  denied  { node_bind } for  pid=7985 comm="syz.3.580" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  214.728478][ T7991] overlayfs: missing 'lowerdir'
[  214.800338][ T5867] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  214.811860][ T5896] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  214.841728][ T5896] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  215.133516][ T5867] usb 4-1: Using ep0 maxpacket: 32
[  215.147339][ T5896] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  215.164067][ T5867] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  215.212880][ T5896] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  215.228222][ T5867] usb 4-1: config 0 has no interface number 0
[  215.490211][    T8] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  215.552870][ T5867] usb 4-1: config 0 interface 184 has no altsetting 0
[  215.564923][ T5896] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  215.595657][ T5867] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  215.611454][ T5896] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  215.624179][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.632666][ T5896] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71
[  215.641261][ T5867] usb 4-1: Product: syz
[  215.646167][ T5867] usb 4-1: Manufacturer: syz
[  215.664562][ T5896] usb 7-1: USB disconnect, device number 4
[  215.674876][ T5867] usb 4-1: SerialNumber: syz
[  215.683514][ T5867] usb 4-1: config 0 descriptor??
[  215.694765][ T5867] smsc75xx v1.0.0
[  215.709730][    T8] usb 5-1: Using ep0 maxpacket: 16
[  215.718222][    T8] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  215.729409][    T8] usb 5-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  215.740393][    T8] usb 5-1: config 0 has no interface number 0
[  215.943402][ T5868] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  215.978340][    T8] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  216.009804][ T5896] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  216.024091][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.041005][    T8] usb 5-1: Product: syz
[  216.059806][    T8] usb 5-1: Manufacturer: syz
[  216.069681][    T8] usb 5-1: SerialNumber: syz
[  216.091173][    T8] usb 5-1: config 0 descriptor??
[  216.120226][ T5868] usb 6-1: Using ep0 maxpacket: 32
[  216.137670][ T5868] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  216.146859][ T5868] usb 6-1: config 0 has no interface number 0
[  216.157893][ T5868] usb 6-1: config 0 interface 184 has no altsetting 0
[  216.260112][ T5868] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  216.273198][ T5896] usb 7-1: config 0 has an invalid interface number: 236 but max is 0
[  216.290126][ T5868] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.467805][ T5896] usb 7-1: config 0 has no interface number 0
[  216.486676][ T5868] usb 6-1: Product: syz
[  216.490954][ T5868] usb 6-1: Manufacturer: syz
[  216.495699][ T5868] usb 6-1: SerialNumber: syz
[  216.508147][ T5868] usb 6-1: config 0 descriptor??
[  216.515815][ T5896] usb 7-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=65.4b
[  216.531606][    T8] usb 5-1: Found UVC 0.00 device syz (046d:08d3)
[  216.546380][ T5896] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.555197][ T5868] smsc75xx v1.0.0
[  216.559647][    T8] usb 5-1: No valid video chain found.
[  216.569711][ T5896] usb 7-1: Product: syz
[  216.585660][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  216.605984][    T8] usb 5-1: USB disconnect, device number 24
[  216.621544][ T5896] usb 7-1: Manufacturer: syz
[  216.633966][ T5896] usb 7-1: SerialNumber: syz
[  216.640209][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  216.651797][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  216.663910][ T5896] usb 7-1: config 0 descriptor??
[  216.675565][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  216.691216][ T5896] keyspan 7-1:0.236: Keyspan - (without firmware) converter detected
[  216.713048][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  216.729568][ T5867] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  216.942099][ T5867] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  216.958105][ T5867] usb 4-1: USB disconnect, device number 19
[  217.297615][   T25] usb 7-1: USB disconnect, device number 5
[  217.317674][   T25] keyspan 7-1:0.236: device disconnected
[  217.474914][ T8016] lo speed is unknown, defaulting to 1000
[  217.629125][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  217.653157][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  217.666692][   T29] audit: type=1400 audit(1738321272.781:466): avc:  denied  { create } for  pid=8038 comm="syz.3.595" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  217.677266][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  217.699839][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  217.727416][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  217.758227][ T5868] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  217.796012][ T5868] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  217.821995][ T5868] usb 6-1: USB disconnect, device number 7
[  217.889586][   T29] audit: type=1400 audit(1738321273.011:467): avc:  denied  { mounton } for  pid=8038 comm="syz.3.595" path="/128/file0" dev="tmpfs" ino=711 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  218.095929][   T29] audit: type=1400 audit(1738321273.221:468): avc:  denied  { unlink } for  pid=5814 comm="syz-executor" name="file0" dev="tmpfs" ino=711 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  218.183003][ T8047] netlink: 4 bytes leftover after parsing attributes in process `syz.1.596'.
[  218.191921][ T8047] batman_adv: batadv0: Interface deactivated: dummy0
[  218.198653][ T8047] batman_adv: batadv0: Removing interface: dummy0
[  218.224863][   T29] audit: type=1400 audit(1738321273.311:469): avc:  denied  { bind } for  pid=8040 comm="syz.1.596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  218.246250][ T8047] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.253756][ T8047] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.264858][ T8047] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.272359][ T8047] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.378368][   T29] audit: type=1400 audit(1738321273.311:470): avc:  denied  { ioctl } for  pid=8040 comm="syz.1.596" path="socket:[18548]" dev="sockfs" ino=18548 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  218.392315][ T5867] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  218.465212][   T29] audit: type=1400 audit(1738321273.571:471): avc:  denied  { read } for  pid=8046 comm="syz.3.598" name="mouse0" dev="devtmpfs" ino=1037 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  218.488261][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.529546][   T29] audit: type=1400 audit(1738321273.581:472): avc:  denied  { open } for  pid=8046 comm="syz.3.598" path="/dev/input/mouse0" dev="devtmpfs" ino=1037 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  218.553581][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.619938][   T29] audit: type=1400 audit(1738321273.581:473): avc:  denied  { ioctl } for  pid=8046 comm="syz.3.598" path="/dev/input/mouse0" dev="devtmpfs" ino=1037 ioctlcmd=0x64c8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  218.649535][ T5867] usb 7-1: Using ep0 maxpacket: 32
[  218.664146][ T5867] usb 7-1: config 0 has an invalid interface number: 184 but max is 0
[  218.998860][ T8057] netlink: 12 bytes leftover after parsing attributes in process `syz.3.600'.
[  219.035011][ T5867] usb 7-1: config 0 has no interface number 0
[  219.268299][ T5867] usb 7-1: config 0 interface 184 has no altsetting 0
[  219.291070][   T29] audit: type=1400 audit(1738321274.411:474): avc:  denied  { setopt } for  pid=8059 comm="syz.1.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  219.336880][ T5867] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  219.354721][ T5867] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.365786][ T8060] netlink: 9286 bytes leftover after parsing attributes in process `syz.4.601'.
[  219.628622][ T5867] usb 7-1: Product: syz
[  219.711280][   T29] audit: type=1400 audit(1738321274.811:475): avc:  denied  { listen } for  pid=8059 comm="syz.1.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  219.845288][ T5867] usb 7-1: Manufacturer: syz
[  219.869623][ T5867] usb 7-1: SerialNumber: syz
[  219.875942][ T5867] usb 7-1: config 0 descriptor??
[  219.901554][ T5867] smsc75xx v1.0.0
[  220.159672][ T5822] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  220.769135][ T5822] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  220.780705][ T5822] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  220.793811][ T5822] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  220.805892][ T5822] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  220.816652][ T5822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.891530][ T5822] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  221.251694][ T5822] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -12
[  221.314020][ T5931] udevd[5931]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  221.383955][ T8071] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  221.419760][ T5833] Bluetooth: hci7: command 0x1003 tx timeout
[  221.432676][ T5835] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  221.484817][ T8071] Dead loop on virtual device ip6_vti0, fix it urgently!
[  221.531785][ T5867] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  221.538014][   T25] usb 4-1: USB disconnect, device number 20
[  221.559991][ T5867] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  221.594368][ T8097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.610'.
[  221.603271][ T8097] openvswitch: netlink: Flow actions attr not present in new flow.
[  221.618359][ T5867] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  221.640778][ T5867] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  221.677950][ T5867] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  221.691747][ T5867] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  221.717045][ T5867] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71
[  222.145760][ T5867] usb 7-1: USB disconnect, device number 6
[  223.149715][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  223.149730][   T29] audit: type=1800 audit(1738321278.241:481): pid=8113 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.615" name="bus" dev="tmpfs" ino=134 res=0 errno=0
[  223.236427][ T8116] netlink: 8 bytes leftover after parsing attributes in process `syz.5.617'.
[  224.409548][   T29] audit: type=1400 audit(1738321278.881:482): avc:  denied  { mount } for  pid=8122 comm="syz.5.621" name="/" dev="ramfs" ino=18324 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  226.201117][ T5867] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  226.242451][ T8140] FAULT_INJECTION: forcing a failure.
[  226.242451][ T8140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.255644][ T8140] CPU: 0 UID: 0 PID: 8140 Comm: syz.5.622 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  226.255666][ T8140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  226.255676][ T8140] Call Trace:
[  226.255682][ T8140]  <TASK>
[  226.255688][ T8140]  dump_stack_lvl+0x16c/0x1f0
[  226.255702][ T8140]  should_fail_ex+0x50a/0x650
[  226.255717][ T8140]  _copy_from_user+0x2e/0xd0
[  226.255731][ T8140]  copy_msghdr_from_user+0x99/0x160
[  226.255742][ T8140]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  226.255758][ T8140]  ___sys_sendmsg+0xff/0x1e0
[  226.255769][ T8140]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.255784][ T8140]  ? __pfx_lock_release+0x10/0x10
[  226.255797][ T8140]  ? trace_lock_acquire+0x14e/0x1f0
[  226.255811][ T8140]  ? __fget_files+0x206/0x3a0
[  226.255822][ T8140]  __sys_sendmsg+0x16e/0x220
[  226.255833][ T8140]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.255843][ T8140]  ? lockdep_hardirqs_on+0x7c/0x110
[  226.255862][ T8140]  ? __sanitizer_cov_trace_pc+0x4/0x70
[  226.255877][ T8140]  do_syscall_64+0xcd/0x250
[  226.255887][ T8140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.255900][ T8140] RIP: 0033:0x7f4ef2b8cda9
[  226.255907][ T8140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.255916][ T8140] RSP: 002b:00007f4ef3aa6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.255925][ T8140] RAX: ffffffffffffffda RBX: 00007f4ef2da6080 RCX: 00007f4ef2b8cda9
[  226.255930][ T8140] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000007
[  226.255935][ T8140] RBP: 00007f4ef3aa6090 R08: 0000000000000000 R09: 0000000000000000
[  226.255940][ T8140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.255945][ T8140] R13: 0000000000000000 R14: 00007f4ef2da6080 R15: 00007ffe2bfcbff8
[  226.255955][ T8140]  </TASK>
[  226.810878][ T5867] usb 4-1: Using ep0 maxpacket: 32
[  227.127958][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.389589][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.479144][ T5867] usb 4-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  227.511436][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.600897][ T8156] netlink: 12 bytes leftover after parsing attributes in process `syz.1.627'.
[  227.899554][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.4.628'.
[  227.908386][ T8158] openvswitch: netlink: Flow actions attr not present in new flow.
[  228.429789][ T5867] usb 4-1: config 0 descriptor??
[  228.555973][   T29] audit: type=1400 audit(1738321283.681:483): avc:  denied  { unmount } for  pid=7282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  228.566705][ T5867] usbhid 4-1:0.0: can't add hid device: -71
[  228.656251][ T8162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.629'.
[  228.665312][ T8162] openvswitch: netlink: Flow actions attr not present in new flow.
[  229.176252][ T5867] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  229.192594][ T5867] usb 4-1: USB disconnect, device number 21
[  230.305476][ T8176] netlink: 20 bytes leftover after parsing attributes in process `syz.1.635'.
[  231.170568][ T8195] netlink: 220 bytes leftover after parsing attributes in process `syz.6.641'.
[  231.191084][   T29] audit: type=1400 audit(1738321286.321:484): avc:  denied  { ioctl } for  pid=8187 comm="syz.6.641" path="/dev/input/event0" dev="devtmpfs" ino=918 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  231.726204][   T29] audit: type=1800 audit(1738321286.771:485): pid=8201 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.639" name="bus" dev="tmpfs" ino=256 res=0 errno=0
[  232.061876][ T8209] netlink: 20 bytes leftover after parsing attributes in process `syz.6.643'.
[  232.071430][ T8209] netlink: 20 bytes leftover after parsing attributes in process `syz.6.643'.
[  233.105065][   T29] audit: type=1400 audit(1738321288.151:486): avc:  denied  { write } for  pid=8218 comm="syz.1.645" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  233.188970][   T29] audit: type=1400 audit(1738321288.151:487): avc:  denied  { open } for  pid=8218 comm="syz.1.645" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  233.196216][ T8219] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  233.219815][ T8219] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  233.253363][ T8219] vhci_hcd vhci_hcd.0: Device attached
[  233.279566][   T29] audit: type=1400 audit(1738321288.281:488): avc:  denied  { append } for  pid=8222 comm="syz.6.646" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  233.303287][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.365216][   T29] audit: type=1326 audit(1738321288.301:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8188 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  233.388456][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.439160][   T29] audit: type=1326 audit(1738321288.301:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8188 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  233.471681][ T5896] vhci_hcd: vhci_device speed not set
[  233.496788][   T29] audit: type=1326 audit(1738321288.301:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8188 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  233.520037][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.526913][ T5868] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  233.536219][   T29] audit: type=1326 audit(1738321288.301:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8188 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  233.559400][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.575292][ T5896] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[  233.601198][   T29] audit: type=1326 audit(1738321288.301:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8188 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  233.624754][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.634908][   T29] audit: type=1326 audit(1738321288.301:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8188 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  233.658098][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.664683][ T5830] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  233.689585][ T5868] usb 2-1: Using ep0 maxpacket: 8
[  233.708498][ T5868] usb 2-1: config 0 has an invalid interface number: 224 but max is 0
[  233.724572][ T5868] usb 2-1: config 0 has no interface number 0
[  233.730885][ T5868] usb 2-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice= 3.0e
[  233.899622][ T5830] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  233.920639][ T5830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  233.920652][   T29] audit: type=1400 audit(1738321288.601:495): avc:  denied  { ioctl } for  pid=8230 comm="syz.6.649" path="socket:[19142]" dev="sockfs" ino=19142 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  233.956158][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.962398][ T5868] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.986941][ T5868] usb 2-1: config 0 descriptor??
[  234.009712][ T5830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.019757][ T5830] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  234.045503][ T5830] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  234.069619][ T5830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.093374][ T5830] usb 5-1: config 0 descriptor??
[  234.210946][ T5868] usb 2-1: string descriptor 0 read error: -71
[  234.219993][ T5868] usb 2-1: USB disconnect, device number 18
[  234.228828][ T8224] vhci_hcd: connection reset by peer
[  234.237853][   T12] vhci_hcd: stop threads
[  234.243694][   T12] vhci_hcd: release socket
[  234.250898][   T12] vhci_hcd: disconnect device
[  234.404749][ T8255] netlink: 20 bytes leftover after parsing attributes in process `syz.6.657'.
[  234.414005][ T8255] netlink: 20 bytes leftover after parsing attributes in process `syz.6.657'.
[  234.661740][   T29] audit: type=1326 audit(1738321289.781:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8233 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216418cda9 code=0x7fc00000
[  234.745014][ T5867] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  235.029629][ T5867] usb 6-1: Using ep0 maxpacket: 32
[  235.040206][ T5867] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  235.040256][ T5867] usb 6-1: config 0 has no interface number 0
[  235.040287][ T5867] usb 6-1: config 0 interface 184 has no altsetting 0
[  235.042640][ T5867] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  235.042669][ T5867] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.042690][ T5867] usb 6-1: Product: syz
[  235.042704][ T5867] usb 6-1: Manufacturer: syz
[  235.042720][ T5867] usb 6-1: SerialNumber: syz
[  235.046308][ T5867] usb 6-1: config 0 descriptor??
[  235.047879][ T5867] smsc75xx v1.0.0
[  235.238162][  T971] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  235.415331][  T971] usb 4-1: Using ep0 maxpacket: 32
[  235.480980][ T8267] netlink: 20 bytes leftover after parsing attributes in process `syz.6.661'.
[  235.529634][ T5867] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  235.629866][ T8267] netlink: 20 bytes leftover after parsing attributes in process `syz.6.661'.
[  235.655227][ T5830] lenovo 0003:17EF:6047.0006: unknown main item tag 0x0
[  235.664451][ T5867] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  235.664807][ T5822] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  235.674587][ T5830] lenovo 0003:17EF:6047.0006: unknown main item tag 0x0
[  235.688832][  T971] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  235.704805][  T971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.718430][ T5867] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  235.732467][  T971] usb 4-1: config 0 descriptor??
[  235.737476][ T5830] lenovo 0003:17EF:6047.0006: unknown main item tag 0x0
[  235.745505][ T5867] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -32
[  235.755135][  T971] gspca_main: nw80x-2.14.0 probing 055f:d001
[  235.764842][ T5830] lenovo 0003:17EF:6047.0006: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[  235.782215][ T5830] usb 5-1: USB disconnect, device number 25
[  235.859560][ T5822] usb 2-1: Using ep0 maxpacket: 16
[  235.866053][ T5822] usb 2-1: config 8 has an invalid interface number: 39 but max is 0
[  235.875425][ T5822] usb 2-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  235.885975][ T5822] usb 2-1: config 8 has no interface number 0
[  235.892276][ T5822] usb 2-1: config 8 interface 39 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  235.905476][ T5822] usb 2-1: config 8 interface 39 has no altsetting 0
[  235.914048][ T5822] usb 2-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[  235.925127][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.933347][ T5822] usb 2-1: Product: syz
[  235.937707][ T5822] usb 2-1: Manufacturer: syz
[  235.942438][ T5822] usb 2-1: SerialNumber: syz
[  235.972575][   T29] audit: type=1400 audit(1738321291.101:497): avc:  denied  { create } for  pid=8257 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  236.045945][   T29] audit: type=1400 audit(1738321291.171:498): avc:  denied  { sqpoll } for  pid=8257 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  236.404071][  T971] gspca_nw80x: reg_w err -110
[  236.574631][  T971] nw80x 4-1:0.0: probe with driver nw80x failed with error -110
[  236.600610][ T5822] ipheth 2-1:8.39: Unable to find endpoints
[  236.662466][ T5822] usb 2-1: USB disconnect, device number 19
[  236.807883][ T8288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.664'.
[  236.816828][ T8288] openvswitch: netlink: Flow actions attr not present in new flow.
[  237.733214][ T2150] usb 6-1: USB disconnect, device number 8
[  238.270146][   T29] audit: type=1800 audit(1738321293.341:499): pid=8303 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.669" name="bus" dev="tmpfs" ino=207 res=0 errno=0
[  238.499912][ T5830] usb 4-1: USB disconnect, device number 22
[  238.954911][   T29] audit: type=1800 audit(1738321294.071:500): pid=8312 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.670" name="bus" dev="tmpfs" ino=852 res=0 errno=0
[  239.009674][ T5896] vhci_hcd: vhci_device speed not set
[  239.420850][   T29] audit: type=1326 audit(1738321294.551:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8296 comm="syz.4.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7fc00000
[  239.966253][ T5830] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  240.359636][ T5830] usb 7-1: Using ep0 maxpacket: 16
[  240.374489][ T5830] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  240.383804][ T5830] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  240.404307][ T5830] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  240.751869][ T5830] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  240.792792][ T5830] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.956802][ T5830] usb 7-1: Product: syz
[  240.972304][ T5830] usb 7-1: Manufacturer: syz
[  241.050210][ T5830] usb 7-1: SerialNumber: syz
[  241.719596][ T2150] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  241.859695][ T8350] netlink: 20 bytes leftover after parsing attributes in process `syz.1.682'.
[  241.869992][ T8350] netlink: 20 bytes leftover after parsing attributes in process `syz.1.682'.
[  241.899886][ T2150] usb 4-1: Using ep0 maxpacket: 16
[  242.079262][ T2150] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  242.079663][ T5830] usb 7-1: 0:2 : does not exist
[  242.109654][ T2150] usb 4-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  242.130938][ T2150] usb 4-1: config 0 has no interface number 0
[  242.142583][ T2150] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  242.154034][ T2150] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.164227][ T2150] usb 4-1: Product: syz
[  242.211659][ T2150] usb 4-1: Manufacturer: syz
[  242.286625][ T2150] usb 4-1: SerialNumber: syz
[  242.323724][ T2150] usb 4-1: config 0 descriptor??
[  242.564067][ T2150] usb 4-1: Found UVC 0.00 device syz (046d:08d3)
[  242.579770][ T2150] usb 4-1: No valid video chain found.
[  242.614736][ T2150] usb 4-1: USB disconnect, device number 23
[  242.871628][ T8361] FAULT_INJECTION: forcing a failure.
[  242.871628][ T8361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.885934][ T8361] CPU: 0 UID: 0 PID: 8361 Comm: syz.1.686 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  242.885956][ T8361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  242.885965][ T8361] Call Trace:
[  242.885970][ T8361]  <TASK>
[  242.885976][ T8361]  dump_stack_lvl+0x16c/0x1f0
[  242.885997][ T8361]  should_fail_ex+0x50a/0x650
[  242.886027][ T8361]  strncpy_from_user+0x3b/0x2d0
[  242.886077][ T8361]  getname_flags.part.0+0x8f/0x550
[  242.886102][ T8361]  getname+0x8d/0xe0
[  242.886124][ T8361]  __do_sys_newlstat+0x93/0x140
[  242.886142][ T8361]  ? __pfx___do_sys_newlstat+0x10/0x10
[  242.886174][ T8361]  ? __pfx_ksys_write+0x10/0x10
[  242.886209][ T8361]  do_syscall_64+0xcd/0x250
[  242.886228][ T8361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.886250][ T8361] RIP: 0033:0x7f6c8578cda9
[  242.886264][ T8361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.886278][ T8361] RSP: 002b:00007f6c86525038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[  242.886293][ T8361] RAX: ffffffffffffffda RBX: 00007f6c859a5fa0 RCX: 00007f6c8578cda9
[  242.886303][ T8361] RDX: 0000000000000000 RSI: 0000000020000b00 RDI: 0000000020007f80
[  242.886312][ T8361] RBP: 00007f6c86525090 R08: 0000000000000000 R09: 0000000000000000
[  242.886321][ T8361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.886330][ T8361] R13: 0000000000000000 R14: 00007f6c859a5fa0 R15: 00007ffe06e2fd88
[  242.886350][ T8361]  </TASK>
[  243.317742][ T5830] usb 7-1: 1:0: failed to get current value for ch 0 (-22)
[  243.373874][ T5830] usb 7-1: USB disconnect, device number 7
[  243.633504][ T8380] netlink: 12 bytes leftover after parsing attributes in process `syz.3.690'.
[  243.861413][ T5932] udevd[5932]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  243.926047][   T29] audit: type=1326 audit(1738321299.051:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c8578cda9 code=0x7fc00000
[  245.262617][ T8397] netlink: 20 bytes leftover after parsing attributes in process `syz.6.695'.
[  245.281835][ T8400] Invalid ELF header type: 3 != 1
[  245.287291][   T29] audit: type=1400 audit(1738321300.411:503): avc:  denied  { module_load } for  pid=8399 comm="syz.3.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  245.469715][ T8357] netlink: 16 bytes leftover after parsing attributes in process `syz.5.684'.
[  246.414462][   T29] audit: type=1400 audit(1738321301.541:504): avc:  denied  { read } for  pid=8415 comm="syz.1.701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  246.521021][ T8420] netlink: 20 bytes leftover after parsing attributes in process `syz.5.702'.
[  246.531842][ T8420] netlink: 20 bytes leftover after parsing attributes in process `syz.5.702'.
[  246.637522][ T8422] netlink: 80 bytes leftover after parsing attributes in process `syz.1.701'.
[  246.656963][ T8422] netlink: 16 bytes leftover after parsing attributes in process `syz.1.701'.
[  246.959645][ T2150] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  247.229762][ T2150] usb 5-1: Using ep0 maxpacket: 16
[  247.244898][ T2150] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  247.289363][ T2150] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  247.317560][ T2150] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  247.342177][ T2150] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  247.464030][ T2150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.475812][ T2150] usb 5-1: Product: syz
[  247.481292][ T2150] usb 5-1: Manufacturer: syz
[  247.485944][ T2150] usb 5-1: SerialNumber: syz
[  248.519399][ T2150] usb 5-1: 0:2 : does not exist
[  248.544705][ T8439] netlink: 4 bytes leftover after parsing attributes in process `syz.5.706'.
[  250.669585][   T29] audit: type=1326 audit(1738321305.791:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  250.734649][ T2150] usb 5-1: 1:0: failed to get current value for ch 0 (-22)
[  250.757630][   T29] audit: type=1326 audit(1738321305.791:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  250.824915][ T2150] usb 5-1: USB disconnect, device number 26
[  250.859539][   T29] audit: type=1326 audit(1738321305.791:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  250.939683][   T29] audit: type=1326 audit(1738321305.791:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  251.030365][   T29] audit: type=1326 audit(1738321305.791:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  251.082298][ T5932] udevd[5932]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  251.227956][   T29] audit: type=1326 audit(1738321305.791:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  251.433832][   T29] audit: type=1326 audit(1738321305.801:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  251.690858][   T29] audit: type=1326 audit(1738321305.801:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  251.719988][   T29] audit: type=1326 audit(1738321305.801:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  252.309299][   T29] audit: type=1326 audit(1738321305.801:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.5.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ef2b8cda9 code=0x7ffc0000
[  252.776685][ T8481] netlink: 20 bytes leftover after parsing attributes in process `syz.1.719'.
[  252.785936][ T8481] netlink: 20 bytes leftover after parsing attributes in process `syz.1.719'.
[  253.929917][ T8493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.722'.
[  253.938805][ T8493] openvswitch: netlink: Flow actions attr not present in new flow.
[  254.523896][ T8495] program syz.4.725 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  254.754599][ T8506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.727'.
[  255.773690][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  255.780126][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  256.020586][ T8524] evm: overlay not supported
[  256.065166][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  256.065183][   T29] audit: type=1400 audit(1738321311.191:539): avc:  denied  { module_load } for  pid=8520 comm="syz.1.733" path="/sys/kernel/notes" dev="sysfs" ino=1382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  256.112709][ T8530] Invalid ELF header magic: != ELF
[  256.239711][ T5867] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  256.489935][ T5867] usb 4-1: Using ep0 maxpacket: 8
[  256.509336][ T5867] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 3
[  256.529582][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 26232, setting to 64
[  256.565523][ T5867] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  256.617449][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.648084][ T5867] usb 4-1: config 0 descriptor??
[  256.655261][ T8527] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  256.862644][ T8540] netlink: 4 bytes leftover after parsing attributes in process `syz.6.739'.
[  256.919139][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz.4.740'.
[  256.928206][ T8548] openvswitch: netlink: Flow actions attr not present in new flow.
[  257.502226][ T8527] lo speed is unknown, defaulting to 1000
[  257.709873][  T971] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  257.884092][  T971] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  257.899595][  T971] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.922191][ T8527] lo speed is unknown, defaulting to 1000
[  257.922607][  T971] usb 7-1: Product: syz
[  258.128922][  T971] usb 7-1: Manufacturer: syz
[  258.132443][  T971] usb 7-1: SerialNumber: syz
[  258.179149][ T8567] syz.1.742: attempt to access beyond end of device
[  258.179149][ T8567] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  258.485892][  T971] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  258.514658][ T5896] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  258.799690][ T5822] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  258.919274][ T8540] veth0_vlan: entered allmulticast mode
[  258.959680][ T5822] usb 6-1: Using ep0 maxpacket: 16
[  258.963253][ T5822] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  258.963270][ T5822] usb 6-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  258.963280][ T5822] usb 6-1: config 0 has no interface number 0
[  258.964924][ T5822] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  258.964941][ T5822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.964952][ T5822] usb 6-1: Product: syz
[  258.964959][ T5822] usb 6-1: Manufacturer: syz
[  258.964967][ T5822] usb 6-1: SerialNumber: syz
[  258.967224][ T5822] usb 6-1: config 0 descriptor??
[  259.417888][ T5822] usb 6-1: Found UVC 0.00 device syz (046d:08d3)
[  259.417922][ T5822] usb 6-1: No valid video chain found.
[  259.423221][ T5822] usb 6-1: USB disconnect, device number 9
[  259.424147][  T971] usb 7-1: USB disconnect, device number 8
[  259.468094][ T5830] usb 4-1: USB disconnect, device number 24
[  259.595705][ T5896] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  259.595815][ T5896] ath9k_htc: Failed to initialize the device
[  259.601843][  T971] usb 7-1: ath9k_htc: USB layer deinitialized
[  259.749629][ T2150] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  259.912234][ T2150] usb 5-1: config 0 has no interfaces?
[  259.917733][ T2150] usb 5-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[  259.926921][ T2150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.936282][ T2150] usb 5-1: config 0 descriptor??
[  259.949666][ T5822] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  260.078271][   T29] audit: type=1400 audit(1738321315.201:540): avc:  denied  { mount } for  pid=8581 comm="syz.6.748" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  260.114542][   T29] audit: type=1400 audit(1738321315.241:541): avc:  denied  { unmount } for  pid=8581 comm="syz.6.748" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  260.142000][ T5822] usb 4-1: Using ep0 maxpacket: 16
[  260.160134][ T5822] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  260.168501][ T5822] usb 4-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  260.209870][ T5822] usb 4-1: config 0 has no interface number 0
[  260.221819][ T8574] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.230213][ T8587] netlink: 20 bytes leftover after parsing attributes in process `syz.5.750'.
[  260.230284][ T8587] netlink: 20 bytes leftover after parsing attributes in process `syz.5.750'.
[  260.276209][ T5822] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  260.301342][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.311355][ T5822] usb 4-1: Product: syz
[  260.315614][ T5822] usb 4-1: Manufacturer: syz
[  260.321812][ T5822] usb 4-1: SerialNumber: syz
[  260.345914][ T8574] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.386736][ T5822] usb 4-1: config 0 descriptor??
[  260.419619][ T8574] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.433940][ T8574] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.449204][ T2150] usb 5-1: USB disconnect, device number 27
[  260.681357][ T5822] usb 4-1: Found UVC 0.00 device syz (046d:08d3)
[  260.699917][ T5822] usb 4-1: No valid video chain found.
[  260.805856][ T5822] usb 4-1: USB disconnect, device number 25
[  261.318776][   T29] audit: type=1800 audit(1738321316.441:542): pid=8593 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.751" name="bus" dev="tmpfs" ino=968 res=0 errno=0
[  261.419748][   T25] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  261.638853][ T8601] netlink: 8 bytes leftover after parsing attributes in process `syz.5.752'.
[  261.647741][ T8601] openvswitch: netlink: Flow actions attr not present in new flow.
[  262.154114][ T5835] Bluetooth: hci6: unexpected Set CIG Parameters response data
[  262.190722][   T25] usb 5-1: device descriptor read/all, error -71
[  262.817597][ T8616] FAULT_INJECTION: forcing a failure.
[  262.817597][ T8616] name failslab, interval 1, probability 0, space 0, times 0
[  262.830346][ T8616] CPU: 1 UID: 0 PID: 8616 Comm: syz.5.757 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  262.830369][ T8616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  262.830379][ T8616] Call Trace:
[  262.830384][ T8616]  <TASK>
[  262.830391][ T8616]  dump_stack_lvl+0x16c/0x1f0
[  262.830412][ T8616]  should_fail_ex+0x50a/0x650
[  262.830436][ T8616]  ? fs_reclaim_acquire+0xae/0x150
[  262.830462][ T8616]  ? subdev_open+0x7f/0x560
[  262.830482][ T8616]  should_failslab+0xc2/0x120
[  262.830500][ T8616]  __kmalloc_cache_noprof+0x68/0x410
[  262.830525][ T8616]  ? v4l2_open+0x1c8/0x490
[  262.830552][ T8616]  subdev_open+0x7f/0x560
[  262.830573][ T8616]  v4l2_open+0x222/0x490
[  262.830596][ T8616]  ? __pfx_v4l2_open+0x10/0x10
[  262.830619][ T8616]  chrdev_open+0x237/0x6a0
[  262.830638][ T8616]  ? __pfx_chrdev_open+0x10/0x10
[  262.830661][ T8616]  do_dentry_open+0x735/0x1c40
[  262.830688][ T8616]  ? __pfx_chrdev_open+0x10/0x10
[  262.830706][ T8616]  ? inode_permission+0xdd/0x5f0
[  262.830729][ T8616]  vfs_open+0x82/0x3f0
[  262.830746][ T8616]  ? may_open+0x1f2/0x400
[  262.830768][ T8616]  path_openat+0x1e88/0x2d80
[  262.830793][ T8616]  ? __pfx_path_openat+0x10/0x10
[  262.830808][ T8616]  ? __pfx___lock_acquire+0x10/0x10
[  262.830838][ T8616]  do_filp_open+0x20c/0x470
[  262.830860][ T8616]  ? __pfx_do_filp_open+0x10/0x10
[  262.830875][ T8616]  ? find_held_lock+0x2d/0x110
[  262.830909][ T8616]  ? alloc_fd+0x41f/0x760
[  262.830941][ T8616]  do_sys_openat2+0x17a/0x1e0
[  262.830961][ T8616]  ? __pfx_do_sys_openat2+0x10/0x10
[  262.830985][ T8616]  ? __pfx___schedule+0x10/0x10
[  262.831012][ T8616]  __x64_sys_openat+0x175/0x210
[  262.831032][ T8616]  ? __pfx___x64_sys_openat+0x10/0x10
[  262.831055][ T8616]  ? do_user_addr_fault+0x83d/0x13f0
[  262.831084][ T8616]  do_syscall_64+0xcd/0x250
[  262.831102][ T8616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.831125][ T8616] RIP: 0033:0x7f4ef2b8b710
[  262.831138][ T8616] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  262.831154][ T8616] RSP: 002b:00007f4ef3a84b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  262.831170][ T8616] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4ef2b8b710
[  262.831180][ T8616] RDX: 0000000000000000 RSI: 00007f4ef3a84c10 RDI: 00000000ffffff9c
[  262.831190][ T8616] RBP: 00007f4ef3a84c10 R08: 0000000000000000 R09: 0000000000000000
[  262.831199][ T8616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  262.831209][ T8616] R13: 0000000000000000 R14: 00007f4ef2da6160 R15: 00007ffe2bfcbff8
[  262.831230][ T8616]  </TASK>
[  263.202078][ T8613] netlink: 268 bytes leftover after parsing attributes in process `syz.3.755'.
[  263.211316][   T29] audit: type=1400 audit(1738321318.331:543): avc:  denied  { getopt } for  pid=8611 comm="syz.3.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  263.486958][   T25] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  263.690830][ T8632] netlink: 20 bytes leftover after parsing attributes in process `syz.5.763'.
[  263.699976][ T8632] netlink: 20 bytes leftover after parsing attributes in process `syz.5.763'.
[  263.781624][   T25] usb 5-1: Using ep0 maxpacket: 32
[  263.805433][   T25] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  263.979450][   T25] usb 5-1: config 0 has no interface number 0
[  263.987190][   T25] usb 5-1: config 0 interface 184 has no altsetting 0
[  264.153077][   T25] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  264.178260][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.188740][   T25] usb 5-1: Product: syz
[  264.195688][   T25] usb 5-1: Manufacturer: syz
[  264.224509][   T25] usb 5-1: SerialNumber: syz
[  264.249848][   T25] usb 5-1: config 0 descriptor??
[  264.258794][   T25] smsc75xx v1.0.0
[  264.543704][ T8645] sp0: Synchronizing with TNC
[  264.665399][   T25] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  264.725018][   T25] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  264.790458][   T25] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  264.836547][   T25] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -32
[  264.902760][ T8653] netlink: 8 bytes leftover after parsing attributes in process `syz.5.767'.
[  264.911736][ T8653] openvswitch: netlink: Flow actions attr not present in new flow.
[  265.958809][   T25] usb 5-1: USB disconnect, device number 30
[  266.327200][ T5818] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  266.368318][ T5818] Bluetooth: hci6: Injecting HCI hardware error event
[  266.380327][ T5818] Bluetooth: hci6: hardware error 0x00
[  266.394251][   T29] audit: type=1400 audit(1738321321.521:544): avc:  denied  { setopt } for  pid=8662 comm="syz.4.770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  266.576529][   T29] audit: type=1326 audit(1738321321.671:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8636 comm="syz.1.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c8578cda9 code=0x7fc00000
[  267.817070][   T25] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  267.985784][ T8694] =======================================================
[  267.985784][ T8694] WARNING: The mand mount option has been deprecated and
[  267.985784][ T8694]          and is ignored by this kernel. Remove the mand
[  267.985784][ T8694]          option from the mount to silence this warning.
[  267.985784][ T8694] =======================================================
[  268.029577][   T25] usb 6-1: Using ep0 maxpacket: 8
[  268.062901][   T29] audit: type=1400 audit(1738321323.171:546): avc:  denied  { mount } for  pid=8692 comm="syz.4.778" name="/" dev="hugetlbfs" ino=21206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  268.087373][   T25] usb 6-1: config 2 interface 0 has no altsetting 0
[  268.104294][   T25] usb 6-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  268.129556][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.139141][   T25] usb 6-1: Product: syz
[  268.140450][ T8700] lo speed is unknown, defaulting to 1000
[  268.149732][   T25] usb 6-1: Manufacturer: syz
[  268.154410][   T25] usb 6-1: SerialNumber: syz
[  268.361549][ T8706] netlink: 8 bytes leftover after parsing attributes in process `syz.1.779'.
[  268.370564][ T8706] openvswitch: netlink: Flow actions attr not present in new flow.
[  268.559870][ T5818] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  268.801547][   T25] usb 6-1: USB disconnect, device number 10
[  268.999414][ T8714] kAFS: Can only specify source 'none' with -o dyn
[  269.047229][ T8714] IPVS: length: 82 != 8
[  269.049513][   T29] audit: type=1400 audit(1738321324.171:547): avc:  denied  { getopt } for  pid=8713 comm="syz.6.783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  269.206991][ T8730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.785'.
[  269.458510][ T8739] netlink: 20 bytes leftover after parsing attributes in process `syz.6.787'.
[  269.467928][ T8739] netlink: 20 bytes leftover after parsing attributes in process `syz.6.787'.
[  269.604740][ T2150] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  269.919620][ T2150] usb 2-1: device descriptor read/64, error -71
[  270.190061][ T2150] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  270.319747][   T25] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  270.413181][ T8751] netlink: 20 bytes leftover after parsing attributes in process `syz.6.790'.
[  270.424172][ T8751] netlink: 20 bytes leftover after parsing attributes in process `syz.6.790'.
[  270.460633][ T2150] usb 2-1: device descriptor read/64, error -71
[  270.532268][   T25] usb 6-1: Using ep0 maxpacket: 16
[  270.551473][   T25] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  270.659521][   T25] usb 6-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  270.670773][ T2150] usb usb2-port1: attempt power cycle
[  270.825969][   T25] usb 6-1: config 0 has no interface number 0
[  270.874178][   T25] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  270.901977][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.927765][   T25] usb 6-1: Product: syz
[  270.940877][   T25] usb 6-1: Manufacturer: syz
[  270.956233][   T25] usb 6-1: SerialNumber: syz
[  270.967109][   T25] usb 6-1: config 0 descriptor??
[  271.029803][ T2150] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  271.070206][ T2150] usb 2-1: device descriptor read/8, error -71
[  271.192107][   T25] usb 6-1: Found UVC 0.00 device syz (046d:08d3)
[  271.240308][   T25] usb 6-1: No valid video chain found.
[  271.255160][   T25] usb 6-1: USB disconnect, device number 11
[  271.319681][ T2150] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  271.366297][ T8766] qnx6: unable to read the first superblock
[  271.375585][ T2150] usb 2-1: device descriptor read/8, error -71
[  271.489974][ T2150] usb usb2-port1: unable to enumerate USB device
[  271.543493][ T8775] netlink: 'syz.3.797': attribute type 10 has an invalid length.
[  271.553344][ T8775] netlink: 40 bytes leftover after parsing attributes in process `syz.3.797'.
[  271.583983][ T8775] team0: Port device geneve0 added
[  271.617641][ T8775] netlink: 20 bytes leftover after parsing attributes in process `syz.3.797'.
[  271.838796][ T8779] netlink: 20 bytes leftover after parsing attributes in process `syz.3.799'.
[  271.847989][ T8779] netlink: 20 bytes leftover after parsing attributes in process `syz.3.799'.
[  272.847732][ T8799] netlink: 'syz.6.805': attribute type 4 has an invalid length.
[  274.101767][   T29] audit: type=1400 audit(1738321329.231:548): avc:  denied  { read } for  pid=8814 comm="syz.6.810" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  274.134917][   T29] audit: type=1400 audit(1738321329.261:549): avc:  denied  { append } for  pid=8815 comm="syz.3.809" name="renderD128" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  274.181612][ T8819] __nla_validate_parse: 3 callbacks suppressed
[  274.181629][ T8819] netlink: 68 bytes leftover after parsing attributes in process `syz.1.811'.
[  274.258745][   T29] audit: type=1400 audit(1738321329.331:550): avc:  denied  { mount } for  pid=8815 comm="syz.3.809" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  274.349663][ T5822] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  274.357383][ T8824] netlink: 16 bytes leftover after parsing attributes in process `syz.1.813'.
[  274.382615][   T29] audit: type=1400 audit(1738321329.511:551): avc:  denied  { connect } for  pid=8825 comm="syz.4.814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  274.531251][ T5822] usb 6-1: Using ep0 maxpacket: 16
[  274.585074][ T5822] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  274.593518][ T5822] usb 6-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  274.604227][ T5822] usb 6-1: config 0 has no interface number 0
[  274.704139][ T5822] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  274.705676][ T5896] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  274.774625][ T5822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.798552][ T5830] usb 5-1: new full-speed USB device number 31 using dummy_hcd
[  274.835041][ T5822] usb 6-1: Product: syz
[  274.839429][ T5822] usb 6-1: Manufacturer: syz
[  274.844777][ T5822] usb 6-1: SerialNumber: syz
[  274.862043][ T5822] usb 6-1: config 0 descriptor??
[  274.949660][ T5830] usb 5-1: device descriptor read/64, error -71
[  274.969714][ T5896] usb 7-1: Using ep0 maxpacket: 32
[  275.003414][ T5896] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[  275.014780][ T5896] usb 7-1: config 0 has no interface number 0
[  275.031578][ T5896] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  275.050145][ T5896] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.058255][ T5896] usb 7-1: Product: syz
[  275.063225][ T5896] usb 7-1: Manufacturer: syz
[  275.067838][ T5896] usb 7-1: SerialNumber: syz
[  275.076744][ T5896] usb 7-1: config 0 descriptor??
[  275.085976][ T5896] smsc95xx v2.0.0
[  275.092919][ T5822] usb 6-1: Found UVC 0.00 device syz (046d:08d3)
[  275.099282][ T5822] usb 6-1: No valid video chain found.
[  275.138257][ T5822] usb 6-1: USB disconnect, device number 12
[  275.189596][ T5830] usb 5-1: new full-speed USB device number 32 using dummy_hcd
[  275.309594][   T29] audit: type=1400 audit(1738321330.431:552): avc:  denied  { unmount } for  pid=5814 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  275.389610][ T5830] usb 5-1: device descriptor read/64, error -71
[  275.509707][ T5830] usb usb5-port1: attempt power cycle
[  275.541918][ T5896] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  275.567295][ T5896] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  275.820250][ T5896] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  275.841473][ T5896] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -61
[  275.860564][ T5830] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[  275.900653][   T29] audit: type=1400 audit(1738321331.021:553): avc:  denied  { map } for  pid=8842 comm="syz.3.821" path="socket:[21454]" dev="sockfs" ino=21454 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  276.378807][   T29] audit: type=1400 audit(1738321331.021:554): avc:  denied  { read accept } for  pid=8842 comm="syz.3.821" path="socket:[21454]" dev="sockfs" ino=21454 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  276.384692][ T5830] usb 5-1: device descriptor read/8, error -71
[  276.417443][   T29] audit: type=1800 audit(1738321331.491:555): pid=8851 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.822" name="bus" dev="tmpfs" ino=447 res=0 errno=0
[  276.689650][ T5830] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[  276.763100][ T8858] netlink: 8 bytes leftover after parsing attributes in process `syz.3.823'.
[  276.772064][ T8858] openvswitch: netlink: Flow actions attr not present in new flow.
[  277.407261][ T8822] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  277.686970][    T8] usb 7-1: USB disconnect, device number 9
[  277.730634][ T5830] usb 5-1: device descriptor read/8, error -71
[  277.749588][ T5896] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  277.839916][ T5830] usb usb5-port1: unable to enumerate USB device
[  277.884244][ T8862] lo speed is unknown, defaulting to 1000
[  277.947580][ T5896] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  278.020648][   T29] audit: type=1400 audit(1738321333.101:556): avc:  denied  { setopt } for  pid=8876 comm="syz.4.830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  278.087259][ T5896] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  278.105357][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  278.114479][ T5896] usb 2-1: SerialNumber: syz
[  278.662111][ T8889] qnx6: unable to read the first superblock
[  278.845143][   T29] audit: type=1326 audit(1738321333.961:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  278.868360][    C1] vkms_vblank_simulate: vblank timer overrun
[  279.804874][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  279.804914][   T29] audit: type=1326 audit(1738321334.929:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f392238eb74 code=0x7ffc0000
[  279.834269][    C1] vkms_vblank_simulate: vblank timer overrun
[  279.840532][ T5896] cdc_ether 2-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[  279.926174][ T8895] ieee802154 phy0 wpan0: encryption failed: -22
[  279.974327][   T29] audit: type=1326 audit(1738321334.989:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f392238eb74 code=0x7ffc0000
[  279.981245][ T5896] usb 2-1: USB disconnect, device number 24
[  280.008958][   T29] audit: type=1326 audit(1738321335.019:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f392238ba0a code=0x7ffc0000
[  280.032002][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.279745][   T29] audit: type=1326 audit(1738321335.029:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  280.283728][ T5896] cdc_ether 2-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[  280.302997][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.409603][   T29] audit: type=1326 audit(1738321335.039:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  280.432820][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.477834][   T29] audit: type=1400 audit(1738321335.049:591): avc:  denied  { write } for  pid=8872 comm="syz.6.829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  280.493275][ T8910] 9pnet_fd: Insufficient options for proto=fd
[  280.509698][ T2150] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  280.544202][   T29] audit: type=1326 audit(1738321335.069:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  280.567325][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.640092][ T8919] netlink: 8 bytes leftover after parsing attributes in process `syz.3.838'.
[  280.648902][ T8919] openvswitch: netlink: Flow actions attr not present in new flow.
[  280.702728][ T2150] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  280.713232][ T2150] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.798131][   T29] audit: type=1326 audit(1738321335.069:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  280.852714][ T2150] usb 6-1: config 0 descriptor??
[  280.967376][   T29] audit: type=1326 audit(1738321335.069:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  280.991854][ T5822] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  281.137843][   T29] audit: type=1326 audit(1738321335.069:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8891 comm="syz.4.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392238cda9 code=0x7ffc0000
[  281.186796][ T8925] input: syz1 as /devices/virtual/input/input15
[  281.189617][ T5822] usb 7-1: Using ep0 maxpacket: 16
[  281.219035][ T5822] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  281.232513][ T8929] tipc: Trying to set illegal importance in message
[  281.242183][ T5822] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  281.255271][ T5822] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  281.271925][ T5822] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  281.306777][ T5822] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.333349][ T5822] usb 7-1: Product: syz
[  281.344206][ T5822] usb 7-1: Manufacturer: syz
[  281.426390][ T5822] usb 7-1: SerialNumber: syz
[  281.877007][ T5822] usb 7-1: 0:2 : does not exist
[  281.959963][ T2150] ath6kl: Failed to submit usb control message: -110
[  281.979653][ T2150] ath6kl: unable to send the bmi data to the device: -110
[  281.986875][ T2150] ath6kl: Unable to send get target info: -110
[  282.077860][ T2150] ath6kl: Failed to init ath6kl core: -110
[  282.093227][ T2150] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -110
[  283.005742][ T5833] Bluetooth: hci5: command 0x0406 tx timeout
[  283.247024][ T5896] usb 6-1: USB disconnect, device number 13
[  283.511230][ T5818] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  283.521357][ T5818] CPU: 1 UID: 0 PID: 5818 Comm: kworker/u9:2 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  283.521384][ T5818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  283.521397][ T5818] Workqueue: hci5 hci_rx_work
[  283.521426][ T5818] Call Trace:
[  283.521431][ T5818]  <TASK>
[  283.521438][ T5818]  dump_stack_lvl+0x16c/0x1f0
[  283.521460][ T5818]  sysfs_warn_dup+0x7f/0xa0
[  283.521485][ T5818]  sysfs_create_dir_ns+0x24d/0x2b0
[  283.521510][ T5818]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  283.521537][ T5818]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  283.521555][ T5818]  ? kobject_add_internal+0x12d/0x990
[  283.521580][ T5818]  ? do_raw_spin_unlock+0x172/0x230
[  283.521600][ T5818]  kobject_add_internal+0x2c8/0x990
[  283.521626][ T5818]  kobject_add+0x16f/0x240
[  283.521655][ T5818]  ? __pfx_kobject_add+0x10/0x10
[  283.521674][ T5818]  ? class_to_subsys+0x3e/0x160
[  283.521700][ T5818]  ? do_raw_spin_unlock+0x172/0x230
[  283.521718][ T5818]  ? kobject_put+0xab/0x5a0
[  283.521747][ T5818]  device_add+0x289/0x1a70
[  283.521770][ T5818]  ? __pfx_dev_set_name+0x10/0x10
[  283.521796][ T5818]  ? __pfx_device_add+0x10/0x10
[  283.521819][ T5818]  ? mgmt_send_event_skb+0x2f2/0x460
[  283.521847][ T5818]  hci_conn_add_sysfs+0x17e/0x230
[  283.521873][ T5818]  le_conn_complete_evt+0x107f/0x1da0
[  283.521899][ T5818]  ? __pfx_lock_release+0x10/0x10
[  283.521923][ T5818]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  283.521945][ T5818]  ? __mutex_lock+0x1cc/0xb10
[  283.521973][ T5818]  hci_le_conn_complete_evt+0x23c/0x370
[  283.522001][ T5818]  hci_le_meta_evt+0x2e2/0x5d0
[  283.522023][ T5818]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  283.522049][ T5818]  hci_event_packet+0x666/0x1180
[  283.522068][ T5818]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  283.522091][ T5818]  ? __pfx_hci_event_packet+0x10/0x10
[  283.522112][ T5818]  ? mark_held_locks+0x9f/0xe0
[  283.522137][ T5818]  ? kcov_remote_start+0x3cf/0x6e0
[  283.522163][ T5818]  ? lockdep_hardirqs_on+0x7c/0x110
[  283.522198][ T5818]  hci_rx_work+0x2c5/0x16b0
[  283.522221][ T5818]  ? process_one_work+0x921/0x1ba0
[  283.522249][ T5818]  process_one_work+0x9c5/0x1ba0
[  283.522282][ T5818]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  283.522308][ T5818]  ? __pfx_process_one_work+0x10/0x10
[  283.522343][ T5818]  ? assign_work+0x1a0/0x250
[  283.522366][ T5818]  worker_thread+0x6c8/0xf00
[  283.522398][ T5818]  ? __kthread_parkme+0x148/0x220
[  283.522416][ T5818]  ? __pfx_worker_thread+0x10/0x10
[  283.522440][ T5818]  kthread+0x3af/0x750
[  283.522461][ T5818]  ? __pfx_kthread+0x10/0x10
[  283.522481][ T5818]  ? lock_acquire+0x2f/0xb0
[  283.522507][ T5818]  ? __pfx_kthread+0x10/0x10
[  283.522529][ T5818]  ret_from_fork+0x45/0x80
[  283.522550][ T5818]  ? __pfx_kthread+0x10/0x10
[  283.522571][ T5818]  ret_from_fork_asm+0x1a/0x30
[  283.522601][ T5818]  </TASK>
[  283.522651][ T5818] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  283.806463][ T5818] Bluetooth: hci5: failed to register connection device
[  283.820286][ T5822] usb 7-1: 1:0: failed to get current value for ch 0 (-22)
[  283.890540][ T5822] usb 7-1: USB disconnect, device number 10
[  284.239053][ T8978] IPv6: sit1: Disabled Multicast RS
[  284.430544][ T5932] udevd[5932]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  285.108619][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  285.108636][   T29] audit: type=1400 audit(1738321340.229:609): avc:  denied  { write } for  pid=8985 comm="syz.1.852" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  285.228575][ T8991] netlink: 24 bytes leftover after parsing attributes in process `syz.3.854'.
[  285.419778][ T2150] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  285.715342][ T8998] netlink: 4 bytes leftover after parsing attributes in process `syz.6.856'.
[  285.809627][ T2150] usb 2-1: Using ep0 maxpacket: 16
[  286.137042][ T2150] usb 2-1: config 0 has an invalid interface number: 62 but max is 0
[  286.213476][ T2150] usb 2-1: config 0 has no interface number 0
[  286.331514][ T2150] usb 2-1: New USB device found, idVendor=0421, idProduct=0492, bcdDevice=57.f1
[  286.386846][ T2150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.390063][ T9008] netlink: 20 bytes leftover after parsing attributes in process `syz.4.857'.
[  286.400032][ T2150] usb 2-1: config 0 descriptor??
[  286.408582][ T9008] netlink: 20 bytes leftover after parsing attributes in process `syz.4.857'.
[  286.718132][ T2150] usb-storage 2-1:0.62: USB Mass Storage device detected
[  286.760206][ T2150] usb-storage 2-1:0.62: Quirks match for vid 0421 pid 0492: 400
[  287.059648][   T29] audit: type=1400 audit(1738321342.179:610): avc:  denied  { ioctl } for  pid=8985 comm="syz.1.852" path="/dev/usbmon0" dev="devtmpfs" ino=716 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  287.156598][  T971] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  287.205205][ T8986] program syz.1.852 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.226859][ T5822] usb 2-1: USB disconnect, device number 25
[  287.419654][  T971] usb 4-1: Using ep0 maxpacket: 16
[  287.426320][  T971] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  287.435774][  T971] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  287.446201][  T971] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  287.457290][  T971] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  287.466583][  T971] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.474625][  T971] usb 4-1: Product: syz
[  287.478975][  T971] usb 4-1: Manufacturer: syz
[  287.490576][  T971] usb 4-1: SerialNumber: syz
[  287.609577][ T2150] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  288.319634][ T2150] usb 7-1: Using ep0 maxpacket: 16
[  288.326600][ T2150] usb 7-1: config 0 has an invalid interface number: 105 but max is 0
[  288.339843][ T2150] usb 7-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  288.354385][  T971] usb 4-1: 0:2 : does not exist
[  288.358588][ T2150] usb 7-1: config 0 has no interface number 0
[  288.378267][ T2150] usb 7-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  288.388151][ T2150] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.681274][ T2150] usb 7-1: Product: syz
[  288.685476][ T2150] usb 7-1: Manufacturer: syz
[  288.691354][ T2150] usb 7-1: SerialNumber: syz
[  288.702814][ T2150] usb 7-1: config 0 descriptor??
[  288.951996][ T2150] usb 7-1: Found UVC 0.00 device syz (046d:08d3)
[  288.980200][ T2150] usb 7-1: No valid video chain found.
[  289.013879][ T2150] usb 7-1: USB disconnect, device number 11
[  289.335252][   T29] audit: type=1400 audit(1738321344.429:611): avc:  denied  { write } for  pid=9042 comm="syz.5.867" path="socket:[22969]" dev="sockfs" ino=22969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  289.806478][  T971] usb 4-1: 1:0: failed to get current value for ch 0 (-22)
[  289.841979][  T971] usb 4-1: USB disconnect, device number 26
[  290.028062][ T9056] netlink: 8 bytes leftover after parsing attributes in process `syz.5.869'.
[  290.037075][ T9056] openvswitch: netlink: Flow actions attr not present in new flow.
[  290.291591][ T5818] Bluetooth: hci5: command 0x0406 tx timeout
[  290.720380][ T5932] udevd[5932]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  293.502746][   T29] audit: type=1800 audit(2000000003.820:612): pid=9084 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.877" name="bus" dev="tmpfs" ino=529 res=0 errno=0
[  294.319657][ T5822] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  294.506076][   T29] audit: type=1400 audit(2000000004.850:613): avc:  denied  { bind } for  pid=9095 comm="syz.1.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  294.548598][ T9097] netlink: 'syz.1.880': attribute type 21 has an invalid length.
[  294.556745][ T5822] usb 6-1: Using ep0 maxpacket: 32
[  294.580878][ T9097] netlink: 156 bytes leftover after parsing attributes in process `syz.1.880'.
[  294.596198][ T5822] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  294.624852][ T5822] usb 6-1: config 0 has no interface number 0
[  294.627155][ T9097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.880'.
[  294.646826][ T5822] usb 6-1: config 0 interface 184 has no altsetting 0
[  294.656979][ T5822] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  294.666125][ T5822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.666147][ T5822] usb 6-1: Product: syz
[  294.666161][ T5822] usb 6-1: Manufacturer: syz
[  294.666173][ T5822] usb 6-1: SerialNumber: syz
[  294.670434][ T5822] usb 6-1: config 0 descriptor??
[  294.704799][ T5822] smsc75xx v1.0.0
[  294.708476][ T5822] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  294.725449][ T5822] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -22
[  294.845783][ T9107] fuse: Invalid rootmode
[  294.891725][    T8] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  295.152664][ T5822] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  295.229707][    T8] usb 5-1: Using ep0 maxpacket: 16
[  295.246474][    T8] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  295.269968][    T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  295.536330][ T5822] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  295.589890][    T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  295.596322][ T5822] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  295.616111][ T5822] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  295.621224][    T8] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  295.646338][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.655259][    T8] usb 5-1: Product: syz
[  295.664380][    T8] usb 5-1: Manufacturer: syz
[  295.669062][    T8] usb 5-1: SerialNumber: syz
[  295.672827][ T9120] FAULT_INJECTION: forcing a failure.
[  295.672827][ T9120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.690627][ T5822] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.710461][ T9120] CPU: 1 UID: 0 PID: 9120 Comm: syz.1.888 Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  295.710480][ T9120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  295.710488][ T9120] Call Trace:
[  295.710492][ T9120]  <TASK>
[  295.710498][ T9120]  dump_stack_lvl+0x16c/0x1f0
[  295.710520][ T9120]  should_fail_ex+0x50a/0x650
[  295.710541][ T9120]  _copy_to_user+0x32/0xd0
[  295.710566][ T9120]  simple_read_from_buffer+0xd0/0x160
[  295.710587][ T9120]  proc_fail_nth_read+0x198/0x270
[  295.710604][ T9120]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  295.710622][ T9120]  ? rw_verify_area+0xcf/0x680
[  295.710638][ T9120]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  295.710659][ T9120]  vfs_read+0x1df/0xbf0
[  295.710678][ T9120]  ? __fget_files+0x1fc/0x3a0
[  295.710689][ T9120]  ? __pfx___mutex_lock+0x10/0x10
[  295.710701][ T9120]  ? __pfx_vfs_read+0x10/0x10
[  295.710724][ T9120]  ? __fget_files+0x206/0x3a0
[  295.710740][ T9120]  ksys_read+0x12b/0x250
[  295.710757][ T9120]  ? __pfx_ksys_read+0x10/0x10
[  295.710781][ T9120]  do_syscall_64+0xcd/0x250
[  295.710804][ T9120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.710822][ T9120] RIP: 0033:0x7f6c8578b7bc
[  295.710832][ T9120] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  295.710845][ T9120] RSP: 002b:00007f6c86525030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  295.710857][ T9120] RAX: ffffffffffffffda RBX: 00007f6c859a5fa0 RCX: 00007f6c8578b7bc
[  295.710865][ T9120] RDX: 000000000000000f RSI: 00007f6c865250a0 RDI: 0000000000000006
[  295.710873][ T9120] RBP: 00007f6c86525090 R08: 0000000000000000 R09: 0000000000000000
[  295.710880][ T9120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.710887][ T9120] R13: 0000000000000000 R14: 00007f6c859a5fa0 R15: 00007ffe06e2fd88
[  295.710904][ T9120]  </TASK>
[  295.711616][ T9103] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  296.069507][ T5830] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  296.123341][    T8] usb 5-1: 0:2 : does not exist
[  296.282583][   T30] INFO: task syz.0.315:7058 blocked for more than 143 seconds.
[  296.299556][   T30]       Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  296.322090][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  296.331080][   T30] task:syz.0.315       state:D stack:23024 pid:7058  tgid:7055  ppid:5819   task_flags:0x400140 flags:0x00004004
[  296.345388][ T5830] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  296.356235][ T5830] usb 4-1: New USB device strings: Mfr=223, Product=2, SerialNumber=3
[  296.357211][ T5830] usb 4-1: Product: syz
[  296.357228][ T5830] usb 4-1: Manufacturer: syz
[  296.357243][ T5830] usb 4-1: SerialNumber: syz
[  296.368199][ T5830] usb 4-1: config 0 descriptor??
[  296.370155][ T5830] ch341 4-1:0.0: ch341-uart converter detected
[  296.376780][   T30] Call Trace:
[  296.376795][   T30]  <TASK>
[  296.376802][   T30]  __schedule+0xf43/0x5890
[  296.376821][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  296.376843][   T30]  ? __pfx___schedule+0x10/0x10
[  296.376876][   T30]  ? schedule+0x298/0x350
[  296.376889][   T30]  ? __pfx_lock_release+0x10/0x10
[  296.376904][   T30]  ? lock_acquire+0x2f/0xb0
[  296.376916][   T30]  ? schedule+0x1fd/0x350
[  296.376929][   T30]  schedule+0xe7/0x350
[  296.376943][   T30]  schedule_timeout+0x244/0x280
[  296.376955][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  296.376971][   T30]  ? mark_held_locks+0x9f/0xe0
[  296.376983][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  296.377014][   T30]  __wait_for_common+0x3e1/0x600
[  296.377029][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  296.377043][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  296.377059][   T30]  ? ib_cq_pool_cleanup+0x220/0x360
[  296.377074][   T30]  disable_device+0x170/0x280
[  296.377086][   T30]  ? __pfx_disable_device+0x10/0x10
[  296.377101][   T30]  __ib_unregister_device+0x2b4/0x480
[  296.377112][   T30]  ? __pfx_ib_device_get_by_index+0x10/0x10
[  296.377127][   T30]  ib_unregister_device_and_put+0x5a/0x80
[  296.377155][   T30]  nldev_dellink+0x211/0x300
[  296.377165][   T30]  ? __pfx_nldev_dellink+0x10/0x10
[  296.377204][   T30]  ? cap_capable+0xb3/0x250
[  296.377217][   T30]  ? bpf_lsm_capable+0x9/0x10
[  296.377229][   T30]  ? security_capable+0x7e/0x260
[  296.377240][   T30]  ? ns_capable+0xd7/0x110
[  296.377254][   T30]  ? __pfx_nldev_dellink+0x10/0x10
[  296.377264][   T30]  rdma_nl_rcv_msg+0x388/0x6e0
[  296.377290][   T30]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  296.377300][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  296.377313][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  296.377325][   T30]  ? hlock_class+0x4e/0x130
[  296.377334][   T30]  ? __lock_acquire+0xcc5/0x3c40
[  296.377349][   T30]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2e6/0x450
[  296.377361][   T30]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  296.377378][   T30]  ? netlink_deliver_tap+0x1ae/0xd30
[  296.377391][   T30]  netlink_unicast+0x53c/0x7f0
[  296.377404][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  296.377434][   T30]  netlink_sendmsg+0x8b8/0xd70
[  296.377452][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.377480][   T30]  ____sys_sendmsg+0xaaf/0xc90
[  296.377506][   T30]  ? copy_msghdr_from_user+0x10b/0x160
[  296.379603][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.379630][   T30]  ___sys_sendmsg+0x135/0x1e0
[  296.379643][   T30]  ? __pfx____sys_sendmsg+0x10/0x10
[  296.379672][   T30]  ? __pfx_lock_release+0x10/0x10
[  296.379695][   T30]  ? trace_lock_acquire+0x14e/0x1f0
[  296.380800][   T30]  ? __fget_files+0x206/0x3a0
[  296.383005][   T30]  __sys_sendmsg+0x16e/0x220
[  296.383237][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.384098][   T30]  ? __x64_sys_futex+0x1e1/0x4c0
[  296.386313][   T30]  do_syscall_64+0xcd/0x250
[  296.386341][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.386364][   T30] RIP: 0033:0x7f5f10d8cda9
[  296.386379][   T30] RSP: 002b:00007f5f11c23038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.386908][   T30] RAX: ffffffffffffffda RBX: 00007f5f10fa5fa0 RCX: 00007f5f10d8cda9
[  296.386915][   T30] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000009
[  296.386921][   T30] RBP: 00007f5f10e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  296.386927][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  296.386934][   T30] R13: 0000000000000000 R14: 00007f5f10fa5fa0 R15: 00007fff279fd158
[  296.386946][   T30]  </TASK>
[  296.387009][   T30] 
[  296.387009][   T30] Showing all locks held in the system:
[  296.387017][   T30] 6 locks held by kworker/0:0/8:
[  296.387023][   T30]  #0: ffff8881442ded48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  296.387053][   T30]  #1: ffffc900000d7d18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  296.387081][   T30]  #2: ffff8881457ba190 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c1/0x4e10
[  296.387106][   T30]  #3: ffff8880459e0190 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.387147][   T30]  #4: ffff88805f882160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.387171][   T30]  #5: ffffffff8fe2d3e8 (register_mutex#6){+.+.}-{4:4}, at: usb_audio_probe+0x4e3/0x3cf0
[  296.387206][   T30] 1 lock held by khungtaskd/30:
[  296.387212][   T30]  #0: ffffffff8e1bcb80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[  296.387280][   T30] 4 locks held by kworker/u8:7/3832:
[  296.387287][   T30]  #0: ffff88801beeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  296.387314][   T30]  #1: ffffc9000da77d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  296.387340][   T30]  #2: ffffffff8fedd8d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xbf0
[  296.387366][   T30]  #3: ffff88801cba46c0 (&device->unregistration_lock){+.+.}-{4:4}, at: rdma_dev_change_netns+0x30/0x320
[  296.396154][   T30] 1 lock held by klogd/5181:
[  296.396169][   T30] 2 locks held by getty/5578:
[  296.396179][   T30]  #0: ffff8880372e10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  296.396262][   T30]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[  296.396318][   T30] 6 locks held by kworker/1:4/5822:
[  296.396328][   T30]  #0: ffff8881442ded48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  296.396404][   T30]  #1: ffffc9000218fd18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  296.396449][   T30]  #2: ffff8881457e2190 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c1/0x4e10
[  296.396518][   T30]  #3: ffff8880125b8190 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.396560][   T30]  #4: ffff88805e52d160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.396597][   T30]  #5: ffffffff8fe2d3e8 (register_mutex#6){+.+.}-{4:4}, at: usb_audio_probe+0x4e3/0x3cf0
[  296.396674][   T30] 4 locks held by udevd/5826:
[  296.396683][   T30]  #0: ffff888027770b08 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0
[  296.396732][   T30]  #1: ffff88805fa03088 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  296.396806][   T30]  #2: ffff888063bc7008 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  296.396857][   T30]  #3: ffff8880125b8190 (&dev->mutex){....}-{4:4}, at: uevent_show+0x188/0x3b0
[  296.396967][   T30] 6 locks held by kworker/0:3/5830:
[  296.396978][   T30]  #0: ffff8881442ded48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  296.397021][   T30]  #1: ffffc90003bcfd18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  296.397091][   T30]  #2: ffff888145762190 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c1/0x4e10
[  296.397130][   T30]  #3: ffff8880132b8190 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.397169][   T30]  #4: ffff88805fab1160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.397233][   T30]  #5: ffff888025642638 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7f/0x4b0
[  296.397279][   T30] 4 locks held by udevd/5932:
[  296.397289][   T30]  #0: ffff88804e5bf9e0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0
[  296.397363][   T30]  #1: ffff88802af50888 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  296.421485][   T30]  #2: ffff8880343d6788 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  296.421558][   T30]  #3: ffff8880459e0190 (&dev->mutex){....}-{4:4}, at: uevent_show+0x188/0x3b0
[  296.421600][   T30] 4 locks held by udevd/6408:
[  296.421610][   T30]  #0: ffff8880277700a0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0
[  296.421682][   T30]  #1: ffff8880121fc488 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  296.421729][   T30]  #2: ffff8880460e30f8 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  296.421905][   T30]  #3: ffff8880132b8190 (&dev->mutex){....}-{4:4}, at: uevent_show+0x188/0x3b0
[  296.421949][   T30] 3 locks held by kworker/u8:10/6939:
[  296.421959][   T30] 2 locks held by syz.0.315/7058:
[  296.421968][   T30]  #0: ffffffff9ac02178 (&rdma_nl_types[idx].sem){.+.+}-{4:4}, at: rdma_nl_rcv_msg+0x16a/0x6e0
[  296.422039][   T30]  #1: ffff88801cba46c0 (&device->unregistration_lock){+.+.}-{4:4}, at: __ib_unregister_device+0x23b/0x480
[  296.422087][   T30] 2 locks held by syz.2.414/7412:
[  296.422096][   T30]  #0: ffffffff8fedd8d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x292/0x6c0
[  296.422173][   T30]  #1: ffff88801cba46c0 (&device->unregistration_lock){+.+.}-{4:4}, at: rdma_dev_change_netns+0x30/0x320
[  296.422221][   T30] 4 locks held by syz.6.884/9103:
[  296.422232][   T30] 3 locks held by syz.6.884/9129:
[  296.427998][   T30] 
[  296.428007][   T30] =============================================
[  296.428007][   T30] 
[  296.428015][   T30] NMI backtrace for cpu 0
[  296.428024][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  296.428042][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  296.428051][   T30] Call Trace:
[  296.428056][   T30]  <TASK>
[  296.428061][   T30]  dump_stack_lvl+0x116/0x1f0
[  296.428076][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  296.428093][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  296.428106][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  296.428118][   T30]  watchdog+0xf62/0x12b0
[  296.428135][   T30]  ? __pfx_watchdog+0x10/0x10
[  296.428146][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  296.428160][   T30]  ? __kthread_parkme+0x148/0x220
[  296.428170][   T30]  ? __pfx_watchdog+0x10/0x10
[  296.428183][   T30]  kthread+0x3af/0x750
[  296.428194][   T30]  ? __pfx_kthread+0x10/0x10
[  296.428206][   T30]  ? __pfx_kthread+0x10/0x10
[  296.428216][   T30]  ret_from_fork+0x45/0x80
[  296.428227][   T30]  ? __pfx_kthread+0x10/0x10
[  296.428237][   T30]  ret_from_fork_asm+0x1a/0x30
[  296.428252][   T30]  </TASK>
[  296.428271][   T30] Sending NMI from CPU 0 to CPUs 1:
[  296.428297][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20
[  296.434144][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  296.434157][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-09522-gd3d90cc2891c #0
[  296.434180][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  296.434191][   T30] Call Trace:
[  296.434196][   T30]  <TASK>
[  296.434203][   T30]  dump_stack_lvl+0x3d/0x1f0
[  296.434225][   T30]  panic+0x71d/0x800
[  296.434246][   T30]  ? __pfx_panic+0x10/0x10
[  296.434264][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  296.434290][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  296.434313][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  296.434336][   T30]  ? watchdog+0xdcc/0x12b0
[  296.434361][   T30]  ? watchdog+0xdbf/0x12b0
[  296.434386][   T30]  watchdog+0xddd/0x12b0
[  296.434413][   T30]  ? __pfx_watchdog+0x10/0x10
[  296.434433][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  296.434458][   T30]  ? __kthread_parkme+0x148/0x220
[  296.434474][   T30]  ? __pfx_watchdog+0x10/0x10
[  296.434497][   T30]  kthread+0x3af/0x750
[  296.434515][   T30]  ? __pfx_kthread+0x10/0x10
[  296.434536][   T30]  ? __pfx_kthread+0x10/0x10
[  296.434555][   T30]  ret_from_fork+0x45/0x80
[  296.434575][   T30]  ? __pfx_kthread+0x10/0x10
[  296.434593][   T30]  ret_from_fork_asm+0x1a/0x30
[  296.434618][   T30]  </TASK>
[  296.434819][   T30] Kernel Offset: disabled